Advice Needed: Solaris And Security

UnixGuyUnixGuy Are we having fun yet?Mod Posts: 4,426 Mod
Hey guys, I am an old reader and newly registered :)


To be brief,

I have a humble experience in Sun Solaris, and there's a security certification in Solaris SCSECA , which I can take anytime soon.

I seek your advice on how to combine Solaris (and Unix in general) experience with security experience ???

and what good is it to have CISSP with Solaris experience ??


I mean, you security guys, do you see it a good combination to have both knowledge ??

of course from Unix Engineering/Design point of view, it's a big plus to have security background. But is there any rewarding specialization there ??

Im thinking of Security+ then CISSP, is this good ? do you have any other suggestiongs??
Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

Check out my YouTube Channel!

Comments

  • sprkymrksprkymrk Member Posts: 4,884 ■■■□□□□□□□
    Hi Unixguy, welcome to the forums. icon_cool.gif

    I don't actually have an answer for you, but thought I'd bump your topic so it doesn't get buried. Sundays can be a little slow. Let's see if Keatron (Security Moderator) or one of the other guys can give you some pointers.
    All things are possible, only believe.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Are you working with Solaris now?

    Security is a critical component of IT. Gaining security knowledge and experience will do nothing but help you.

    The CISSP is a very well-respected cert, and looks great just on it's on. It'll definitely compliment your other certifications. Keep in mind that they have a 5-year experience requirement. You can knock a year off of that with a qualifying certification, like the Security+, and another year with a qualifying degree. The SSCP is something else you may wish to consider; there is only a 1-year requirement for that.

    If you don't have a great deal of security experience, the Security+ is a great place to start. Although, you could probably go right to the Solaris security specialization without too much trouble, given your background.

    It would probably help to give a more complete description of your background and what your ultimate goal is.

    Just out of curiosity, what did you use to prepare for the Solaris certifications? I have the SCSA book by Sanghera. Any other suggestions?
  • shednikshednik Member Posts: 2,005
    dynamik wrote:
    Are you working with Solaris now?

    Security is a critical component of IT. Gaining security knowledge and experience will do nothing but help you.

    The CISSP is a very well-respected cert, and looks great just on it's on. It'll definitely compliment your other certifications. Keep in mind that they have a 5-year experience requirement. You can knock a year off of that with a qualifying certification, like the Security+, and another year with a qualifying degree. The SSCP is something else you may wish to consider; there is only a 1-year requirement for that.

    If you don't have a great deal of security experience, the Security+ is a great place to start. Although, you could probably go right to the Solaris security specialization without too much trouble, given your background.

    It would probably help to give a more complete description of your background and what your ultimate goal is.
    I'd definitely have to agree with dynamik here, unless you have a heavy background with security already I'd start with Security+ and the Sun Security Cert best of luck to you!
    dynamik wrote:
    Just out of curiosity, what did you use to prepare for the Solaris certifications? I have the SCSA book by Sanghera. Any other suggestions?

    Just out of curosity what certification aren't you interested in dynamik icon_wink.gif
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    shednik wrote:
    Just out of curosity what certification aren't you interested in dynamik icon_wink.gif

    Apple. 'bout it icon_lol.gif
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,426 Mod
    sprkymrk wrote:
    Hi Unixguy, welcome to the forums. icon_cool.gif

    I don't actually have an answer for you, but thought I'd bump your topic so it doesn't get buried. Sundays can be a little slow. Let's see if Keatron (Security Moderator) or one of the other guys can give you some pointers.


    Thank you so much man, this is very nice of you. I've read many of Keatron posts and other posts by other members here, and you guys really helped me to make right decisions, and you convinced me to be patient to get work experience :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,426 Mod
    dynamik wrote:
    Are you working with Solaris now?

    Security is a critical component of IT. Gaining security knowledge and experience will do nothing but help you.

    The CISSP is a very well-respected cert, and looks great just on it's on. It'll definitely compliment your other certifications. Keep in mind that they have a 5-year experience requirement. You can knock a year off of that with a qualifying certification, like the Security+, and another year with a qualifying degree. The SSCP is something else you may wish to consider; there is only a 1-year requirement for that.

    If you don't have a great deal of security experience, the Security+ is a great place to start. Although, you could probably go right to the Solaris security specialization without too much trouble, given your background.

    It would probably help to give a more complete description of your background and what your ultimate goal is.

    Just out of curiosity, what did you use to prepare for the Solaris certifications? I have the SCSA book by Sanghera. Any other suggestions?



    Mmm thanks.

    Ok my background, I studied computer engineering in a reputable university, where I took heavy networking and programming courses. I also took Networks security course and computer security course.

    I work with executive partners of Sun Microsystems, as a support engineer for critical environment. what I have is 6 months experience only. However in those 6 months I learned millions of things because there was (and still) too much pressure on me, so I learned things the hard way.

    about the SCSA, the company here gave me trainings, which helped alot. I read paul sanghera and never liked it. I read another book by the author bill calkings and No. Those books are outdated and Sun upated their exams. I recommend the official sun documents (Intermediate System Administration and Advanced Systems administration). Those are the best for both getting certified and facing real life problems. I mean, 90% of real life problems solutions can be found there.


    I heard about the 5 yrs experience requirement of CISSP, but I can easily take sec+ because of university knowledge and my reading. It looks simple. And how can CISSP confirm that I have 5 yrs experience in security ?? should I ask my boss to write this ?


    :)
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,426 Mod
    shednik wrote:
    dynamik wrote:
    Are you working with Solaris now?

    Security is a critical component of IT. Gaining security knowledge and experience will do nothing but help you.

    The CISSP is a very well-respected cert, and looks great just on it's on. It'll definitely compliment your other certifications. Keep in mind that they have a 5-year experience requirement. You can knock a year off of that with a qualifying certification, like the Security+, and another year with a qualifying degree. The SSCP is something else you may wish to consider; there is only a 1-year requirement for that.

    If you don't have a great deal of security experience, the Security+ is a great place to start. Although, you could probably go right to the Solaris security specialization without too much trouble, given your background.

    It would probably help to give a more complete description of your background and what your ultimate goal is.
    I'd definitely have to agree with dynamik here, unless you have a heavy background with security already I'd start with Security+ and the Sun Security Cert best of luck to you!
    dynamik wrote:
    Just out of curiosity, what did you use to prepare for the Solaris certifications? I have the SCSA book by Sanghera. Any other suggestions?

    Just out of curosity what certification aren't you interested in dynamik icon_wink.gif



    I see, thanks. The Solaris security certificate is nothing but how to audit logs, permission policies, and some solaris security features. If you know Solaris you can just read the books and go for the exam. Sun exams aren't tricky if you know your stuff.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • SchluepSchluep Member Posts: 346
    UnixGuy wrote:
    I heard about the 5 yrs experience requirement of CISSP, but I can easily take sec+ because of university knowledge and my reading. It looks simple. And how can CISSP confirm that I have 5 yrs experience in security ?? should I ask my boss to write this ?

    When registering for the exam you are required to identify your experience as well as the Domains of the CISSP CBK that are a part of that experience and include your resume information. After the information you provide is reviewed and determined to be sufficient you can sit for the exam. After passing the exam you will be required to submit an endorsement form where a current (ISC)² credential holder endorses you experience to be true and correct. After passing the exam this information is all subject to audit prior to your being awarded the certification. If audited your employer/employers will likely be contacted and any qualifying degrees/certifications (can waive up to one year for each) will be verified.

    I would assume that you would never ask anyone to write something that is untrue on your behalf, but just in case please be aware that the CISSP is a very highly valued certification in the InfoSec world because it maintains its integrity better than other exams. It does this through the detailed process above of trying to verify work experience and limit the ability of unscrupulous individuals from posting brain **** type information (many versions of written exams and long/detailed questions). If someone did try to **** on their work experience for the CISSP certification the likelihood is far higher that they would be caught and they would be unlikely to hold the CISSP any time soon if that happened.

    You do have the option of becoming an Associate of (ISC)² by registering to take the exam with this intention and providing information regarding the work experience that you do have. Once you meet the work experience requirement you can submit the endorsement form to (ISC)² and would be subject to the audit at that time. Provided that everything checks out your Associate of (ISC)² status would automatically be upgraded to a CISSP certification holder. This is what I did and I am very glad that I took the exam even though I do not have the 5 letters next to my name.

    Since you work heavily with Solaris they would definitely seem like good first steps before going Vendor neutral. Certifications are a way to verify your competence with a given technology, so it only makes sense to certify in things you use on a daily basis and are very comfortable with. Of course vendor neutral exams such as the CompTIA Security+ or CISSP can be good things to look at since there is no specific technology product being tested, but they also will require a wider range of knowledge since it isn't as focused.

    If you have read many of the excellent Keatron posts on this forum you will have noticed he typically recommends Security+ across the board. If you are considering the other exams it should be a very easy one to pass anyway and does count as one of the eligible certifications to waive a year on the work experience requirement for the CISSP exam at this time.
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,426 Mod
    Schluep wrote:
    UnixGuy wrote:
    I heard about the 5 yrs experience requirement of CISSP, but I can easily take sec+ because of university knowledge and my reading. It looks simple. And how can CISSP confirm that I have 5 yrs experience in security ?? should I ask my boss to write this ?

    When registering for the exam you are required to identify your experience as well as the Domains of the CISSP CBK that are a part of that experience and include your resume information. After the information you provide is reviewed and determined to be sufficient you can sit for the exam. After passing the exam you will be required to submit an endorsement form where a current (ISC)² credential holder endorses you experience to be true and correct. After passing the exam this information is all subject to audit prior to your being awarded the certification. If audited your employer/employers will likely be contacted and any qualifying degrees/certifications (can waive up to one year for each) will be verified.

    I would assume that you would never ask anyone to write something that is untrue on your behalf, but just in case please be aware that the CISSP is a very highly valued certification in the InfoSec world because it maintains its integrity better than other exams. It does this through the detailed process above of trying to verify work experience and limit the ability of unscrupulous individuals from posting brain **** type information (many versions of written exams and long/detailed questions). If someone did try to **** on their work experience for the CISSP certification the likelihood is far higher that they would be caught and they would be unlikely to hold the CISSP any time soon if that happened.

    You do have the option of becoming an Associate of (ISC)² by registering to take the exam with this intention and providing information regarding the work experience that you do have. Once you meet the work experience requirement you can submit the endorsement form to (ISC)² and would be subject to the audit at that time. Provided that everything checks out your Associate of (ISC)² status would automatically be upgraded to a CISSP certification holder. This is what I did and I am very glad that I took the exam even though I do not have the 5 letters next to my name.

    Since you work heavily with Solaris they would definitely seem like good first steps before going Vendor neutral. Certifications are a way to verify your competence with a given technology, so it only makes sense to certify in things you use on a daily basis and are very comfortable with. Of course vendor neutral exams such as the CompTIA Security+ or CISSP can be good things to look at since there is no specific technology product being tested, but they also will require a wider range of knowledge since it isn't as focused.

    If you have read many of the excellent Keatron posts on this forum you will have noticed he typically recommends Security+ across the board. If you are considering the other exams it should be a very easy one to pass anyway and does count as one of the eligible certifications to waive a year on the work experience requirement for the CISSP exam at this time.





    Thank you very much for the detailed explanation :)

    Of course I won't ask my boss to write something fraud and he will not do this anyway!

    The thing is, we work on daily basis with many issues and security is among them. This is why I asked whether my boss can verify this.

    I'm interested in Sun itself more, so I thought CISSP would be a great plus to my career. And I thought maybe there's a room in security for people who are specialized in Unix. Because from what I saw so far, many security auditing companies do audit Solaris systems and give wrong recommendation due to lack of knowledge in Solaris and Sun Hardware.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

  • SchluepSchluep Member Posts: 346
    UnixGuy wrote:
    I'm interested in Sun itself more, so I thought CISSP would be a great plus to my career. And I thought maybe there's a room in security for people who are specialized in Unix. Because from what I saw so far, many security auditing companies do audit Solaris systems and give wrong recommendation due to lack of knowledge in Solaris and Sun Hardware.

    Those problems often aren't specific simply to Sun equiptment. A lot of companies generate cookie-cutter reports following a specific plan or testing methodology and referencing it against a list of vulnerabilities. If they are simply auditing and not involved in the configuration at all it will be your companies job (or possible another third party) to determine which vulnerabilities on the report need to be addressed. Some things listed as vulnerabilities may be neccessary for your system to function and others may not be cost efficient to correct depending on the risk or asset value involved.
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,426 Mod
    Schluep wrote:
    UnixGuy wrote:
    I'm interested in Sun itself more, so I thought CISSP would be a great plus to my career. And I thought maybe there's a room in security for people who are specialized in Unix. Because from what I saw so far, many security auditing companies do audit Solaris systems and give wrong recommendation due to lack of knowledge in Solaris and Sun Hardware.

    Those problems often aren't specific simply to Sun equiptment. A lot of companies generate cookie-cutter reports following a specific plan or testing methodology and referencing it against a list of vulnerabilities. If they are simply auditing and not involved in the configuration at all it will be your companies job (or possible another third party) to determine which vulnerabilities on the report need to be addressed. Some things listed as vulnerabilities may be neccessary for your system to function and others may not be cost efficient to correct depending on the risk or asset value involved.


    yes this is what precisely happened couple of days ago. Some auditing companies simply run softwares that reports all open ports. And that other day some ports were used by necessary applications.
    Certs: GSTRT, GPEN, GCFA, CISM, CRISC, RHCE

    Check out my YouTube Channel!

Sign In or Register to comment.