Career move question: Future planning Cisco vs. M$

rogue2shadowrogue2shadow CISSP, GXPN, OSCE, OSCP, OSWP, eMAPT, CEH, CNDA, A+, Network+, Security+Member Posts: 1,501 ■■■■■■■■□□
Hey guys,

I've been thinking for a while now and I'm not really sure what to do.

I have definitely set my heart on Cisco, EC-Council, and (ISC)2 certs (Pen testing looks amazing icon_study.gif). I am going for my second bachelors in Cybersecurity this fall (grad in winter 2011) and in spring, I will end up taking two classes which may map to the 70-640 and 70-642.

I got a couple questions:

Do you guys think I should take a hiatus on Cisco studies and go for the MCITP right after I finish those classes and then go back to CCNP or should I waive the MS stuff until I finish CCNP and CCSP? Would it even be worth it go for the MCITP SA after the NP and SP?

How much study time was involved to make you feel comfortable enough to take each of the CCNP exams? (CCNP holders)

This probably doesn't make a whole lot of sense but I can't stop thinking about this lol.

Comments

  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    Why not do both. I've been seeing network admin jobs lately which want both Cisco and MS and I'm sure It wouldn't hurt you to show you're knowledgable in MS technology.
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    You have the same problem that I do; you want to master everything.

    You need to decide where you want to go and what you want to do. An MCITP or CCNP is not the best route to go if you're a pen tester. I'm not saying that none of the material associated with those matter, it's just not the best use of your time.

    I don't even feel like my CCNA is very useful day-to-day (aside from showing management that I'm "Cisco certified"). I've read books on BCMSN, and I've gone through Routing TCP/IP. It really just doesn't make sense to get certified in that stuff since I don't work with that day-to-day. Again, I've picked up bits and pieces that have absolutely been valuable to me; I'm not trying to dissuade you from learning. You just need to choose you path and decide what you really want to focus on. To be honest, I'm having a difficult time pursuing the CCNA: Security, even though the material is relatively easy for me. I just don't deal with a lot of that on a regular basis.

    As far as pen testing goes, be sure you really enjoy the material at its core. There is a lot of report writing, executive meetings, etc. It seems flashy and glamorous, but there's a lot more to it than that. After a few engagements, a lot of it becomes "routine." You should definitely pursue it if you want to; just don't make it into something that it isn't.
  • TurgonTurgon Banned Posts: 6,313
    dynamik wrote: »
    You have the same problem that I do; you want to master everything.

    You need to decide where you want to go and what you want to do. An MCITP or CCNP is not the best route to go if you're a pen tester. I'm not saying that none of the material associated with those matter, it's just not the best use of your time.

    I don't even feel like my CCNA is very useful day-to-day (aside from showing management that I'm "Cisco certified"). I've read books on BCMSN, and I've gone through Routing TCP/IP. It really just doesn't make sense to get certified in that stuff since I don't work with that day-to-day. Again, I've picked up bits and pieces that have absolutely been valuable to me; I'm not trying to dissuade you from learning. You just need to choose you path and decide what you really want to focus on. To be honest, I'm having a difficult time pursuing the CCNA: Security, even though the material is relatively easy for me. I just don't deal with a lot of that on a regular basis.

    As far as pen testing goes, be sure you really enjoy the material at its core. There is a lot of report writing, executive meetings, etc. It seems flashy and glamorous, but there's a lot more to it than that. After a few engagements, a lot of it becomes "routine." You should definitely pursue it if you want to; just don't make it into something that it isn't.

    Sanity prevails. At last pen testing demystified! Not to disuade anyone from an interest in pen testing but it is not in or of itself a 'career'. Over the course of the last six years pen testing seemed to have assumed the mantle that computer programming obtained some years back, that it was an uber elite thing to become with a road to riches. Pen testing became like that. I imagine because for lots of people it was a new thing that sounded good. Pen testing at it's basic level isn't difficult and as you attest there is much more to security work than fiddling with simple port scan tools or for that matter going the other way and knowing endless minutia about using them.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    dynamik wrote: »
    You have the same problem that I do; you want to master everything.

    I also have that problem. I've come to terms with it and downscaled it quite a bit. But even if you just wanted to be a Microsoft expert is quite the challenge. I don't think anyone can really be a master in every MS area.

    What I do have going for me is that I'm young (21), already have 4 certifications to my name, an A.A.S. degree, a job working in the field, 5 more certifications planned for 2010(7 tests), and I'll start work on my bachelors degree this fall.

    Also, if you couldn't already tell, I am very eager to succeed. I plan to keep chasing down certs for as long as I can and I'm also planning at least a Masters degree.
    Decide what to be and go be it.
  • rogue2shadowrogue2shadow CISSP, GXPN, OSCE, OSCP, OSWP, eMAPT, CEH, CNDA, A+, Network+, Security+ Member Posts: 1,501 ■■■■■■■■□□
    Thanks for the advice guys; I really appreciate it. The reason I wanted to grab the CCNP first, probably a horrible reason, was because it was one test less than the CCSP and I could probably get a cheaper lab setup than for the CCSP. With CCNP, I'd have one pro cert under my belt to grab a real network job to pay for the later setups. I don't think Packet Tracer will cut it post CCNA lol.

    In the end, I would like to do something in the CND analyst or auditor (following the 8700.5m directive) areas and do pen testing/security consulting on the side as a private business at some point.

    Dynamik, I think you're right :). I think I'll just focus on Cisco first then EC-Council, then (ISC)2. My major concern with MS is that I'm sure I could potentially see Windows Server in the future and I just have this preconceived notion that if I "say" I know Windows Server instead of "show" that I am certified to use Win Server that it'll eventually serve as a way to weed me out of a job listing.

    Man, I'm too young to be thinking about all this lol....

  • chrisonechrisone Senior Member Member Posts: 2,012 ■■■■■■■■■□
    I think you should know how a network works first before you delve into penetration testing. A ccna is good but is very basic stuff and there is a lot more to a network than just what is taught in the ccna. I would recommend getting the ccnp and then the cssp before getting into penetration testing. The ccnp will help you a lot in your ccsp studies. Reality is that in the ccsp you will see topics you were suppose to already know that is taught in the ccnp. This is just a logical order of technologies you should know before you do penetration testing.

    As far as work and jobs, penetration testing is probably more considered a secondary added bonus skills set to your routing and switching (ccnp) and security skills (ccsp). Yes plugging security holes is great but they will most likely need you to keep the network running especially if the company has had no known serious threats or attacks. In strongly believe the guy with the ccnp and ccsp will get hired over the guy with just some pen testing certs. Even if the position is a security one i still believe the ccsp holds more value.

    Notice I did not mention anything microsoft until this sentence? Lol!
    Certs: CISSP, OSCP, CRTP, eCPPT, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2020 Goals:
    Courses: VHL (completed), CQURE: Windows Security Crash Course (completed), eLearnSecurity: WAPTv3 (completed), eLearnSecurity: IHRP (completed), eLearnSecurity: PTXv2, BlackHills InfoSec: Breaching the Cloud
    Certs: VHL: Advanced+ (completed), OSCP (completed), AZ-500 (in-progress), MS-500, eLearnSecurity: eWPT, eLearnSecurity: eCIR (in-progress), eLearnSecurity: eCPTXv2
  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    Your classes dealing with MS technology you mentioned taking will probably serve you well in the future, even without M$ certs.
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • rogue2shadowrogue2shadow CISSP, GXPN, OSCE, OSCP, OSWP, eMAPT, CEH, CNDA, A+, Network+, Security+ Member Posts: 1,501 ■■■■■■■■□□
    lol chris. You're exactly right. I've done tons of studying for CCNAS/CCNA/CCENT and CompTIA over the past 9 months and I think once I get a real lab up Ill begin my CCNP studies. Looking at the books I'm going to have to get for the class, I think I might actually do the exams for the hell of it.

    The school is requiring us to buy TestOut for each MS course we take on top of a Wiley or MS press book :P. The TestOut is heavily discounted (thank heaven).

    Earweed: indeed! I've been too lazy to learn server 2008 on my own lol. The CBT Nuggets for the 640 and 642 are great but I've been so caught up in cisco and comptia that I havent had a chance to go back.

  • GamingCrazyGamingCrazy Member Posts: 113
    earweed wrote: »
    Why not do both. I've been seeing network admin jobs lately which want both Cisco and MS and I'm sure It wouldn't hurt you to show you're knowledgable in MS technology.

    She is completely right, my Dad has a MCSE and extensive Voice experience with Cisco. Not only did it secure him a spot with the company, it gave him opportunities to show off his skills that the employer didn't even know he had.

    Voice is where it's at, contract work is everywhere! Become a master contractie and you could be looking at 100k a year :).
  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    I used the testout for the 83-640. Found it to be good in some areas and lacking in others. It helped me mainly better understand Certificate services and group policy. I'm actually trying to get WGU to use testout instead of Microsoft IT Academy for the MS courses. IT Academy would be good except MS doesn't have labs on hardly any of the course modules.
    http://www.techexams.net/forums/mcts-mcitp-windows-2008-general/52768-labsim-mcts-70-640-a.html
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
Sign In or Register to comment.