Q4 2010 / 2011 security cert objectives?

dynamik

My how things change...

I was dead-set on pentesting/reverse-engineering/exploit development a couple weeks ago, and now that I'm in a management role, I couldn't care less. I just ordered my CISM materials, and I may take a stab at the CISSP-ISSAP as well. I'm still considering doing the GCIH and GCIA and ultimately going for the GSE. I haven't been given the details for my training budget yet, and those will greatly depend on how that shakes out.


Edit: I just ordered my ISSAP book. Thanks for the motivation

rogue2shadow

dynamik wrote: »

My how things change...

I was dead-set on pentesting/reverse-engineering/exploit development a couple weeks ago, and now that I'm in a management role, I couldn't care less. I just ordered my CISM materials, and I may take a stab at the CISSP-ISSAP as well. I'm still considering doing the GCIH and GCIA and ultimately going for the GSE. I haven't been given the details for my training budget yet, and those will greatly depend on how that shakes out.


Edit: I just ordered my ISSAP book. Thanks for the motivation

Long time no see! Great update.

badrottie

dynamik wrote: »

My how things change...

I was dead-set on pentesting/reverse-engineering/exploit development a couple weeks ago, and now that I'm in a management role, I couldn't care less. I just ordered my CISM materials, and I may take a stab at the CISSP-ISSAP as well. I'm still considering doing the GCIH and GCIA and ultimately going for the GSE. I haven't been given the details for my training budget yet, and those will greatly depend on how that shakes out.

Edit: I just ordered my ISSAP book. Thanks for the motivation

It is good to see to see someone else pursuing the ISSAP.

My current plans:

Q2/3) CISM (wrote on June 12th, still awaiting examination results)
Q4) Beer++ (The next round of Beer+)

2012:
No fixed quarter, based on exam availability: CISSP-ISSAP
Q2/3) CISA
Q4) Scotch+

down77

Like Dynamik, since changing roles my focus has shifted slightly away from the security studies. Once I complete the CCIP I'm intending to go back and finish the CISSP-ISSAP exam and most likely C|HFI.

I also want to finish reading Security Engineering by Ross Anderson. It's been a decent book so far, but I havent had the time to finish reading!

Bl8ckr0uter

I have changed jobs as well and my path has gotten a bit muddy. I am now focused on R/S, Firewalls (ASAs and palo alto) and wireless. After WCNA, CWNA, CCNP and CWSP, I will take a small break and regroup. It's possible that I just pick up CCDA instead of CCNP and go after a few SANS exams (we use a lot of alternative, non cisco products and I need to make sure that I study the technology and protocols, not just what cisco says). I say that because my company doesn't really have a security person and I am going to have to step up heavily to do what they need me to do. CCNP does have that strong name recognition though. Hmm....

At any rate my number one goal is to be a SME on Network Security, with or without certification.

idr0p

I got my GCIH this month.

July -> GPEN
August -> DEFCON
Sept -> GWAPT
Dec -> CISA
Jan -> Apply for M.S.
Jan -> OSCP
Later -> CCNA for fun

GAME TIME!

down77

idr0p wrote: »

I got my GCIH this month.

July -> GPEN
August -> DEFCON
Sept -> GWAPT
Dec -> CISA
Jan -> Apply for M.S.
Jan -> OSCP
Later -> CCNA for fun

GAME TIME!

Congrats! Was this a self study attempt or did you attend a SANS course?

idr0p

Self Study, from a coworkers books.

docrice

Were these books that your co-worker let you use the official SANS books? Just so you know, that's technically a violation of the Courseware License Agreement as stated in the very beginning of each SANS course binder.

qdog007

Well, I decided that I will specialize in network security monitoring (NSM). I also have a minor interest in pen-testing and malware analysis. Later on, I may be pursue a management path..not sure. So with that in mind, my goals are:

2011 -- GCIH/GCIA and OSCP
2012 - CISSP (yes I will probably need a whole year for this!)

In between, I will also work on my soft skills such as public speaking. I'm looking attend local seminars or join toastmaster for this. That is all.

docrice

Since I started my cert-chasing journey 1.5 years ago, I've altered course on my objectives quite a bit. First it was all about doing the Cisco / Microsoft thing, then I bought into the whole GIAC dream, then it was ... well, you get the picture. The more I learned about existing certifications on this site and the kind of knowledge they could potentially impart, my objectives have shifted a bit.

But as of right now, my wish list of certs are as follows:

• GAWN
• GPEN
• GWAPT
• CWNA
• CWSP
• CCSA
• CCNP Security (just SECURE and FIREWALL)
• CISSP
• OSCP

Most likely I will attempt one ... maybe two of these (tops) by the end of the year as I just started a new job with a rather lengthy commute. It's probably better if I read more non-certification books that focus on specific subject areas rather than "this is what you need to know to pass this exam" type material. That would better help my career than just adding more four-letter acronyms to my name. I'd hate to be that "super-certified-but-doesn't-know-anything" guy.

However, I am very much looking forward to TCP/IP Weapons School 3.0 at USENIX next month.

nicklauscombs

setting myself up to take a big swing at the OSCP next.

idr0p

docrice wrote: »

Were these books that your co-worker let you use the official SANS books? Just so you know, that's technically a violation of the Courseware License Agreement as stated in the very beginning of each SANS course binder.

Counter Hack Reloaded
Hacking Exposed


One of the books is written by the person who does the course but i dont think that is violation as they dont have anything to do with SANs. They do follow the course very well people tell me.

docrice

idr0p wrote: »

Counter Hack Reloaded
Hacking Exposed

One of the books is written by the person who does the course but i dont think that is violation as they dont have anything to do with SANs. They do follow the course very well people tell me.

Oh yeah, that's perfectly acceptable. Counter Hack is actually on my to-buy list.

sb97

I need to finish off my CCNA Security. I want to knock out a GCFW before years end.