Please aid me in my quest to become more marketable upon graduation

MasterBullfrogMasterBullfrog Member Posts: 28 ■□□□□□□□□□
I posted here about a month ago about a forensics certification that I was taking which my school Cal Poly Pomona offers.

I'm scheduled to take the exam next week but am posting again because I've somewhat deviated from my last conclusion:

I have roughly 1 year from now until graduation; I understand that I won't be able to get all of these within that time frame but I was wondering if you guys think these would be a good combo for someone interested in the Security/Forensics field:

SSCP, CCE, EnCE, and CFHI...

Any thoughts? If possible, which should I attempt first?

Speaking of which, I should probably go back and check up on exam requirements...

Aside from this, while not in class I've been reading a few books and trying to brush up on skills. I've picked up Hacking - The Art of Exploitation to get more of a feel for the blackhat arena; as of now I'm planning to become better with Java and Python, also taking Sql courses and decided to delve deeper into Linux.

Is there anything else you guys would suggest I place my sights on? Don't want to do this the wrong way and come out as a skid.

Comments

  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    Your school will provide you with some kind of forensics certification. Rather than get hung up on obtaining more paper I would divert that time and energy into looking for a decent job opportunity for when you graduate and getting involved in the forensic community so you start to appreciate what the real work actual involves. This will help you in interview.
  • MasterBullfrogMasterBullfrog Member Posts: 28 ■□□□□□□□□□
    Turgon wrote: »
    Your school will provide you with some kind of forensics certification. Rather than get hung up on obtaining more paper I would divert that time and energy into looking for a decent job opportunity for when you graduate and getting involved in the forensic community so you start to appreciate what the real work actual involves. This will help you in interview.

    So I should refrain from acquiring any of the above mentioned certificates for now? There are tons of guys getting that school cert at the moment, not really any way to differentiate us...
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    All of the certs you were interested in require experience other than the EnCe which I believe requires you to attend a class. Believe it or not an A+ and a certification in the operating system you are interested in are a good idea (from what I have heard.)

    Have you looked at ForensicFocus.com and EthicalHacker.net?
  • mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    not really any way to differentiate us...
    Academics, Internships, and/or experience (work, independent study, projects, lab work, etc) is what our recruiters look for first when doing campus recruiting.

    Then certifications (willingness to go beyond the minimum) and participation in non-academic school pursuits (social skills, plays well with others, possible leadership abilities, well rounded individual, etc) help sort those candidates.

    Then for the students who made the cut, the interview gauntlet determines who (if anyone) gets the offer(s).
    :mike: Cisco Certifications -- Collect the Entire Set!
  • MentholMooseMentholMoose Member Posts: 1,525 ■■■■■■■■□□
    A lot of good advice so far. I'm a CPP alum, so I can give some specifics that may be helpful. Of course, it's been a few years since I was there, so things may be different now. icon_cool.gif

    Do you have a job now? If not, get one immediately, doing something IT related. There are IT jobs on campus available to students. The many computer labs around campus (CLA building, CLASS building) employ students. Also, CLASS hires students to support their smart classrooms. Work on your resume and submit a application when a position opens up. You can get help with your resume at the career center for free, and you can ask them to help you with the application, too. If they still require you to submit it on paper, make sure to type it (never submit a handwritten application).

    These jobs vary in responsibility... you can be a warm body checking print cards, or you can be in charge of managing the lab servers and desktops (though maybe I&IT has taken that over by now). It's up to you to some extent, though there will be some competition. I suggest using the lab resources and getting to know the student employees. I was working in one of those labs and when a position opened up, the "regulars" were the first to know about it and had the first shot (and often got the job).

    Besides CLASS and computer labs, there is the help desk. It is staffed with student employees. Yet another option is I&IT. They hire students for various IT jobs. AFAIK they have few openings so it will be the hardest to get into, but it's the best experience. I believe some of the current I&IT staff are former student employees (same for the CLASS IT staff, for that matter). Also, when I was a student, I&IT had a program called "Title V" which had student employees doing actual security work on campus. There were few opening and I don't think they were even advertised anywhere, so they were thus hard to get.

    Besides job hunting, network with faculty. The CIS department does a lot of events, so go to every one. Some of them cost a few bucks or are boring, but go anyway, and talk to faculty members. Get to know them and add them on LinkedIn if possible. When I was a student, Dr. Manson was arranging a lot of interesting security-related events. He was also working with Mt. SAC faculty, and I believe helping them with their security-focused CIS track. Mt. SAC actually has a great security program, consisting of certificates and an AS degree, so it might be worth checking out. They have even fielded teams to national cyber defense competitions (not bad for a community college charging $26/unit). I may be biased since I did this AS degree. :D However, I know for a fact that a lot of CPP students and alum (besides myself) took those classes. You will get great hands on experience, and they have an astonishing amount of equipment in their lab.

    Another networking opportunity is your senior project. You can do something security related, so do a good job and impress people. With networking and (hopefully) some experience at a job on campus, you will be in a good position for getting an internship, though maybe you can skip the internship and find a good job. I did an internship, but it was while I was still a student. Many of my former colleagues at those student jobs got good jobs out of school, with or without an internship. Good luck.
    MentholMoose
    MCSA 2003, LFCS, LFCE (expired), VCP6-DCV
  • MasterBullfrogMasterBullfrog Member Posts: 28 ■□□□□□□□□□
    Thanks for the reply, I'm actually planning on competing in the defense competition next year which is why I'm spending all of my free time reading and practicing thanks to the acquisition of some extra laptops.

    Do you know any specifics on the certifications that Mt.Sac offers? I'm thinking about driving over there tomorrow just to find out. Anything in specific you think I should focus my reading on?
  • MentholMooseMentholMoose Member Posts: 1,525 ■■■■■■■■□□
    Thanks for the reply, I'm actually planning on competing in the defense competition next year which is why I'm spending all of my free time reading and practicing thanks to the acquisition of some extra laptops.

    Do you know any specifics on the certifications that Mt.Sac offers? I'm thinking about driving over there tomorrow just to find out. Anything in specific you think I should focus my reading on?
    The certificates are all detailed in their catalog (see section 7):
    College Catalog - Mt. San Antonio College

    However, by all means go talk to some professors. Every professor I had there was knowledgeable and friendly, and very willing to help students. Most of them also work in the field, mostly doing consulting, so they can provide useful guidance. I think you'd be most interested in this certificate:
    CIS Professional Certificate in Network Security
    This curriculum is designed for returning CIS professionals with several years of experience or current students who have completed several CIS courses. This program is aimed to help students develop skills to design, implement, and maintain secured networks. The courses examine Firewall and VPN in various environments and platforms, use network protocol analyzing technology as a security tool to protect the networks from attacks, and illustrate network vulnerabilities from a hacker’s perspective. This program will prepare students to explain fundamental concepts of network security, identify network vulnerabilities and attacks, and use various protocol analyzers to detect network attack and troubleshoot network problems. Individual courses may assist students in preparing for related industry certification exams.
    I don't know if having these certificates on your resume will help much, but they really are good courses. It's a community college so there is tons of hands on. I took the IDS course in 2004, and I thought it was really good. There was a heavy emphasis on packet analysis with Wireshark (Ethereal at the time). We setup Snort with Acid on LAMP (no pre-built stuff at the time) and wrote signatures/rules from analyzing packet traces. I was already somewhat knowledgeable with Wireshark, but the course still helped, and this has been a very valuable skill to me even though I don't work in the security field.

    There are a lot of other certificates, but you should focus on the courses that are in the Network Administration and Security Management AS degree. Every core course in that has a security emphasis. Of course being a community college, it is partly up to you to get the most out of the courses. You can put in minimal effort and still pass (open book exams are the norm), but that is just a waste of time. Put in the effort and you will learn a lot.
    MentholMoose
    MCSA 2003, LFCS, LFCE (expired), VCP6-DCV
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    So I should refrain from acquiring any of the above mentioned certificates for now? There are tons of guys getting that school cert at the moment, not really any way to differentiate us...

    Millions of people have certification exams. You lack experience so run the risk of being overqualified. If you really want to maybe take one of those you listed out so you demonstrate intent to anyone who cares about certs, but I think if you really want to stand out you need to get some exposure to the realties of what this sort of work involves.

    When I interview someone I want to know what they can do, and what they could do. Often that is determined by what they have actually done.
  • NetworkingStudentNetworkingStudent Member Posts: 1,407 ■■■■■■■■□□
    The A+ helps provide the basic background in computer repair. The Windows 7 70-680 operating system certification would help you give an overall understanding of an operating system. I think these certifications would help build a good foundation. However, I wouldn’t get to cert hungry, because at the end of the day experience is what matters the most.

    I suggest volunteering using your computer or IT knowledge.
    Also, have you thought of joining any type of user groups? I listed some below that I believe have a good focus for students interested in IT security.
    Main Page - OWASP Oswap doesn’t require membership to go to the meetings
    https://www.issa.org/
    Check the issa site and click on membership types they have memberships for students.

    PS-Also, don’t be so focused on what everyone else is doing, but focus on what everyone else isn’t doing. You need to differentiate yourself from others so that you stand out when you submit your resume.

    Good Luck
    When one door closes, another opens; but we often look so long and so regretfully upon the closed door that we do not see the one which has opened."

    --Alexander Graham Bell,
    American inventor
Sign In or Register to comment.