Certification path advice ? pls i'm a newbie

hi
i'm an undergraduate student & i planning of going for IS security

i luv using ubuntu, php, javascript .
i don't feel like taking Microsoft or Cisco certificate paths.
what certification should i start with?

here is what i think of
Linux+/LPIC-1 >>> security+ >>> Then just straight to CEH ?
OR
any suggestion between security+ & CEH?
OR
If I go other paths, which paths should i take?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

Psoasman

I think you would be limiting yourself by not taking any Cisco or Microsoft certs. It helps to understand what and why networks work before you can secure them.

Jay The Hacker

hey thanks for the advice, Psoas.

yeah i shouldn't limit myself. well, if i go for networking , i'm a bit into Linux (may be CCNA/RHCSA) i might learn new things. but no microsoft.

i really like the GIAC certs too ><
(GISF, GSEC & GWAPT)
are they too expensive ??

Bl8ckr0uter

I think as long as you don't limit your studies you will be "fine". HOWEVER since the vast majority of jobs use MS or Cisco, your job prospects might not be as great if you limit yourself to doing LPIC and CEH. With that said:

For a pentester, you need to have a wide variety of knowledge and skillsets. As a wannabe one day, I know that I may never get a MS cert but I will pick up the Windows Internals book and learn as much as I can. Why? Because being a pentester means knowing how your targets work and making them do what you want. That's why alot of people get some MS certs, Cisco certs and Linux certs before they get into the security specific certs. If you don't want to do that, then make sure you spend a lot of time in the lab studying and try to find a lucky break (like getting into a security operations center or a jr security analyst). Those jobs exist, but they are few of them.

One thing I like to do is go onto sites like indeed and search for the jobs I want to do (in the future) and read the descriptions to see how I can acclimate myself when my time comes. Just a suggestion.

Cert path:

Pure security:
2-4 year plan
S+
Elearnsecurity course - Student
Maybe SSCP or GSEC
Elearnsecurity course - Pro+ certification
Offensive security certified professional
GPEN - Challenge or take course
GWAPT - Challenge or take course
GWAN - Challenge or take course

How far are you into your undergrad studies? You may want to work on this as you are finishing school so you gcan graduate ahead of your fellow students.

During this time you will need to study Networking (storage, voip, routing and switching and wireless), xSQL, Microsoft and Linux heavily. You don't need to be an expert at everything but you need to know enough to know how to change your attacks for different environments. You will also want to study all of the common (and uncommon) tools CEH would cover. Also you would need to pick up some scripting skills and maybe some development skills. Python/Perl and Powershell would be good.

Also learning the howtos of pentesting would be good. There are multiple frameworks out there that you can/should follow that help manage your pentest. I think the most important things you need is the desire to learn and the guts to try something different.

hiddenknight821

This thread said it all beautifully. I can't disagree since I don't have any valid argument. I'm still new to Information Security.

Jay The Hacker

hi thanks. i really appreciate for your suggestions (and your time , of cos)
u really had made my visions wider.

Now, I can see clearer that -

1) there are 2 job roles in security, offensively (PTs) & defensively (audits & ISSOs)

2) For getting into security fields, i need to have a sound understanding of networks (knowledge of a bit of every NOS), and for cyber security, some web languages.

Jay The Hacker

new plan again

1) php & perl skills
2) Security+
3) CCNA
4) eLearnSecurity: Student
5) eCPPT

if i interested in Offensive more at that time then
6) GWAPT
7) GAWN
Defensive path
6) GCIH
7) CISM

Bl8ckr0uter

Jay The Hacker wrote: »

new plan again
1) php & perl skills
2) Security+
3) CCNA
4) eLearnSecurity: Student
5) eCPPT

if i interested in Offensive more at that time then
6) GWAPT
7) GAWN
Defensive path
6) GCIH
7) CISM

Don't be afraid to mix some "offensive" and "defensive" together, They only compliment each other. Like I am interested in GPEN,GAWN,GCIA and GCFW. Python is a good language to learn as well.