Another advice thread..

osJoeosJoe MemberMember Posts: 61 ■■□□□□□□□□
I first would like to say that this forum has been a huge help, and would like to thank everyone for all the info that has been posted and will be posted on here!! :)

I have no job related experience in IT at all. None. I have just been playing around with computers for about 10 years now so I know my way around windows, setting up small networks and securing them. Just the easy stuff anyone that is interested in computers would know.

My main goal is to land a job in the infosec community somewhere. I will be starting my 4 year degree in IT in about 2 months. Thanks to this great website I learned about all these certifications and I'm now a week away from taking my security+ exam.

I would just like to get your opinions on a path that someone in my situation should take or could take to get the ball rolling early on. I understand that some of these exams are expensive and unfortunately I don't have a company that will pay for them.


Quick summary: No experience in IT/InfoSec. Wanting to get into the Infosec field. Starting 4yr Degree in IT soon. Just wondering where I should go after security+, or how to get some experience.

Comments

  • JinuyrJinuyr https://www.linkedin.com/in/francis-nunziata-4a95b624/Member Posts: 251 ■■□□□□□□□□
    Most people will likely ask you for clarification on what you would like to do. Information Security can be a very broad and diverse field. You have chosen a great starting point with the Security+. Most people depending on their expected goal and environment will either pursue MCSA:Security, CCNA:Security, or the SSCP from (ISC)2.

    It may be a good idea to see how well you do with the Security+, find your strengths and interests and proceed from there.

    Good luck!
  • osJoeosJoe Member Member Posts: 61 ■■□□□□□□□□
    Hi, thanks for your time!

    I'd like to start with (ISC)2 but there is no way of doing that without having the necessary work experience and someone who already has the CERT to endorse me?
  • JinuyrJinuyr https://www.linkedin.com/in/francis-nunziata-4a95b624/Member Posts: 251 ■■□□□□□□□□
    You can become an Associate of (ISC)2 by completing either the SSCP or CISSP. You then have 2 and 6 years respectively to obtain the required amount of experience to receive the full certification.

    (ISC)2 also provides endorsement assistance.

    https://www.isc2.org/associates/default.aspx has some great information on how to obtain your Associate of (ISC)2 status. You can also call them and get more information. They are very friendly and helpful over the phone.
  • osJoeosJoe Member Member Posts: 61 ■■□□□□□□□□
    Oh I see. They won't count other certifications or school towards the required experience? I don't plan on leaving my current job to find an IT job now, especially since I have to pay for school and could be out of a job for a long time, so I don't think I'll really be able to get that work experience before the time limit is up icon_confused.gif
  • JinuyrJinuyr https://www.linkedin.com/in/francis-nunziata-4a95b624/Member Posts: 251 ■■□□□□□□□□
    Security+ waives 1 year of the experience required for CISSP. The SSCP can also waive 1 year from the CISSP.
  • osJoeosJoe Member Member Posts: 61 ■■□□□□□□□□
    So I should probably go ahead and get the network+ also and then worry about the SSCP? Also I wouldn't have to become an associate since that one year would be waived? I could just sign up and take the exam?

    Sorry for all the questions!
  • JinuyrJinuyr https://www.linkedin.com/in/francis-nunziata-4a95b624/Member Posts: 251 ■■□□□□□□□□
    You cannot waive the year required for the SSCP, only the CISSP.

    https://www.isc2.org/uploadedFiles/Credentials_and_Certifcation/SSCP/SSCP-for-Practitioners.pdf has more information on the Exam.

    If you are looking to get into Info Sec, Security+ is the best place to start. Network+ will depend on the type of information you need. This exam give you an entry level approach using material that is not vendor specific.

    If you decide to pursue CCNA-Security then the CCENT or CCNA may be a better starting point.

    PS: No need to apologize about asking question. Everyone here is very helpful and I'm just doing my part by paying it forward ^_^
  • osJoeosJoe Member Member Posts: 61 ■■□□□□□□□□
    Oh I read your post wrong then.. Well seeing as I'm only 19 years old I guess I don't have to try to jump into SSCP AND CISSP and can do that after school is finished with and I actually have an IT job. CCNA:Security it is!

    Thanks for all your help.
  • JinuyrJinuyr https://www.linkedin.com/in/francis-nunziata-4a95b624/Member Posts: 251 ■■□□□□□□□□
    Anytime! Welcome to the TE forums by the way (=

    Let me know how the CCNA study goes, I am very interested in the security concentration. I'm doing HP ProCurve networking certifications at the moment.
  • osJoeosJoe Member Member Posts: 61 ■■□□□□□□□□
    Jinuyr wrote: »
    Anytime! Welcome to the TE forums by the way (=

    Let me know how the CCNA study goes, I am very interested in the security concentration. I'm doing HP ProCurve networking certifications at the moment.

    Will do! Sounds interesting..
  • nicklauscombsnicklauscombs coffee all day everyday. Member Posts: 885
    osJoe wrote: »
    CCNA:Security it is!

    just as an fyi, the ccna is a prereq for the ccna: security (though technically you could take the ccna: security exam before the ccna but not earn the cert until you pass the ccna).

    more info: CCNA Security - Career Certifications & Paths - Cisco Systems
    WIP: IPS exam
  • docricedocrice Random Member Member Posts: 1,706 ■■■■■■■■■■
    I would definitely recommend going through the CCNA before starting on the CCNA Security. If you aren't familiar with switching and routing, access-lists, etc., you'll probably be lost when they get into static vs. stateful filtering, AAA, IPsec, 802.1X, or even IOS commands. That said, the CCNA Security only provides a small taste of the Cisco security track. It's also more about Cisco device security features and their configuration, rather than about security principles. It doesn't even get into packet-level analysis.
    Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/
  • sb97sb97 Senior Member Member Posts: 109
    One generic piece of advice I give to everyone that is in school with little or no actual experience in their field... Check to see if you can find a paid internship at some point before you graduate. I cannot think of a better resume and network builder. An internship can really set you apart from all the classmates you graduate with when you start looking for that first job.

    In my case, I was hired on by my company after my internship ended which was great. Even those people in the internship program who were not retained after their internship ended were still able to find jobs in very short order.
  • osJoeosJoe Member Member Posts: 61 ■■□□□□□□□□
    docrice wrote: »
    I would definitely recommend going through the CCNA before starting on the CCNA Security. If you aren't familiar with switching and routing, access-lists, etc., you'll probably be lost when they get into static vs. stateful filtering, AAA, IPsec, 802.1X, or even IOS commands. That said, the CCNA Security only provides a small taste of the Cisco security track. It's also more about Cisco device security features and their configuration, rather than about security principles. It doesn't even get into packet-level analysis.

    That's what I'm planning on doing, thanks!

    sb97,

    I have been told this a lot and I'm definitely going to take your advice!
Sign In or Register to comment.