Options
Getting Started In The I.T. Field
computer g33k
Member Posts: 149
I need some help determining what road I should I take. I have three years of vocational training in the I.T. field. I studied A+, Cisco/Networking, and some programming. Should I get a college degree or should I get certs? I can pass the A+ exam with a little bit of refresher studying and I'm sure I could pass the Network+ exam by studying on my own. My ultimate goal is to eventually get into I.T. security. Any help would be greatly appreciated.
Currently Studying: Anything & Everything/Cisco Networking Academy For CCNA. (on hold)NetworkVeteran wrote: »There's room for those who want the easy work and those who want the challenges. You will, of course, generally be compensated in proportion to what you shoulder.
Comments
-
Optionscontentpros
Member Posts: 115 ■■■■□□□□□□
If you want to get into security you need to start thinking about what makes you tick. InfoSec is a huge field with many different opportunities so what are you interested in? What type of stuff do you find yourself researching in your free time because "you want to know"?
Start with the Comptia Security+ its pretty basic but it is one of the minimums most places expect you to have. Take a look at the DoD 8570 requirements to help in finding some direction of which certification(s) to do next. This is more important for government work than private sector but it will still help give you some direction. From my personal experience the best security people have a ton of background and experience. Its rare to find a job these days where you are in a specific role like a "firewall admin" these days we are expected to know a bit about everything. Yet still have specialized security knowledge.
You should really start learning about risk and risk management. In security understanding risk and how it affects the business is a big part of being successful (if you ever want to move into management).
Build your network and systems administration skills. That knowledge will play dividends in the long run. Don't forget to build solid unix/linux skills since a majority of the tools we use tend to run on *nix or are available there prior to being ported to windows. Take some time to learn a scripting language like perl, python or even simple bash scripting this will help make your life easier down the road.
Security is a fun and challenging field that is a living breathing beast. If you are serious about staying in security I would highly recommend picking up a copy of google hacking for penetration testers. In Infosec where we are always trying to hit a moving target learning how to become efficient in your research is key and the book will help you learn to find what you are looking for efficiently.
Security is dynamic and you will need to commit to staying up on whats happening and new and emerging threats. Being a life long learner takes commitment but if you are willing to put in the effort it is a ver rewarding field.
HTH
~CP -
Optionsbigmantenor
Member Posts: 233
I agree with everything contentpros has put forth. Something I would focus on would be gaining a deep understanding of TCP/IP. If you would like a cert path to go along with that study, then possibly look into the Network+ and/or CCNA. The general networking knowledge that I've learned so far from studying for those exams has aided me greatly at my new job. As mentioned, the Security+ would also be worth looking into, and possibly even the Wireshark cert. One of the great things about security is that many of the industry-standard tools are open source, which makes them readily available to anyone that has interest in learning. Start looking at things like Snort, tcpdump, reading syslogs, Saint, Metasploit, Backtrack, etc. I also definitely agree with taking up *nix, as well as a scripting language (the de facto standard at my shop is Perl, so that's what I've been working on learning). Good luck to you!