CEH Exam Next Week Friday... :) A lil confused tho

olufonolufon Member Posts: 22 ■■■□□□□□□□
Hi Everyone....

Been on here for quite a while....6 years i think :S and this forum has always been a guiding light ...Been in the Networking line for about 2 years and have the CCNA CCNP MCSA MCTS MCITP certs.Also have the PMP certification. Funny enough i find them rather monotonous and got very interested in security. Took up the class and joined an ATC for a 5 day course. It was rather interesting for a security newbie and i am quite interested in penetration testing (for the money :D) and also cos i enjoy it.

I decided after the course that i want to go into security audits and penetration testing. The CEH is obviously an intro to the world of security.

What will you advice for me to achieve my goal? LPT? CISSP? CISA? or the SSCP? . What kind of experience should i gather? Will really appreciate comments. :D

Muyiwa Olufon
Olufon.Muyiwa

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,161 Admin
    We have quite a few discussion threads here on TE about pen testing and related certifications. The three basic types of pen testing are application, network, and physical. There are certs for the app and net, but none really for physical. Some certs, like the CEH, cover social engineering as physical pen testing, but only on a very basic level. The app and net pen testing certs are largely tool-based and operating system-specific. You will see that on the CEH, although the CEH itself is not a pen testing cert.

    If you want to experience an entry in to the world of InfoSec, try the the Security+ cert.
  • swildswild Member Posts: 828
    I just list my cehv7 courseware on eBay. The most important part of it is just the collection of tools in one place. It really did help me find some great tools. Unfortunately, I have a few faves that only run in Linux and a few that only run in windows. I really want to see how many good tools I can get on an android tablet.

    I went about things kinda out of order compared to most people. I did Sec+ then CISSP. CEH is next but since it doesn't give me any transfer credit for a WGU BS, I am holding off on the exam for a while.

    Just the idea of physical pen testing gives me a thrill. I will be going for a few certs on net pen testing and hopefully guiding my career down that path. After my BS then MS, I will be applying to some security centric IT positions. My current job has tuition assistance and plenty of downtime for studying so I will be staying here for a couple more years while I get certed up.

    After CEH, I will be taking either GIAC or Backtrack training courses. After my masters, my work should pay for individual certificates, but not until then. LPT is on my list. I would recommend against the SSCP as very few HR managers know what that is. Mine didn't even know what the CISSP is.

    Best advice I can give is go to dice.com and usajobs.gov, find job titles that interest you and see what certs they are asking for. For govt jobs, CISSP is a big plus.
  • AlexNguyenAlexNguyen Member Posts: 359
    JDMurray wrote: »
    There are certs for the app and net, but none really for physical.

    ASIS provides physical security certs: PSP (Physical Security Professional) and CPP (Certified Protection Professional).
    Knowledge has no value if it is not shared.
    Knowledge can cure ignorance, but intelligence cannot cure stupidity.
  • olufonolufon Member Posts: 22 ■■■□□□□□□□
    Thanks for the responses. I guess that security + will introduce me to the 'real security' world. Guess ill take it as it also gives credit to my microsoft certfications.

    Thanks!
    Olufon.Muyiwa
Sign In or Register to comment.