Options
Could Use Some Advise
Jeordy
Registered Users Posts: 4 ■□□□□□□□□□
I'm planning to join the USAF (Air Force) within the next 3-6 months. I currently hold a (nearly worthless) CNS degree from ITT Tech, and no certs. From what I have retained and learned on my own I estimate that I am likely at the knowledge equivalent of possessing a Network+ from CompTIA (would have to do a little brushing up before taking the exam for some of the more obscure things, but otherwise I think I would land about here). I will be going in as enlisted but hope to eventually land as a Cyber Operations Officer. Going in as enlisted, getting into their Cyber Surety program would be the best bet for proving myself to them in the security area so that when I apply for the hop to officer, there is some good backing.
My question is/advise request is: In the next 3-6 months before joining, which certifications would be good to get to try to ensure I get assigned to Cyber Surety? There is obviously no guarantee, but if they have someone that already has knowledge on something, I imagine they would prefer to put use to it over shoving them into something completely different. (This is another reason I want to get some security training before joining - so they don't see my Networking Associates and try to shove me into a network administration role (which would be fine, but NA probly won't land on my top 3 list)).
I read in a thread somewhere that the Security+ and CEH are valuable for Gov. related jobs (but have also read that the CCNA and CCNA:Security are way more valuable than the Sec+ overall and that the CEH is 99% worthless because it only covers use of tools and is essentially equivalent to slapping a "SKID" label on your chest)
I don't have an unlimited budget, so I'm also considering the necessity of taking the A+ and Network+ tests at all (to save the cash and not show off any more networking skills than I have to ~ I know networking is a huge part of pentesting/security, but I would think that having the "higher level" security certs would imply that networking knowledge without sticking it right on the surface and saying "If you want, you can toss this guy to the network admin department as well!!" =P)
Additionally I would prefer a more structured training, eLearnSecurity (Pro, not Student) is a nice price and seems to cover A LOT of stuff, though I have read some pretty negative things on there about it. I'm also not sure if it's contents would cover enough for any other certs but theirs (which is pretty much worthless from what I understand). I love the looks of the OffSec course, but think I would need a better intro before hopping into that. I'm also interested in the SCPSE, but was advised by hutch to get a better intro to security first... (If you read this, I wanted to stop hijacking your thread with my questions =P)
So maybe:
Sec+ (I should be able to get the student pricing on the TestOut training)
SCPSE
OffSec
...?
Or maybe straight into eLearnSecurity's (Pro) training? Based on their "Recommended Skills" list, I should be fine to hop right in there without much pre-learning.
I have programming and scripting experience, so I'm not worried about that aspect being a hindrance at any stage.
Any help would be greatly appreciated!
Thanks in advance!
My question is/advise request is: In the next 3-6 months before joining, which certifications would be good to get to try to ensure I get assigned to Cyber Surety? There is obviously no guarantee, but if they have someone that already has knowledge on something, I imagine they would prefer to put use to it over shoving them into something completely different. (This is another reason I want to get some security training before joining - so they don't see my Networking Associates and try to shove me into a network administration role (which would be fine, but NA probly won't land on my top 3 list)).
I read in a thread somewhere that the Security+ and CEH are valuable for Gov. related jobs (but have also read that the CCNA and CCNA:Security are way more valuable than the Sec+ overall and that the CEH is 99% worthless because it only covers use of tools and is essentially equivalent to slapping a "SKID" label on your chest)
I don't have an unlimited budget, so I'm also considering the necessity of taking the A+ and Network+ tests at all (to save the cash and not show off any more networking skills than I have to ~ I know networking is a huge part of pentesting/security, but I would think that having the "higher level" security certs would imply that networking knowledge without sticking it right on the surface and saying "If you want, you can toss this guy to the network admin department as well!!" =P)
Additionally I would prefer a more structured training, eLearnSecurity (Pro, not Student) is a nice price and seems to cover A LOT of stuff, though I have read some pretty negative things on there about it. I'm also not sure if it's contents would cover enough for any other certs but theirs (which is pretty much worthless from what I understand). I love the looks of the OffSec course, but think I would need a better intro before hopping into that. I'm also interested in the SCPSE, but was advised by hutch to get a better intro to security first... (If you read this, I wanted to stop hijacking your thread with my questions =P)
So maybe:
Sec+ (I should be able to get the student pricing on the TestOut training)
SCPSE
OffSec
...?
Or maybe straight into eLearnSecurity's (Pro) training? Based on their "Recommended Skills" list, I should be fine to hop right in there without much pre-learning.
I have programming and scripting experience, so I'm not worried about that aspect being a hindrance at any stage.
Any help would be greatly appreciated!
Thanks in advance!
Comments
-
Options
docrice
Member Posts: 1,706 ■■■■■■■■■■
If you want to immerse yourself into the technical route, you'll also need Unix / Linux skills to do security work. Sec+ isn't a bad "starter" cert and I personally don't feel that it's a difficult certification, however I did take the exam after being in the IT industry for a over a decade. I'm not familiar with government's perspectives, but it'd seem you need just a little more than just Sec+ to get you recognized for a more security role rather than networking or systems.
The CCNA Security I felt is more networking-centric. It deals a lot with security features and configuration on Cisco devices. It's good stuff, but more geared towards the folks on the networking side of the house.
Perhaps with being in the military, the opportunities for security-oriented positions are had more easily, but generally speaking you need a wide variety of core competencies to work in security unless you're doing something extremely specific like malware research (which I guess even then requires a good deal amount of systems knowledge).Hopefully-useful stuff I've written: http://kimiushida.com/bitsandpieces/articles/