Security Roadmap

Corrsta

So, my long term goal in IT is to specialize in some area(s) of security. Unlike a lot of the people I see on here, I'd like to get involved with law enforcement, investigating computer crimes. After looking over all of the different types of certifications, speaking with people in the industry, and browsing the forums here on TE, I've come up with a list of certifications I'd like to pursue:

CompTIA:
A+, Network+, Security+, Linux+

Cisco:
CCNA, CCNA: Security, CCNP, CCNP: Security

Microsoft:
MCITP: EA, MCITP: SA

EC-Council:
CEH, CHFI

SANS:
GISP, GCIH

ISC2:
CAP, CISSP

Right now, I'm preparing for the CompTIA exams, and will move on to the Cisco certs once those are done, since the CCNP is required for the specific positions I'm looking at. The rest are a ways away.

My main jobs right now are non-tech roles in public safety. I run a side business that helps small businesses with basic IT needs, and I also volunteer at non-profit companies to help with tech support. At my current position, I'm making between $70,000 and $80,000 per year, but I fear that in order to really prepare for the higher level certs like the CCNP and CISSP, I will have to start working in an IT-related position full-time (which probably won't pay nearly as well at entry-level).

I'm looking for some input from the community... Am I missing any certs that would be absolutely essential? Are any of them just fluff? Has anyone earned their CCNP with no full-time networking experience? Can I build up enough experience as a consultant/freelancer (like I'm doing now) so that I won't have to start all over again with an entry level job?

Any feedback is appreciated...

Edit: I didn't realize Microsoft totally revamped their certifications... I'm gonna have to look them over and see if there's any still worth doing.

kriscamaro68

First off I would ditch the Net+ as you already have plans to take the CCNA. The MCITP:EA is all but done away with now and basically the MCITP:SA is about to change to the MCSA:2008. You will be looking to obtain the MCSE:2012 if you want something higher than the MCSA:2008. Also a lot of the higher end certs will be looked down upon with no experience to back it up. Also from what I hear you don't have to take the CCNA anymore in order to do the CCNA:Sec. Still would be a good idea in my opinion though. If you are doing forensics for law enforcement my guess is you will rarely deal with the network side of things. Most of your work will be on desktops/servers. SANS offers a Windows Security cert that has some areas of study that may be beneficial to you. Those are my thoughts.

webgeek

CompTIA is a good stepping stone if you have zero computer experience. Microsoft certs will be unattainable in a few weeks. The SANS GISP is a prep course for CISSP. Don't know anyone who has ISC2 CAP since they usually get SSCP then CISSP if they don't have the necessary 5 year of IT security experience.

In reference to your chosen track, it is almost identical to what I am doing. For CISCO related items, you can probably do CCNA with basic software testing but for CCNP you are going to have to buy equipment from my understanding.

Also SANS courses are expensive! I would love to take them but unless my employer pays for it, I'm not.

YuckTheFankees

Personally, I would only get 1/4-1/3 of those certifications. I would primarily focus on making in impact in the security world. Ex: write a blog, contribute to security projects, find bugs, find some way to help beginners, etc..

dover

You do public safety related work now, do you have any criminal justice background? Might want to look into a bachelor's or associates degree in criminal justice since you will be expected to follow the same strict rules and regulations regarding evidence gathering, admissibility and chain of custody requirements.

The cert list is very ambitious! If your main focus is on law enforcement in general and forensics in particular I would probably not worry about all the CompTIA if you have a decent background and understanding of computers. If you are really new to computing in general or need a cert to get into the industry A+, Linux+ would probably be helpful. But you are right I don't think you'll be pulling in anywhere near $70-80K/year.

I wouldn't spend too much time with the entire Microsoft certification track - you'll definitely want a deep understanding of the OS, how it is built, runs and behaves - but you probably wouldn't need to know the minutiae of Active Directory, sites and services, OUs, deployment and architecture designs.

I would definitely say the SANS forensics track is where you should look after getting some background info in criminal justice or computers - although the courses are far from cheap. The GCIH does cover some evidence handling - from what I've read - but would probably be very light on the forensics-side. These two courses would be right up the alley - hell, I'd like to take them just for the information.

FOR408: Computer Forensic Investigations - Windows In-Depth

FOR508: Advanced Computer Forensic Analysis and Incident Response


AccessData has certification without prerequisites for their forensic product-line FTK


Once you get some forensic experience and training:

EnCase has the EnCE certification
J.D. Murray would be the man to talk to about their certification and how difficult it is to obtain.

CISSP Eh, maybe. Mostly generic security information - looks good on the resume though.
EC Council - I have no first hand knowledge of their programs at all.

Cisco certs are always valuable - to either get you into a tech-related job or they may lend themselves to network forensic analysis later on...
But if you want to go CCNP level you really need to have real world exposure. You can study and pass the NP exams but if you don't use the skills in the material you will lose them quickly - and that may translate into a very uncomfortable job interview.

antielvis

To the OPI think I counted 8 certifications that I personally have in your list. I'm not trying to dissuade you from learning, but your list is very extensive and that's probably 8 - 10+ years of studying to acquire those certs (add in a job, life, social life, etc). My own thoughts are that to be good at security (generalist) you need a decent understanding of Windows, Linux & CISCO. I'm not sure you'd need an MCITP:EA or MCSE 2012. In the case of windows, definitely understand AD, DNS, Services & other things related to security. I would think the CCNA would make sense give it's focus on routing & VLAN's (obviously security based). I would also add VMware to the list as it's very common & virtualization is a useful tool if pen testing. I'd also imagine you'd want to know scripting in some sense. Maybe consider the CBT Nuggets 99$ a month package? It has videos on many of these subjects and I've watched a few of the series just to get a grip on stuff.

Corrsta

I actually spoke with two Mandiant employees last night who happen to be my age (23). Both of them got hired with just their Bachelor's and a couple of SANS certifications. Neither of them had any full-time experience in forensics before starting. Based on their advice, I'll probably ditch the CCNP and the ISC2 certs for now. The CCNA can't hurt, and is fairly attainable for someone like me. As for Microsoft, I'll probably just go for a MTA or MCSA cert just to show I have some familiarity with Windows. I've also been looking at grad schools that offer degrees in cyber security. Currently deciding between Utica College and John Jay College.

raybfree

you have to decide what route your thinking of taking.. networking cyber security IS Management... don't just starting gunning for all of them. After all, it will be way to expensive and might take you forever while working and taking care of your primary responsibilities.