Completely Inexperienced

WintersKnightWintersKnight Posts: 2Registered Users ■□□□□□□□□□
So to begin, I currently know little to squat about the IT field. I've been in the USN for five years now as an Electrician and while it was ok, I've always had a love for computers and after having done some extensive reading, know that this is the field I wish to pursue.

I have thought about going after an USAF commission in the Cyber Warfare department, but let me not get ahead of myself.

As it stands I only have the countless years that I have played with computers under my belt. However, I am not completely without a plan.

First, I'll be separating from the Armed Forces in August and attending college where I will be pursuing a Bachelor's in Computer Science. In the meantime, I've networked with some other vets and found out an old friend who is actually working here in my area and has invited me on-site to take a look at just what they do and to get my hands dirty in some projects. During my free time I like reading books I picked up about the first steps of penetration testing and have even begun setting up my first lab in my house, hoping to start figuring out the tools with practice on the virtual networks that came with my book. I've even starting looking into certs but this is where I am faltering.

I've heard that A+ is bleh, Net+ is great for studying but you can save money but just skipping the test for now and looking at Sec+. My eventual goal is becoming a Penetration Tester, and possibly working for a Red/Blue team with the USAF if I take that commission.

However, while I'd like to think I've done my research and have a somewhat decent plan set up, I know that nothing trumps experience and the wisdom that comes with it. So here I am to ask:

Am I on the right course? Have I missed something? Should I actually get the A+ and Net+? Any and all advice is more than welcomed! Oh, and thanks for taking the time to read this! I know I can be kind of bad about running sentences together when I'm trying to spill out all the information.

Comments

  • ptilsenptilsen Posts: 2,835Member ■■■■■■■■■■
    There's a lot of depth and complexities to this field. The first thing I want to throw out there is that this forum is largely -- not exclusively, but largely -- for people who work in what is collectively called infrastructure. This means managing, implementing, fixing, and so on the pieces that make computers work together, from the hardware itself, the operating systems, server software, networks, and so on. Security is a part of it, but not all security is deeply related to infrastructure disciplines, nor or all aspects of IT deeply related to infrastructure disciplines. Anyway, the thing to know is a lot of what you'll get here is from people coming from fairly similar lines of work. Pentesting and various security disciplines are among them, but even those can vary a lot in terms of what they really involve, and you probably won't see all sides of it on a site devoted to technical certifications. I would recommend you keep doing lots of research and talking to others on your own. In particular, talk to people in more programming-related disciplines, to hardware engineers, to people working in different aspects of security.

    Getting past that, computer science is a great degree, and what I actually recommend to anyone who has the aptitude, patience, and desire for it. However, you should be aware of your options and what they mean. Moreso than other IT-degrees, computer science is highly technical, involves deep theory, and uses a lot of math. It also can take a lot of time and patience to see anything. There's really very little instant gratification. You may spend weeks learning just enough to be able to write programs to solve trivial solutions after hours of work. The degree itself is generally (not always, but generally) geared towards working more in programming-heavy disciplines, specifically software engineering. Now I still recommend it for many prospective infrastructure professionals, especially people interested in security. It is easily the most technical degree you can get, and really prepares you for any kind of IT work in terms of having a fundamental understanding of how computers work.

    Getting to the specifics, computer science, cyber warfare, and A+/Net+ certifications can all be relevant and useful to a single person, or could be totally separate and useful only to three different people. This is where understanding your goals is critical. A+ and Net+ certifications are a great way to get a foundation in computer hardware and basic networking concepts and applications. That information can also be useful and necessary for "cyber warfare" and the like. Similarly, it isn't necessary for some people. There are plenty of software engineers, even deeply skilled ones with lots of technical knowledge, who probably who do just as well guessing on either certification as they would attempting them. And perhaps more importantly, neither cert is necessary for one's career or to learn the underlying knowledge. Computer science, similarly, can provide a lot of great knowledge, but some people can do very well without the degree, the costs that go into it, and even the knowledge. It all depends on what you really want to do.

    Getting around to it, I'm not sure if I'd go after A+/Net+ if you want to be a penetration tester. The knowledge you'll need will certainly encompass what's on those tests, but the certifications themselves will really only get you into a help desk or similarly low-level infrastructure position. While this can eventually lead to pentesting or similar security roles, there are probably better ways to get there. Computer science, on the other hand, will absolutely give the coding skills you'll want as any kind of pentester. However, you may get deeper into studying and think "hey, I like computers and security, but I don't like coding. I don't like pentesting. I like [x] and [y] more." I guess the point of my rambling advice here is to really try to get a feel for your options and be prepared and willing to change your mind.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
  • olaHaloolaHalo Posts: 748Member ■■■■□□□□□□
    great post ptilsen
  • abramsgunnerabramsgunner Posts: 31Member ■■■□□□□□□□
    If you are about to start school... just skip the certs for now... no reason to spend the money until you are closer to entering the job market. Keep your options open, try a little bit of this, a little bit of that. The job market, not to mention the things you like, will be different 4 years from now. Don't feel like you have to make all your choices and lock yourself in right here at the beginning. Keep your eyes open for opportunities to get your hands dirty and sponge off any and all of the experienced people around you.

    The odd thing I noticed in school was that things I thought I did not like... once I learned a little about them, many became much more interesting to me. Strive to learn at least a little about EVERYTHING.... you will reach a point where something stands out as the path you should follow.
  • N2ITN2IT Posts: 7,483Inactive Imported Users
    Try to keep it simple from a planning perspective. I really like the idea of going for a Computer Science degree. IMO It's the best decision you could of made. By doing so you no longer need to rely on certifications you can leverage that nice CS degree. The more time I spend in this field the more I realize the degree is far greater than the certifications. Especially if you pick up a beast like CS. Just curious what about a double bachelors EE/CS?
Sign In or Register to comment.