Security Certs for starters

Hi all,

I've recently got in to the security industry workforce doing sec operations and compliance checking, and the cissp cert interested me. If I take the exam and write it, would I receive the actual certification or would I have to wait for 5+ years to elapse before receiving it while carrying the Associate of (ISC)².

For guys starting out, what is most recommended without needing the experience in order to get the certification? I heard GIAC is well respected in the industry...also can't go wrong with CCNP-SEC.

Thoughts / Suggestions?

Thanks

Find more posts tagged with

Comments

the_Grinch

The CISSP allows for education to be used as experience. So a four year degree would not a year off. You would have to wait till you got the allotted experience before you could become a full fledged CISSP. I'd suggest, if your just starting out, that you go for the Security+. It will provide a good foundation and with the new CPE requirement would prepare you for keeping up education for the CISSP. But without knowing your background and current certs I don't think anyone can give you a clear picture.

ddzc

Thanks for the response.

The new position is security operations and auditing, creating new benchmarks, policies, configuration gaps, compliance checks at a security level for all routers, switches, firewalls and loadbalancers on the network. My background is years of Networking, I have JNCIA, CCNA, CCNP.

halaakajan

How about SSCP, GCIH with CCNA:S or CCNP:S?

Then aim for CISA.

Good luck brother.

Khaos1911

I'm (sort of) new to the InfoSec field. I obtained Sec+ and take my SSCP exam next week, then after that will knock out CEH and CISSP (associate) before the year is up. I'm a new Information Security Analyst and I must say studying for these certs can't hold a candle to learning all this stuff on the job. I'm sitting in an HP training class (a weeks worth of out of town hands on training paid for by my employer) for their IPS and the intricacies of how this thing works and how to properly administer it is just something I could not find in a book for SSCP or Sec+.

docrice

Putting the keywords "HP" and "IPS" together, I'm assuming you mean "TippingPoint." Intrusion prevention/detection is a craft that isn't well-covered by most training courses. As a matter of fact, it's an important but generally-trivialized subject area that's a sore issue for me because most IPS systems seem to be nothing more than "it's an appliance which I will trust the vendor to do the right thing for me." Whenever I have vendor meetings and IPS is put in the table, most of the time it's more about appliance performance and reporting and less about low-level inspection detail, tuning, and context data for good analysis. To me, whenever you have an appliance like an IPS sensor (standalone or as a module or function in a firewall), you need to have a very good understanding of how it works/processes traffic, where it falls short, how it reacts to the traffic specific to your organization, and how you can mold the sensors to do your bidding. But I digress...

I'd be curious to hear if your class covers the use of the DV Toolkit and how far in-depth they go with it.

But yes, on-the-job experience far outweighs what you learn in a book or a few training classes. Real life is significantly more intricate (and fun if you love this stuff). You can learn how a car works by reading a book, but to actually drive and control all the nuances of the vehicle is much more intense.

dmoore44

Khaos1911 wrote: »

I'm (sort of) new to the InfoSec field. I obtained Sec+ and take my SSCP exam next week, then after that will knock out CEH and CISSP (associate) before the year is up. I'm a new Information Security Analyst and I must say studying for these certs can't hold a candle to learning all this stuff on the job. I'm sitting in an HP training class (a weeks worth of out of town hands on training paid for by my employer) for their IPS and the intricacies of how this thing works and how to properly administer it is just something I could not find in a book for SSCP or Sec+.

I think you're speaking about two different things... When you read a book, you're reading a lot of theory and abstract concepts (unless said book is a user's manual for a product). When you attend a training class, you're generally focusing on learning a product that puts in to practice one of those abstract concepts you learned about in the book (unless the training class is for a vendor neutral cert, then it's back to abstract concepts).

But, as you've mentioned, there's no substitute for OJT. OJT gives you exposure to the tools you'll be using, and if you've got a good mentor, will also fill you in on what's happening in the background.

SephStorm

FYI, just got this today:

SearchSecurity.com's IT security certifications guide

SearchSecurity.com's IT security certifications guide

YFZblu

First of all, what are you actually doing? Traffic / log analysis (SIEM), engineering, compliance, access control? CCNP-Sec would be nice to have to backup your engineering experience, but wouldn't do squat for an analyst looking at the wire for malicious activity. I could probably say the same about SSCP.

I am relatively new to security operations myself, and I have found it most beneficial to tailor my studying to what will help me perform the job best - Doing analyst work for me that means TCP/IP, networking, incident handling methodologies/standards, linux, intrusion analysis, programming, etc. If you can find certs for those things, great - but you are already gaining experience which is much more valuable than adding a cert like SSCP to your resume.

Now is the time to find a mentor, learn / expand your skillset, and begin to keep an eye out for what you enjoy most about infosec, so that later in your career you can become more focused in your expertise.