Network+ for Information Security career?

wiizzarrd

Would getting the Network+ certification by CompTIA be good for a security job? I absolutely love security and I know that some principles of networking are taught in your studies for Information Security certification, but the Network+ is such a drag to study for because I feel like I won't use most of what is taught there? I have no desire to ever change my path and go to networking as a career, strictly security.

Thank you.

zxshockaxz

I believe its completely useful when it comes to getting your foot in the door. The way I see it: If you don't have a very solid understanding of networking, you won't be good at security. How can you secure something if you don't understand what you're doing.

You really don't NEED Net+ to get into infosec, but I'd definitely recommend having at least a decent amount of knowledge of the exam objectives. From what I've seen, most people don't typically get hired into a security position without having work experience in IT. The Net+ and A+ are definitely good for getting your foot into an IT job.

My goal is to become a pentester, so I'm going to school for cyber security, and studying various certs while working as a computer tech. My job deals very little with security, so I just view it as a step closer to landing a more networking/security related job in the near future.

wiizzarrd

You only need to know certain principles of networking for security, which are taught in certification study books for Security+ and even SSCP. My job wouldn't be to identify cables, design networks, and optimize network performance. My job would be in securing the network with what IS certifications would prepare me for.

zxshockaxz

I would say that you need to know more than just a few certain principles. These comments are simply my opinion though. I don't work in infosec yet, so I can only state my thoughts on the matter. There are plenty of way more experienced users on the forums that could give you a better answer. If you're lucky, someone else will respond.

emerald_octane

wiizzarrd wrote: »

My job wouldn't be to identify cables, design networks, and optimize network performance.

Maybe, maybe not.

Cables? Do you know what cables should be used in high security scenarios if the client is concerned about TEMPEST?
Network Design? What if we need to segment the network to align with PCI-DSS or HIPAA?
Optimize Network Performance? What if a newly deployed firewall and IDS is bringing the network to it's knees? The suits will demand that you take it down unless you can address the performance issues.

You can't reliably implement security at any level until you learn the basics. Sec engineers are generally highly technical on their given platforms and are able to secure it because of their fundamental understanding.

Darril

I echo the comments by others here.

In general, security jobs are specialized jobs. Someone learns the basics and then moves into a specialization. For a networking security job, you'd learn the basics of networking, and then specialize in security.

You don't necessarily have to have a Network+ certification, but you should have the knowledge. One good thing about any certification though, is that it helps you ensure you have a full understanding the topic without any gaping holes. An uneducated technician might run non-plenum rated cable through a plenum resulting in many people getting sick or dying. An educated technician understands this basic information about cables and wouldn't make this mistake.

I have taught Security+ classes with security administrators that had zero networking knowledge but were forced to get the Security+ certification for their job. They got through the class and were able to master the materials, but they worked much harder than students without networking knowledge. However, I couldn't imagine someone working in a network security job without basic networking knowledge.

wiizzarrd

I understand that, I will continue to study for the Network+ certification. I'm only going to do Professor Messers videos and maybe books on wiring and media to add onto it. Then, I will just do practice tests on here and the ones included in the Exam Cram book. While taking notes on all of those, of course.

TechGuy215

It's definitely not a bad cert for begginers. It gives you a foundation to build on, in which you can become more focused on InfoSec specifically....i.e. Security+, CASP, CISSP, CEH, etc...

lsud00d

Security is layers 1 through 8, just like networking. I don't see the N+ cert as overly necessary, but the concepts, yes.

binarysoul

I regard Comptia certs as too theory and definition focused and as such I don't think any of their + certs would land you a job.

If you just want their paper cert, then go for it; otherwise just get into a real security program to crunch data than to memorize Comptia's boring material.

lsud00d

@binarysoul, I see your location is Canada. In the states there is an abundance of federal contracting positions that require at least the S+.

wiizzarrd

Do you feel that Professor Messer's videos, along with practice exams and notes would help me pass the exam? I will get it and plan to score 835-900, but I will settle for just passing. It's just so boring to me, compared to Information Security, which I love studying. On Security+, I would plan to get 850-900.

Dyasis

I would pick up at least 1 book, either:

Mike Myers all in one 5th edition
Todd Lammle Network+ Study Guide 2nd edition
Pearson Exam Cram 4th edition

Jinuyr

Studying for your Network+ will certainly help you in becoming a more solid IT Security Professional. I would also recommend either the SSCP or Security+ if you're starting out or the CISSP if you're a well established professional. Like you, I am very much interested in security and will likely be pursuing the CISSP at some point and the path I have completed so far is as follows:

Net+ -> Sec+ -> SSCP -> CISSP -> ???