Passed Security+. What's Next?

elvinguitarelvinguitar Member Posts: 20 ■■□□□□□□□□
I just passed my Security+ today with a score of 880/900. I studied for two weeks and only used Darril Gibson's book. The exam is not that hard if you really know the concepts. :)

I want to pursue that path of Penetration Testing. So what cert should I pursue next? I'm thinking of CEH but may told that it's not worth taking since it's all about the tools. I'm planning to take OSCP but not today since I'm no that pro yet.

Also, I'm planning to study python which might be helpful for PenTest and for OSCP. Any book/s you recommend that I should use?

Thanks. :)

Comments

  • cdxcdx Member Posts: 186
    Hi elvinguitar,

    Check out this thread from the Security Certificatons forum. It will answer your question.

    http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html
    Bachelor of Science - Information Technology - Security
    Associate of Science - Computer Information Systems
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • elvinguitarelvinguitar Member Posts: 20 ■■□□□□□□□□
    cdx wrote: »
    Hi elvinguitar,

    Check out this thread from the Security Certificatons forum. It will answer your question.

    http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

    thanks for the link.
  • ccnpninjaccnpninja Member Posts: 1,010 ■■■□□□□□□□
  • Fulcrum45Fulcrum45 Member Posts: 621 ■■■■■□□□□□
    Nice score! Good job.
  • Dakinggamer87Dakinggamer87 Member Posts: 4,016 ■■■■■■■■□□
    Congrats!! icon_cheers.gif
    *Associate's of Applied Sciences degree in Information Technology-Network Systems Administration
    *Bachelor's of Science: Information Technology - Security, Master's of Science: Information Technology - Management
    Matthew 6:33 - "Seek the Kingdom of God above all else, and live righteously, and he will give you everything you need."

    Certs/Business Licenses In Progress: AWS Solutions Architect, Series 6, Series 63
  • elvinguitarelvinguitar Member Posts: 20 ■■□□□□□□□□
    Thank you guys. I'm planning to pursue the offensive side (penetration testing) of IT Security, what cert should I take next?
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    OSCP is the generic bread and butter starting point for red teaming. Some people will point you to CEH, but from recent forum posts I'd give CEH a few months to settle down since they just updated it and there seems to be some user confusion as to materials/tests/etc.

    eLearnSecurity also has some classes that people here have spoken highly of, altho I've never personally reviewed the materials
  • elvinguitarelvinguitar Member Posts: 20 ■■□□□□□□□□
    OSCP is the generic bread and butter starting point for red teaming. Some people will point you to CEH, but from recent forum posts I'd give CEH a few months to settle down since they just updated it and there seems to be some user confusion as to materials/tests/etc.

    eLearnSecurity also has some classes that people here have spoken highly of, altho I've never personally reviewed the materials

    I saw on Amazon that the Sybex guide for CEHv9 will be out on the month of May. So while waiting for the study guide, what should I study? Should I take CCENT > CCNA Security first? My consideration with CCNA Security is that it is vendor-specific unlike CEH.

    One more thing, is Security+ worth the money for the Continuing Education? CompTIA requires you to pay $50/year for the Continuing Education.
  • cdxcdx Member Posts: 186
    Yes Sec+ is very reputable to many employers. It is worth it. Based from my research so far, my route is below in my signature.
    Bachelor of Science - Information Technology - Security
    Associate of Science - Computer Information Systems
  • User2097User2097 Member Posts: 41 ■■□□□□□□□□
    Get CEH and CISSP. OSCP is very hands on. Both will help you grasp concepts for OSCP.
    Cert Goals: CISSP-ISSAP (May 2016) | CISM (2016) | GSEC (2016) | OSCP (2017)
    College: MBA Project Management (2012) | Bachelors IT Management (2010)
    Experience: Cyber Security, Information Assurance, and IT Management Officer
  • elvinguitarelvinguitar Member Posts: 20 ■■□□□□□□□□
    User2097 wrote: »
    Get CEH and CISSP. OSCP is very hands on. Both will help you grasp concepts for OSCP.

    The study guide for CEH is not available yet.
  • PsydroxPsydrox Member Posts: 25 ■□□□□□□□□□
  • Cerebro 2.0Cerebro 2.0 Member Posts: 24 ■□□□□□□□□□
    Congrats :)
    ITIL SO [In progress]
    Prince 2 Foundation [In progress]
  • OctalDumpOctalDump Member Posts: 1,722
    The Offensive Security guys have a Metasploit course. It's a good way to ease yourself into the hands on off pen testing. CEH is like a brief overview of everything, it's worthwhile to have the knowledge, but it's fairly basic. The certification has good recognition, but isn't going to land you a serious role by itself.

    If you don't already, get some programming experience. Python is popular in the pentest world, and there's a bunch of books on Python and pen testing. It also helps to understand how stuff works under the hood.

    Download Kali, and start familiarising yourself with the tools.
    2017 Goals - Something Cisco, Something Linux, Agile PM
Sign In or Register to comment.