Windows Admin seeks helps on Security certs

RT8RT8 Registered Users Posts: 4 ■□□□□□□□□□
Hi Team,

I am just a beginner started to explore InfoSec and trying to shape up my career.

Myself with 10 years of experience in Active directory/PKI/Azure and IAM products like FIM, little bit on Oracle Identity manager. I have MCSA/MCSE/MCITP and 70-533. My current designation best describes as Sr. IAM expert with good proficiency in AD/PKI.

Since then gain knowledge in PKI, I have been thinking to route the career into InfoSec pathway but unfortunately don't have enough experience yet.

Further consult with peers/research including TechExams forum, I believe securing CISSP certificate which is the golden ticket to the InfoSec and might also weighs me of getting job.

My personal interest is to have CISSP + CCSP (since already have experience in Azure and have decided to spend good time to learn other cloud provider technologies) which accelerate to become a Cloud Security specialist/consultant in say 2 to 3 years!

I am not a programmer and my academic is on Electronics engineering so I’m not looking to crack Ethical hacking/Forensic (I believe it does need programming/code knowledge)

I may be wrong assuming things as InfoSec is broad domain, hence yours expertise advise on which certs are better considered, what are the possible career path I could look at and anything on this would be highly respected :)


Many Thanks,
RT8

Comments

  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    Actually interested in this thread, as I'm in the same boat, with no coding background but a growing interest in security. Be interesting to see what veterans of the sector think.
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    I think you are on the right track. You might look at some of the Amazon cloud studies as well.
    When you go the extra mile, there's no traffic.
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    CISSP is always a good goal to get. For experienced windows guys with AD experience I would also look into powershell hacking and active directory hacking. Those two are hot items right now and should come easy to experienced windows guys.
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    chrisone wrote: »
    CISSP is always a good goal to get. For experienced windows guys with AD experience I would also look into powershell hacking and active directory hacking. Those two are hot items right now and should come easy to experienced windows guys.

    Are there certifications to go with this, even if it's only part of the certification, or is it a skillset that is asked for but not certified?
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Phalanx wrote: »
    Are there certifications to go with this, even if it's only part of the certification, or is it a skillset that is asked for but not certified?

    they are included in the MCSA/SE tracks but obviously learning enough to pass an exam is not the same as being a guru in PowerShell scripting. Just learn as much as possible and expand your knowledge of PowerShell scripting.
  • RT8RT8 Registered Users Posts: 4 ■□□□□□□□□□
    Yes, that is definitely in the to-do list. Thank you!
  • RT8RT8 Registered Users Posts: 4 ■□□□□□□□□□
    This is a good spot! will include it in the bucket. Thank you!

    So, in short having CISSP+ CCSA + PowerShell provides an edge in the security world. Thank you all for you valuable advice :)
  • rwmidlrwmidl Member Posts: 807 ■■■■■■□□□□
    I came from a similar background as you so here are my thoughts.

    - Sec+ = good intro level security certification
    - CISSP
    - if you can afford it, look hard at SANS SEC505, Securing Windows and Powershell and then test/take the GCWN.
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    Phalanx wrote: »
    Are there certifications to go with this, even if it's only part of the certification, or is it a skillset that is asked for but not certified?

    There are no Microsoft certifications based on the subject of powershell hacking or active directory hacking.

    Several teams offer powershell/active directory hacking courses.

    SpecterOps.io - pretty much the pioneers and gurus of PS/AD hacking taught by the creators of (Bloodhound, Empire, PowerForensics, PowerSploit)
    www.SpecterOps.io
    Trimarc "Sean Metcalf" - Is another genius pioneer in AD security training .
    https://www.trimarcsecurity.com/training - https://adsecurity.org/
    eLearnSecurity - Their PTX course/certification has some red team adversary tactics that go into active directory hacking but nothing as advanced as Sean Metcalf or the SpecterOps crew.
    https://www.elearnsecurity.com/course/penetration_testing_extreme/
    Pentester Academy - had an active directory attacks for red/blue team course at blackhat.
    https://www.blackhat.com/us-17/training/schedule/index.html#active-directory-attacks-for-red-and-blue-teams-5727
    http://www.pentesteracademy.com/course?id=21
    http://www.pentesteracademy.com/course?id=35


    There is really no big brand certification in regards to powershell hacking and active directory. I would gladly give up all my certs if I knew what these guys know about hacking with PS/AD. The skill and demonstrating it is more important that a certification. Id rather write a white paper or two about the topic and use that as my certification.
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • PhalanxPhalanx Member Posts: 331 ■■■□□□□□□□
    Thank you chrisone. Which of those sites would you recommend for someone starting into the training of it? I'm looking more at SpecterOps right now.
    Client & Security: Microsoft 365 Modern Desktop Administrator Associate | MCSE: Mobility
    Server & Networking: MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation | CompTIA Project+
    Currently Studying: Microsoft 365 Enterprise Administrator Expert
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    I always recommend newbies start with Security+. A good, 101-level, broad introduction to most things infosec-related. Once you've got that under your belt you'll have a good idea of what interests you and which rabbit hole you want to go down.
  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    Phalanx wrote: »
    Thank you chrisone. Which of those sites would you recommend for someone starting into the training of it? I'm looking more at SpecterOps right now.

    SpecterOps is a very good place to start. For starters I would check the tools they created, read and get the general idea of what each does, then get deeper into how to use them. As you get into "the how" of using these tools you come across technologies such as powershell and active directory that you will have to do further research on. For instance I am getting into Bloodhound so I had to pick up other books to read up on Active Directory and using powershell to manage active directory. These are things maybe a seasoned Microsoft guy knows and have a better understanding than myself.


    Will (harmj0y – security at the misfortune of others) and (Sean Metcalf - https://adsecurity.org/) I would say are leading the area of AD security/pentesting.
    Empire (Powershell hacking) - https://github.com/EmpireProject/Empire
    Bloodhound (Active Directory)- https://github.com/BloodHoundAD/BloodHound/wiki

    Matt Greaber is a Genius in Powershell Pentesting and leads the SpecterOps Powershell adversary tactics course - https://github.com/mattifestation
    http://www.exploit-monday.com/
    https://twitter.com/mattifestation?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor


    Jared Atkinson (Invoke-Ir - Genius at Forensics/PS Pentesting) - http://www.invoke-ir.com/ , https://twitter.com/jaredcatkinson?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
    Powershell Forensics - https://github.com/Invoke-IR
    PowerForensics - https://powerforensics.readthedocs.io/en/latest/
    PowerSploit (Like MetaSploit, but powershell icon_cool.gif) - https://github.com/PowerShellMafia

    Lee Christensen (PowerShell and Cobalt Strike Pentesting Genius) - https://twitter.com/tifkin_
    https://github.com/leechristensen/

    I am not a windows guru and I felt lost many times during these courses and classes. I was recommended Windows Internals and I am going over those now. Truth be told, I am going to circle back towards these courses in order to solidify the areas I struggled with.

    Pretty awesome to map out Active Directory vulnerable attack paths and show management.
    https://blog.stealthbits.com/wp-content/uploads/2017/03/BloodHound-Attack-Graph.png

    SpecterOps company was announced at blackhat/defcon 2017. They are an allstar team of guys who built tools and worked at other companies that formed like voltron to create SpecterOps lol
    https://specterops.io/who-we-are/the-team

    I had to add and give credit to many of the guys who have seen my face, they would kill me if I didn't give them credit hahaha
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • RT8RT8 Registered Users Posts: 4 ■□□□□□□□□□
    Sorry for the late reply. Many Thanks for enlightened lots o details. Thank you!
Sign In or Register to comment.