After Security +

fredlwalfredlwal Member Posts: 44 ■■■□□□□□□□
What would be the best security certification after the Security Plus exam, I'm leaning towards trying to do some pen testing that's the field that I want to move into, I'm just trying to find the best route to get me towards that after the security exam?

Comments

  • SteveLavoieSteveLavoie Member Posts: 1,133 ■■■■■■■■■□
    I think that there is 2 type of cert... or 2 reason to do certs. 1st the one needed to get the foot in the door like A+, and the other that you pursue to show your interest/expertise for a field. Now with A+, Network+, Sec+, if you want to go into pen testing, then pursue certs like EJPT, OSCP .... Try the new Comptia Pen Test+ for 50$, expect to fail, but it is a good learning experience.

    After you have done the required certs like A+.... don't do certs if you dont like the subject. It won't help you.
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    Ah, everybody wants to be a pentester! I'd try out CompTIA's Pentest+ but you likely won't find many study materials. eLearnSecurity is likely your best bet at this point. Start there then try out Pentest+ then OSCP.

    Don't forget - after you hack into my company, I'm going to ask you how the heck to patch the holes you found. Knowing how to break something is only half the battle - if you're working for the good guys you're going to need to know how to fix those things, too. And just telling people to "patch your stuff" doesn't work in a large corporate environment (where you'll be doing most of your testing). Lots of layers there you'll need to be able to relate to.....
  • McxRisleyMcxRisley Member Posts: 494 ■■■■■□□□□□
    Ah, everybody wants to be a pentester!

    Don't forget - after you hack into my company, I'm going to ask you how the heck to patch the holes you found. Knowing how to break something is only half the battle - if you're working for the good guys you're going to need to know how to fix those things, too. And just telling people to "patch your stuff" doesn't work in a large corporate environment (where you'll be doing most of your testing). Lots of layers there you'll need to be able to relate to.....

    This x1000. Perhaps I need to make a post titled "So you wana be a pentester huh?" to enlighten some of the hopefuls here. People need to realize what all actually is involved in pentesting. The cool stuff that you see at cons and in podcasts...... yeah you can forget about that and start thinking REALLY REALLY REALLY hard about how much you like documentation because pentesting is really only around 10%-15% pentesting and the rest is a massive never ending mountain of paperwork. Prime example of why most wont make it or never follow through with pentesting, the report that is OPTIONAL for PWK....just read through the countless wrtieups and reviews and count just how many of them actually did both reports. I think you will find that number to be very small. That report is as simple and watered down as it gets for a pentest report and it is in no shape or form anything that I would consider acceptable to hand over to a client after a test. That being said, I realize that the report is just there to familiarize students with the entire pentesting process BUT you better be loving it the whole time you are writing it or else that is a very good sign that pentesting is not for you. Sure you'll get to "pwn some noob companies network" BUT it won't be as glamorous as you think. Yes, there are those tests that are fun and you will see and learn some "neat" stuff but that's rarely the case.
    I'm not allowed to say what my previous occupation was, but let's just say it rhymes with architect.
  • nisti2nisti2 Member Posts: 503 ■■■■□□□□□□
    After Sec+ you can apply for the Cisco Scholarship to get CCNA Cyber Ops for Free. (That's what I'm doing).
    2020 Year goals:
    Already passed: Oracle Cloud, AZ-900
    Taking AZ-104 in December.

    "Certs... is all about IT certs!"
  • someperson49someperson49 Member Posts: 82 ■■■□□□□□□□
    Is the Cisco Scholarship still available, do you have a link ?
  • nisti2nisti2 Member Posts: 503 ■■■■□□□□□□
    Hi @someperson49,
    Just register and follow the steps so you can be in the Cohort6:

    https://mkto.cisco.com/security-scholarship

    Regards,
    2020 Year goals:
    Already passed: Oracle Cloud, AZ-900
    Taking AZ-104 in December.

    "Certs... is all about IT certs!"
Sign In or Register to comment.