Hello, new college user! Life road question.

inc0mpleteinc0mplete Member Posts: 36 ■■□□□□□□□□
Hello all! I am nearing my last year of college with a B.S in IT with a concentration in Security. I am coming to a point in my life where I realize there aren't very many security jobs (practically non existent) for a college graduate. Most are looking for some kind of networking experience. I plan on taking my CEH and hopefully someday my CISSP. But before I cross those bridges, which would benefit me more? MCSE or CCNA?

I have a pretty good understanding of networking (including OSI, TCP/IP etc.) and limited knowledge in Routing protocols. A strong (probably my best) grasp of programming (practicing reverse engineering, exploit development) but it seems programming doesn't seem like a requirement for any respectable security job.

So one again, which would put me in the path to become, hopefully, a security auditor? More System administration? Since it deals with setup up and configuring perhaps an AD environment ( which has potentially many security flaws if done incorrectly) or Network administration; ditto with the flaws if a router/switch is setup incorrectly.

Thank you and I hope to learn a lot from here and give back from what I have gained!
Security+ -> Studying.
CCNA-> Studying - GNS3 and building up equipment slowly for CCNP.:lol:
MCSE 70-290 -> On Hold.

Exploit Bank: 0
InProgress: 1

Comments

  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I don't think it's so cut-and-dry when you're looking at systems vs. networking. Attacks going to/coming from systems still traverse the network, and it will be important to understand how those attacks work, set up IDS/IPSes, etc. I would say getting both of those certifications would potentially be useful to you (and both have security specializations as well).

    If you're interested in programming, you might want to look for a position that's geared more towards research.

    If you're interested in pentesting, check out the OSCP as well.
  • inc0mpleteinc0mplete Member Posts: 36 ■■□□□□□□□□
    Thank you for the speedy response. Is the OSCP as recognized as the other Infosec. certs? And which would be more likely to land me a security job? I enjoy security in all aspects, whether it be application security to system security. But perhaps you're correct that it's not so black and white. Maybe i'll start with my MCSE and work my way to MCSE/A security and CCNA CCSP.

    Furthermore, from independent research, it seems that Application security doesn't seem to have many job opportunities. Maybe a government job? So I guess my best bet would be to get my feet wet with System administration and setting up AD. Then branch out from there.
    Security+ -> Studying.
    CCNA-> Studying - GNS3 and building up equipment slowly for CCNP.:lol:
    MCSE 70-290 -> On Hold.

    Exploit Bank: 0
    InProgress: 1
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Security usually isn't something someone just jumps directly into, so starting as a systems/network administrator is probably a good plan.

    As far as certs like OSCP go, it really depends on what you're interested in. That would be a great one if you're interested in pentesting. However, it's extremely focused on that area, so if you're interested in a different aspect of infosec, it probably wouldn't be worth your time.

    Also, between the CCNA and CCSP, there is a CCNA: Security (it's a prerequisite for the CCSP).
  • inc0mpleteinc0mplete Member Posts: 36 ■■□□□□□□□□
    Thank you very much! You have been very helpful. After reading more in the InfoSec. subforum, which I should have first ( forgive me, i'm doing the tedious summer college Entry level IT job...They call it "data entry" lol) but lacked the time. But from reading posts, I am prepared to get my MCSE, MCSE:security, CEH, OSCP, etc.

    I look forward to conversing with you and other security enthusiast in the InfoSec. Forum!

    Post-Script: I think I found my new home right here on Techaxams.net :D
    Security+ -> Studying.
    CCNA-> Studying - GNS3 and building up equipment slowly for CCNP.:lol:
    MCSE 70-290 -> On Hold.

    Exploit Bank: 0
    InProgress: 1
  • wastedtimewastedtime Member Posts: 586 ■■■■□□□□□□
    Some other stuff you may want to check out would be Information Security Certification from GIAC which is done through the Sans institute. Over the last few years the DoD (Department of Defense) has even implemented a few of them into its requirements for some DoD Jobs. As far as the DoD goes you can look at http://www.dtic.mil/whs/directives/corres/pdf/857001m.pdf for info. (page 92 for the chart)

    I am sure you will get a few answers on your question as this area of IT seems to be overlapped by certifications in all areas.
  • janmikejanmike Member Posts: 3,076
    Welcome, inc0mplete!

    My opinion: go for the CCNA right away. CCNA is one exam, and MCSE is, I think, 7 exams. That way, you will have a widely recocnized Cisco cert. The MCSE can be earned over a longer span of time--you should have it too.

    Boils down to: you HAVE to know networks very well to secure them!

    Good luck!
    "It doesn't matter, it's in the past!"--Rafiki
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    janmike wrote: »
    My opinion: go for the CCNA right away. CCNA is one exam, and MCSE is, I think, 7 exams. That way, you will have a widely recocnized Cisco cert. The MCSE can be earned over a longer span of time--you should have it too.

    At the same time, one Cisco exam isn't exactly comparable to an MS exam in terms of time, content, difficulty, equipment, etc. ;)

    I do agree that one should be able to get through the CCNA significantly faster than the MCSE though.
Sign In or Register to comment.