NOC-Ninja wrote: » Click the "Search" button first at the top right button. JDMurray has a link that lists security certifications. I don't want to be mean but how are you going to survive in IT if you cant even search on your own? You will have to Google/search any Security/networking/system problems that is not in the book. Now to answer your question, start with: "CompTIA Security +"
rob1234 wrote: » Don't worry about being mean I am survivng in IT very well. I thought about the Security + but I am after a cert that will help me progress in the IT security world I have a lot of IT certs a few CompTIA ones but they are not that great I feel. I am thinking of doing the CISSP that looks a good security cert.
docrice wrote: » Which certs do you already have? You might want to list them in your profile so the rest of us can see where you're coming from. There are also a couple of stickies at the top of this forum which can shed some insight on this subject, as it comes up often. When I see people talk about "getting into security," I have the impression they often refer to the offensive side like pentesting, etc. which has its allure. You also have the usual areas like firewall / IDS / endpoint security, policy management, general risk assessment, physical security, code reviewing, malware analysis, design and architecture, etc.. This will be based on what your current view of things are and where you see yourself going. The one common factor, however, is that no one is going to really hand you all the answers because many times you'll have to research on your own for your particular situation. Like in the real world, everyone's requirement is different and you'll have to tailor things to fit your needs. As a consultant would no doubt say, "It depends..."
rob1234 wrote: » Hi, My current certs are: A+ N+ MCDST ITIL v3 MCTS: Windows Vista MCTS: Windows 7 MCSA MCITP: Enterprise Desktop Support Technician 7 I also have a degree in Business Information systems. I have been working in second line IT Support for 5 years I am based in the UK. I am wanting to move in to the security side of IT and my security director told me I should go for the CISSP. I do not have the 5 years experience needed but I could become an assoicate and build up the experience from there I was thinking.
veritas_libertas wrote: » Another option is the SSCP which only requires a year of experience.
rob1234 wrote: » I considered that but that looks more technical and I am wanting to move more to the management side of things like creating secuirty policies.
JDMurray wrote: » How about ITIL and ISO 27001 certs?
kriscamaro68 wrote: » Why not take something like the Security+ or, SSCP to see if you like what security has to deal with on a day to day basis. Also, they take 1 year of reuired experience off for the CISSP so I see no reason not to take one of them. Having a well rounded knowledge of security is only going to help you in management. If someone you manage on your security team comes to you asking to implement a network based IDS and, you have no idea what it is or how it works how then, will you be a good manager. Its not just knowing keywords and how to calculate risk etc. its also knowing how systems and networks are vulnerable and how to prevent attacks as well.
