Network certs advice please.

Big-JJBig-JJ Member Posts: 53 ■■■□□□□□□□
Hellow experts,

I would like to know how far I should go in terms of network certs. MY plan is to become info sec analysis/auditor. I have no plans to become a network admin.

My current plan is

Network+ --> CCENT --> CCNA --> ???

Any advice what I should go after CCNA or how far? CCNA would be overkill?

Cheers.

-J-
MBA, CIA, CRMA, CISA, CISM, CRISC, CISSP, PMP

Comments

  • Dr ITDr IT Member Posts: 351 ■■■■□□□□□□
    Your CERT Plans look ok and is logical - My Bet would be taking the N+ followed by the CCNA ( you can skip the CCENT " - this would be my choice )

    as after the CCNA you can jump on to the MS Bandwagon for some Win 7 Certs ( 680 or the 685 - depending on your Job Profile )

    Hope that helps
    Venturing in to the Unknown

    Target 2018 : SSCP VCP- DTM

    The Difference between the Ordinary and the Extra-Ordinary is that Little " Extra ".
  • lordylordy Member Posts: 632 ■■■■□□□□□□
    You should skip CCENT. It has no value, only CCNA does.

    If you are in the security field it might be a good idea to move from CCNA to CCSP. A CCxP is not easy to obtain but holds a lot of value.
    Working on CCNP: [X] SWITCH --- [ ] ROUTE --- [ ] TSHOOT
    Goal for 2014: RHCA
    Goal for 2015: CCDP
  • TurgonTurgon Banned Posts: 6,308 ■■■■■■■■■□
    lordy wrote: »
    You should skip CCENT. It has no value, only CCNA does.

    If you are in the security field it might be a good idea to move from CCNA to CCSP. A CCxP is not easy to obtain but holds a lot of value.

    I would go CCNA/CCNA security and then leave the Cisco tracks if you are not expecting to be doing detailed security work in the Cisco genre. You really dont need to know the internals of an ASA for a lot of security type work. That should be plenty on the tech side of the shop. You might look at a Microsoft security type certification so you have network and servers mostly covered.

    At the same time as all this you should be emersing yourself in the non vendor security specific tracks put together by the various bodies in the genre. Most important you should read a good deal and do some labbing.
  • DigitalZeroOneDigitalZeroOne Member Posts: 234 ■■■□□□□□□□
    lordy wrote: »
    You should skip CCENT. It has no value, only CCNA does.

    I would advice that you go for the CCENT first, the reason is because unless you have a very good background with Cisco equipment, going in and taking the CCNA is going to be much harder. Unless pricing is different in Canada, it won't cost you any more money to take the 2 tests separately. The only downside is of course you have to take 2 separate tests.

    Of course it's possible to go in and pass the CCNA without experience; but why make it harder on yourself?
  • lunchbox67lunchbox67 Member Posts: 132 ■■■■□□□□□□
    I would advice that you go for the CCENT first
    icon_thumright.gif
  • ChooseLifeChooseLife Member Posts: 941 ■■■■■■■□□□
    Big-JJ wrote: »
    MY plan is to become info sec analysis/auditor.
    ...
    CCNA would be overkill?
    At the minimum, CCNA-level knowledge is what you should have to be successful in InfoSec, IMO.
    “You don’t become great by trying to be great. You become great by wanting to do something, and then doing it so hard that you become great in the process.” (c) xkcd #896

    GetCertified4Less
    - discounted vouchers for certs
  • Megadeth4168Megadeth4168 Member Posts: 2,157
    The CCNA will give you a good sense of the basics regarding how Routing and Switching works. I think it would be a good idea to do the CCNA with the Security specialization and then, as mentioned, look into some server side certifications.

    If you are absolutely new to configuring routers/switches then I would suggest the CCENT > CCNA route.
  • raptur2000raptur2000 Member Posts: 26 ■□□□□□□□□□
    I agree. Skip CCENT
  • kurosaki00kurosaki00 Member Posts: 973
    raptur2000 wrote: »
    I agree. Skip CCENT

    Agree too, skip CCENT


    "No interest in being network admin"

    You shouldnt limit yourself like that. I'm pretty new to networking jobs per se, Only a few months as a network admin and maybe my opinion doesnt matter as much.

    But I wouldnt Hire an auditor without experience. You need to learn how things work, what goes wrong and get the hands on.
    I dont think most people go from entry level to Auditor in one jump.
    meh
  • N2ITN2IT Inactive Imported Users Posts: 7,483 ■■■■■■■■■■
    Skip Network + and the CCENT. CCNA and Security sounds like a winner to me.
  • brad-brad- Member Posts: 1,218
    I would start with CCENT, I dont know how everyone can suggest to skip it if we dont know his starting knowledge. If you already know it, fine, but if not, you need to do it for a couple of reasons. Most importantly, it will actually help you decide if info sec is something you enjoy or want to do.

    Assuming you like it, i agree with everyone else and you need to get the CCNA:S...but you also need to learn about firewalls...at least some flavor if not cisco.

    I would say skip the N+ no matter what tho.
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    Speaking as a security auditor for financial institutions... A CCNA is nice, but is not necessary. Your focus should be primarily on the CISA and CISSP. In my experience, 99% of the time, the networking knowledge required to pass those two exams is sufficient.
    Working on: staying alive and staying employed
  • instant000instant000 Member Posts: 1,745
    Big-JJ wrote: »
    Hellow experts,

    I would like to know how far I should go in terms of network certs. MY plan is to become info sec analysis/auditor. I have no plans to become a network admin.

    My current plan is

    Network+ --> CCENT --> CCNA --> ???

    Any advice what I should go after CCNA or how far? CCNA would be overkill?

    Cheers.

    -J-

    This thread was made for you:

    http://www.techexams.net/forums/security-certifications/28593-security-certification-where-start.html

    ^^^^ Especially read post #14.
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
  • instant000instant000 Member Posts: 1,745
    colemic wrote: »
    Speaking as a security auditor for financial institutions... A CCNA is nice, but is not necessary. Your focus should be primarily on the CISA and CISSP. In my experience, 99% of the time, the networking knowledge required to pass those two exams is sufficient.

    If you work as a security auditor, then you're probably one of the best pieces of advice here.

    Even with that said, I would advise the original poster to not shoot for the minimum of knowledge.

    On another point, any organization you work for should get audited at some point, volunteer for these if you can, and get a better feel for what auditors do.

    Also I would recommend getting involved in writing policies and procedures for your organization. (These need revising from time to time.) This will get you more familiar with rules and regulations that affect your operation, as well as get you exposed to the parameters against which you'll be audited.

    If you can get exposure to the policy and procedure side, as well as the auditing side, as well as the systems side, you should be well-rounded and ready to progress as an auditor .

    ... but ... I'm not an auditor, colemic is, so listen to that poster :D
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    LOL erep to you friend. :) You are right on track as well - certainly don't be content to do the minimum, I was speaking purely from a what-you-have-to-know perspective. I totally agree to get involved in the policies and procedures, and the risk management side especially. A firm understanding of risk (residual is important, don't really care about inherent, since that's what controls are for), the difference between the two, and seeing how they are mitigated is necessary to get the 'big picture' for what an organization is trying to accomplish and how it is protecting its assets.
    Working on: staying alive and staying employed
  • phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    Big-JJ wrote: »
    MY plan is to become info sec analysis/auditor. I have no plans to become a network admin.

    What exactly do you plan to analyze/audit?
  • instant000instant000 Member Posts: 1,745
    colemic wrote: »
    LOL erep to you friend. :) You are right on track as well - certainly don't be content to do the minimum, I was speaking purely from a what-you-have-to-know perspective. I totally agree to get involved in the policies and procedures, and the risk management side especially. A firm understanding of risk (residual is important, don't really care about inherent, since that's what controls are for), the difference between the two, and seeing how they are mitigated is necessary to get the 'big picture' for what an organization is trying to accomplish and how it is protecting its assets.

    Affirmed.

    Auditors often ask for "risk assessment", "policy and procedures" "disaster recovery plan" etc., etc., Would make sense to try to get experience doing this stuff, so you know what you're looking for, when you're auditing it one day in the future.

    Yeah, there's an audit for everything, LOL.

    Physical Security? There's an audit for that. Backups? There's an audit for that. Process credit cards? There's an audit for that. It's like the app store, except it's audits.

    But I must make this disclaimer: I'm not an auditor, but I have been audited (many) times. It kind of goes with IT. At my last job, our internal audits were quarterly, which meant that you had the next one coming when you were finishing up the after action review and mitigations on the current one. Also, we had external auditors, and it felt like we saw those guys 3 or 4 times a year, too. We petitioned for an extra employee, the auditing schedule was so heavy.

    And the only idea I had about the auditing being so heavy was because the parent company was going public, and our company was going public, too, so they wanted the books all flushed out.

    If quarterly (internal and external) isn't that frequent, then excuse me, but it felt excessive, considering I still had to do all the server/network/app/trouble ticket work also :D

    It was funny, whenever we got a new admin, we put them on audits :D.
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
  • colemiccolemic Member Posts: 1,569 ■■■■■■■□□□
    Seems a bit excessive to me but that could depend on what industry the business is in, was it driven by regulation or whatnot. i usually go 18 months between visits.
    Working on: staying alive and staying employed
  • msulemsule Registered Users Posts: 2 ■□□□□□□□□□
    hi i wanna work for an IT company but havent got any commercial experience. I have done 70-620 microsoft about 2 year ago now. then to break... i wanna do my certifications again and wanna start working in IT now. i am working towards my A+ and thinking about doing Network + after my A+. i wanna do some microsoft certifications after that. either MCITP server adminitrator or MCiTP desktop administrator. can somebody help me which way to choose to get a into job market in UK and will my 70-620 vista would be any help or i have to do all from scratch.
    Please help
Sign In or Register to comment.