Little help to start off

PerfectcellPerfectcell Registered Users Posts: 1 ■□□□□□□□□□
Hi Everyone ,

I am planning to do security+ but i dont have any prior experience in Infosec field . But i do have 7 months exp as a Application Penetration tester ( just reviewing the source code for any XSS or XPath vulnerabilities ) . Is it fine to go ahead with the certification or do i have any alternatives (had CEH in mind ), so that i can go as a tester as well as in Infosec field .. Little help will be much appreciated.


  • cyberguyprcyberguypr Senior Member Mod Posts: 6,927 Mod
    Welcome to TE. Sec+ is definitely the place to start if you don't have InfoSec experience. It will give you a glimpse into what the Security arena entails.

    Do yourself a favor and get this book: CompTIA Security+: Get Certified Get Ahead: SY0-301 Study Guide: Darril Gibson: 9781463762360: Books

    Also make sure you search here and post any questions you may have.
  • naftalirnaftalir Member Posts: 38 ■■□□□□□□□□
    im 17 and i recently took the Security+ and passed.
    i did not have a lot of info sec knowledge and i did not think the exam was hard, i dont think its smart to jump straight for the C|eh or more advanced certificates especially if you don't have experience in networking (if your good with networking you should still do the Sec+ as it really helps with more advanced certifications).
    What i would recommend to do to prepare for the exam is:
    1. Get the book cyberguypr said it really is a good book and will help you with other info sec certifications.
    2. go to the professor messer website (the videos/course is completely free and a simple google search will get you there). watch his Free Security+ videos and if u get stuck on the networking parts just look at his Network+ videos on the topic you stuck at.
    3. I found the "The basics of hacking and Penetration testing" book (check it up on amazon) to be a real help with Sec+ and especially now on the C|eh, as it will give you a Good introduction to hacking and types of attacks you will see on the Security+ and C|eh (if you end up taking it instead/After the sec+).

    the reason i think the Security+ is better taking before other info sec certifications is because Security+ is all theory, and if you learn theory before you do more advance/practical info sec certification like the C|eh or OSCP you will have a way better understanding and background then if you jump straight into the more advanced/practical certs -just my opinion. :)

    Good luck!!!
Sign In or Register to comment.