Search
-
Re: CCNP vs CISSP- need guidance
You must understand that within infosec there are a wide range of distinct roles, all of which have associated technical certifications. C|EH/GPEN/OSCP for pentesters and for secops/engineers who do security assessment/hardening; CISA for auditors; E|CSA/GCIH/GCIA for sec analysts/incident response; and so on. You have… -
Re: Advice on possible security career
I work as a network security engineer and it's the busiest job I've ever had. I don't see how this could be a declining career path at all. "Network security" encompasses many things from infrastructure to services and applications and there's a lot of emphasis at the moment on web apps. It may be substantially more… -
Re: My Cyber Security job search experience so far - Wish I had known this earlier.
@OP Like JDMurray (and maybe others.... I skimmed) mentioned Certs with no DIRECT EXPERIENCE are just going to get you a first round interview, maybe, MAYBE an on site. What I DO get the impression of if that you might be trying to pass yourself off as a heavy experience (I'd call 8+ years heavy/senior) candidate, and not… -
Re: GIAC Certifications
Yes, but a single GIAC certs is not so as powerful as a single CISSP cert. Usually on job, you would often seen 'GIAC' as an requirement but not a specific type. GIAC is a technical hands on type of certs, but most job are looking at CISSP for compliance work. However, in certain fields, Pentesting, Forensics, Intrusion… -
Re: Security role for UNIX/Linux engineer?
Having Linux background isn't that good for InfoSec, sorry to say that. Let me break down your wish list: - System auditing and vulnerability scanning The thing is, majority of older enterprises are on Microsoft ~85%, same with many home users and because of that in majority of cases they are the targets for hackers. Check… -
Re: Unnecessarily and deeply explained subjects in CISSP All-in-One Exam Guide, Sixth Ed.
Well I already have almost 8 years of experience with more than 2 domains but the thing you are wrong is that security domains remain the same but the technologies change, you are right about sticking to a single or 2 technologies but I was referring to being specialized in domains. Vulnerabilities will always exist and… -
Re: What is true about cryptanalysis?
Well, I'm not exactly satisfied with this explanation and i'll break it down below. Why would I not pay attention to this word if it was purposely put there by the author? Tool in cybersecurity has a pretty clear meaning and it is hardly a "knowledge" in any form, not a "process" or set of processes, not a set of… -
Confessions of a Web Security Student
Web Security has always been a favorite of mine…oh the thrill of uploading a webshell, controlling a browser through xss, thinking about all the possibilities from credential theft to social engineering, keylogging, clickingjacking, bypassing two factored vpn, complete server compromise…Exploiting web application flaws is… -
WAPT course from ine.Com
I enrolled on ine.com on WAPT and im really disapointed about some exercises... The exercises statement arent clear at all or simply not related at all with the lesson!! Before i must say, they have the good idea to ask you if you are still connected to the lab every 45min, but not on the lab page, no on the main site, and… -
Re: GSE Practical Exam Preparation
Hi Flamm, Welcome to the forum and I don't think much people can answer you. There isn't anyone here with GSE. I hope you can bring back one and share with us! However, I have been researching about this GIAC GSE stuff, reading the official presentation and gathering various tips. At a glance at your query, while I do not…
>1616 results