+ Reply to Thread
Results 1 to 9 of 9
  1. Senior Member
    Join Date
    Feb 2017
    Posts
    107
    #1

    Default Going round in circles

    I'm looking to move into an IT Security role and possibly at some point maybe PenTesting which I have an interest in and some developing skills.

    Currently I work in digital forensics but I do have some basic scripting and programming skills (Python, Shell Scripting, PHP) and I'm very confident with Linux.

    I'm an ex web developer too so my knowledge of that side is fairly decent.

    ...

    I'm going round in circles though. I'm pretty eager to just book an exam in and get started.

    - I did plan to start OSCP in September but that's a lot to learn and I feel it's a very tough challenge, particularly for the first cert.

    - I had done some preperation for CEH and so I thought I'd do that instead

    - As I work in digital forensics I thought I'd then move straight onto CHFI which shouldn't be too huge a challenge as it's what I generally do day-to-day and all my training courses have been in that subject area

    - I've now seen Network+ is a good starting point and with my current knowledge I could probably pass with some hard study over a 4-6 week period... and the exam is more affordable too

    - I also considered Linux+ as I already have a good knowledge of it

    - I also considered the MCSA as work agreed to fund the exams but I'd have to self-study. This is a ton of work though as my knowledge of server admin on Windows is basically nothing

    ...

    As you can see it's a real mess really. I'm keen to get some official certs on paper and to just start. The CEH costs a fair bit but as you know it's valued by HR and Recruiters so a good place to start... and I could move onto CHFI after

    I think I'm basically a bit torn between Starting with Network+ (which doesn't seem at all of value in job hunting)
    OR
    Going CEH/CHFI instead


    Sorry for the long post but just really confused atm
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  2. SS -->
  3. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    880

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #2
    everybody wants to be a pentester! honestly you're all over the map with those listings. linux+ & network+ listed in the same topic as OSCP or CHFI isn't a good start. if you don't know the basics, don't bother with OSCP, and instead tackle network+ > linux+ > security+ > another security cert of your choice. comptia certs have the benefit of being cheap to study for ($30 books)
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Feb 2017
    Posts
    107
    #3
    Quote Originally Posted by 636-555-3226 View Post
    everybody wants to be a pentester! honestly you're all over the map with those listings. linux+ & network+ listed in the same topic as OSCP or CHFI isn't a good start. if you don't know the basics, don't bother with OSCP, and instead tackle network+ > linux+ > security+ > another security cert of your choice. comptia certs have the benefit of being cheap to study for ($30 books)
    Well, I know I am all over the place, that was the whole point of making this thread, to vent my mixed up mindset. I don't think I fall into the category of not knowing the basics but I understand your point about working up to the OSCP as I know it is tough.


    I did notice the lower cost of the Comptia certs so will give it some thought.
    My Aims
    2017: OSCP
    2018: CISSP & MCSA
    2019: New Job!!!


    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Sep 2016
    Location
    VA
    Posts
    454

    Certifications
    CISSP, PMP, CCNP, FITSP-M
    #4
    I'm not a fan of the CEH but work on Network+ and Linux before chasing the OSCP, I'd also throw in some edumacation on Python as well. Then maybe consider doing the eJPT as a stepping stone to the OSCP.
    2017: CCNP (done), FITSI-M (done) CCIE Written
    2018: CCIE R/S
    2019: VCP (DCV/NV), OSCP
    2020-1: MBA
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Apr 2017
    Posts
    325
    #5
    I've heard CEH isn't even remotely close to being a pentesting cert. Only reason I would get it is because of bypassing HR filters.

    Like EANx said, go for eJPT. Many other TE members have had great experiences with it and it's very affordable.
    Reply With Quote Quote  

  7. Darth Lord of the Sith ITSpectre's Avatar
    Join Date
    May 2016
    Location
    The Normandy/ DMV
    Posts
    994

    Certifications
    Sec+, MTA, MCP
    #6
    Honestly you need to create a roadmap of where you want to go, what you want to do, and how to get there....
    First I would sit down with yourself in a quiet place and think about what you want to do... what interests you, and where do you want to go... then I would research your path to your prize....

    Networking - Net+, CCNA,
    System Admin - MTA, MCP, MCSA
    Infosec - Sec+, eJPT, OSCP, or Sec+ CASP, CSA+
    Linux Admin - Linux+, RHCSA

    Study the boards... I used to be all over the place myself, but I had to sit down and really think about where I wanted to go and how I was going to end up there. When you do that... it helps to keep you focused on what you want to do.... trust me it helps out a lot
    In the darkest hour, there is always a way out - Eve ME3
    “The measure of an individual can be difficult to discern by actions alone.” – Thane Krios
    Reply With Quote Quote  

  8. Member
    Join Date
    Nov 2016
    Location
    Iowa
    Posts
    67

    Certifications
    OSCP, CISSP, Sec+
    #7
    Certs have two purposes: To add to your resume to get interviews (sort of in lieu of a body of experience), or as a vehicle for you to learn something. Linux+ probably won't teach you much, but it'll look good (somewhat) for entry level stuff that involves Linux. OSCP you're going to learn a ton from, for instance. To be completely honest, OSCP is an entry level pen testing cert, though it builds on skills that are not necessarily entry level general IT skills. Look for reviews on that and start studying. Even if you don't end up doing OSCP, what you study will be directly applicable to pen testing overall. But I'd say try the OSCP when you have time and money to devote to it.
    Reply With Quote Quote  

  9. Member
    Join Date
    Jan 2017
    Posts
    96
    #8
    network+ > linux+ > security+

    This.

    At least to start.
    Reply With Quote Quote  

  10. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    426

    Certifications
    LFCS, GCIH, eJPT, CCNA, CAPM, Sec+, Net+, A+
    #9
    If I were you I'd do the eJPT then the CEH. Then apply.

    CEH for the resume, eJPT to actually learn something useful. Your web dev & forensic background is a strong plus on your resume for a security career path. Add the CEH and you should be able to land at least a security analyst role. After landing the job you can then pick other certs.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks