+ Reply to Thread
Results 1 to 14 of 14
  1. RT8
    RT8 is offline
    Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    4
    #1

    Default Windows Admin seeks helps on Security certs

    Hi Team,

    I am just a beginner started to explore InfoSec and trying to shape up my career.

    Myself with 10 years of experience in Active directory/PKI/Azure and IAM products like FIM, little bit on Oracle Identity manager. I have MCSA/MCSE/MCITP and 70-533. My current designation best describes as Sr. IAM expert with good proficiency in AD/PKI.

    Since then gain knowledge in PKI, I have been thinking to route the career into InfoSec pathway but unfortunately don't have enough experience yet.

    Further consult with peers/research including TechExams forum, I believe securing CISSP certificate which is the golden ticket to the InfoSec and might also weighs me of getting job.

    My personal interest is to have CISSP + CCSP (since already have experience in Azure and have decided to spend good time to learn other cloud provider technologies) which accelerate to become a Cloud Security specialist/consultant in say 2 to 3 years!

    I am not a programmer and my academic is on Electronics engineering so I’m not looking to crack Ethical hacking/Forensic (I believe it does need programming/code knowledge)

    I may be wrong assuming things as InfoSec is broad domain, hence yours expertise advise on which certs are better considered, what are the possible career path I could look at and anything on this would be highly respected


    Many Thanks,
    RT8
    Reply With Quote Quote  

  2. SS
  3. Senior Member Phalanx's Avatar
    Join Date
    Apr 2017
    Location
    UK
    Posts
    320
    #2
    Actually interested in this thread, as I'm in the same boat, with no coding background but a growing interest in security. Be interesting to see what veterans of the sector think.
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation
    Client & Security:
    MCSE: Mobility | MCSA: Windows 10 | MCITP: Windows 7
    Server & Networking:
    MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Currently Studying: Project+
    Reply With Quote Quote  

  4. Achieve excellence daily
    Join Date
    May 2012
    Location
    Washington State
    Posts
    1,415

    Certifications
    CISSP
    #3
    I think you are on the right track. You might look at some of the Amazon cloud studies as well.
    When you go the extra mile, there's no traffic.
    Reply With Quote Quote  

  5. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,697

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #4
    CISSP is always a good goal to get. For experienced windows guys with AD experience I would also look into powershell hacking and active directory hacking. Those two are hot items right now and should come easy to experienced windows guys.
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), eCPPT (obtained), OSCP PWK (in progress), SpecterOps: Adversary Tactics Red Team OPS (Blackhat 2k18 ), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  6. Senior Member Phalanx's Avatar
    Join Date
    Apr 2017
    Location
    UK
    Posts
    320
    #5
    Quote Originally Posted by chrisone View Post
    CISSP is always a good goal to get. For experienced windows guys with AD experience I would also look into powershell hacking and active directory hacking. Those two are hot items right now and should come easy to experienced windows guys.
    Are there certifications to go with this, even if it's only part of the certification, or is it a skillset that is asked for but not certified?
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation
    Client & Security:
    MCSE: Mobility | MCSA: Windows 10 | MCITP: Windows 7
    Server & Networking:
    MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Currently Studying: Project+
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    May 2006
    Posts
    2,159

    Certifications
    CISSP, CCSP, CCNA Cyber Ops, eJPT, ITIL,PA ACE,Qualys Certified Specialist, A+
    #6
    Quote Originally Posted by Phalanx View Post
    Are there certifications to go with this, even if it's only part of the certification, or is it a skillset that is asked for but not certified?
    they are included in the MCSA/SE tracks but obviously learning enough to pass an exam is not the same as being a guru in PowerShell scripting. Just learn as much as possible and expand your knowledge of PowerShell scripting.
    Reply With Quote Quote  

  8. RT8
    RT8 is offline
    Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    4
    #7
    Yes, that is definitely in the to-do list. Thank you!
    Reply With Quote Quote  

  9. RT8
    RT8 is offline
    Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    4
    #8
    This is a good spot! will include it in the bucket. Thank you!

    So, in short having CISSP+ CCSA + PowerShell provides an edge in the security world. Thank you all for you valuable advice
    Reply With Quote Quote  

  10. Senior Member rwmidl's Avatar
    Join Date
    Dec 2009
    Location
    World-wide Availability
    Posts
    783

    Certifications
    CISSP, CISM, ACSS, ACIS, MCSA:2008, MCITP:SA, MCTS x 4, MCSE W2K, MCSE: Security, MCSA W2K, MCSA: Security, MCP x Alot, Security +,
    #9
    I came from a similar background as you so here are my thoughts.

    - Sec+ = good intro level security certification
    - CISSP
    - if you can afford it, look hard at SANS SEC505, Securing Windows and Powershell and then test/take the GCWN.
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
    Reply With Quote Quote  

  11. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,697

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #10
    Quote Originally Posted by Phalanx View Post
    Are there certifications to go with this, even if it's only part of the certification, or is it a skillset that is asked for but not certified?
    There are no Microsoft certifications based on the subject of powershell hacking or active directory hacking.

    Several teams offer powershell/active directory hacking courses.

    SpecterOps.io - pretty much the pioneers and gurus of PS/AD hacking taught by the creators of (Bloodhound, Empire, PowerForensics, PowerSploit)
    www.SpecterOps.io
    Trimarc "Sean Metcalf" - Is another genius pioneer in AD security training .
    https://www.trimarcsecurity.com/training - https://adsecurity.org/
    eLearnSecurity - Their PTX course/certification has some red team adversary tactics that go into active directory hacking but nothing as advanced as Sean Metcalf or the SpecterOps crew.
    https://www.elearnsecurity.com/cours...sting_extreme/
    Pentester Academy - had an active directory attacks for red/blue team course at blackhat.
    https://www.blackhat.com/us-17/train...lue-teams-5727
    http://www.pentesteracademy.com/course?id=21
    http://www.pentesteracademy.com/course?id=35


    There is really no big brand certification in regards to powershell hacking and active directory. I would gladly give up all my certs if I knew what these guys know about hacking with PS/AD. The skill and demonstrating it is more important that a certification. Id rather write a white paper or two about the topic and use that as my certification.
    Last edited by chrisone; 01-04-2018 at 03:04 PM.
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), eCPPT (obtained), OSCP PWK (in progress), SpecterOps: Adversary Tactics Red Team OPS (Blackhat 2k18 ), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  12. Senior Member Phalanx's Avatar
    Join Date
    Apr 2017
    Location
    UK
    Posts
    320
    #11
    Thank you chrisone. Which of those sites would you recommend for someone starting into the training of it? I'm looking more at SpecterOps right now.
    Data Privacy & Project/Service Management: PECB GDPR DPO/Practitioner | ITIL 2011: Foundation
    Client & Security:
    MCSE: Mobility | MCSA: Windows 10 | MCITP: Windows 7
    Server & Networking:
    MCSA: Windows Server 2016 | MTA: Networking Fundamentals
    Currently Studying: Project+
    Reply With Quote Quote  

  13. Senior Member 636-555-3226's Avatar
    Join Date
    Jul 2015
    Posts
    935

    Certifications
    Lots of security certifications, yet the more I learn, the further I have to go...
    #12
    I always recommend newbies start with Security+. A good, 101-level, broad introduction to most things infosec-related. Once you've got that under your belt you'll have a good idea of what interests you and which rabbit hole you want to go down.
    Reply With Quote Quote  

  14. Senior Member chrisone's Avatar
    Join Date
    Nov 2009
    Location
    Los Angeles
    Posts
    1,697

    Certifications
    eCPPT, CISSP, CCDP, CCNP R/S, CCNP Security (Secure,FW), LFCS, CEH, PA ACE
    #13
    Quote Originally Posted by Phalanx View Post
    Thank you chrisone. Which of those sites would you recommend for someone starting into the training of it? I'm looking more at SpecterOps right now.
    SpecterOps is a very good place to start. For starters I would check the tools they created, read and get the general idea of what each does, then get deeper into how to use them. As you get into "the how" of using these tools you come across technologies such as powershell and active directory that you will have to do further research on. For instance I am getting into Bloodhound so I had to pick up other books to read up on Active Directory and using powershell to manage active directory. These are things maybe a seasoned Microsoft guy knows and have a better understanding than myself.


    Will (harmj0y – security at the misfortune of others) and (Sean Metcalf - https://adsecurity.org/) I would say are leading the area of AD security/pentesting.
    Empire (Powershell hacking) - https://github.com/EmpireProject/Empire
    Bloodhound (Active Directory)- https://github.com/BloodHoundAD/BloodHound/wiki

    Matt Greaber is a Genius in Powershell Pentesting and leads the SpecterOps Powershell adversary tactics course - https://github.com/mattifestation
    http://www.exploit-monday.com/
    https://twitter.com/mattifestation?r...Ctwgr%5Eauthor


    Jared Atkinson (Invoke-Ir - Genius at Forensics/PS Pentesting) - http://www.invoke-ir.com/ , https://twitter.com/jaredcatkinson?r...Ctwgr%5Eauthor
    Powershell Forensics - https://github.com/Invoke-IR
    PowerForensics - https://powerforensics.readthedocs.io/en/latest/
    PowerSploit (Like MetaSploit, but powershell ) - https://github.com/PowerShellMafia

    Lee Christensen (PowerShell and Cobalt Strike Pentesting Genius) - https://twitter.com/tifkin_
    https://github.com/leechristensen/

    I am not a windows guru and I felt lost many times during these courses and classes. I was recommended Windows Internals and I am going over those now. Truth be told, I am going to circle back towards these courses in order to solidify the areas I struggled with.

    Pretty awesome to map out Active Directory vulnerable attack paths and show management.
    https://blog.stealthbits.com/wp-cont...tack-Graph.png

    SpecterOps company was announced at blackhat/defcon 2017. They are an allstar team of guys who built tools and worked at other companies that formed like voltron to create SpecterOps lol
    https://specterops.io/who-we-are/the-team

    I had to add and give credit to many of the guys who have seen my face, they would kill me if I didn't give them credit hahaha
    Last edited by chrisone; 01-04-2018 at 07:08 PM.
    2018 Goals: SANS Advanced Security Essentials - Enterprise Defender (complete, not going for cert), eCPPT (obtained), OSCP PWK (in progress), SpecterOps: Adversary Tactics Red Team OPS (Blackhat 2k18 ), SLAE (October Start), OSCE CTP (DEC Start)
    Reply With Quote Quote  

  15. RT8
    RT8 is offline
    Junior Member Registered Member
    Join Date
    Jan 2018
    Posts
    4
    #14
    Sorry for the late reply. Many Thanks for enlightened lots o details. Thank you!
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks