+ Reply to Thread
Results 1 to 11 of 11
  1. Senior Member
    Join Date
    Dec 2005
    Location
    MA
    Posts
    112

    Certifications
    A+ Network+ l ITIL V3 l DCSE
    #1

    Default After security+ what is the next step up?

    From what I understand Sec+ is considered to be an entry level security exam, although it is still difficult. But once one has obtained it what would be the next logical sec exam to take? Would it be CEH?
    Reply With Quote Quote  

  2. SS -->
  3. Security Tinkerer
    Join Date
    Sep 2004
    Location
    I'm conviced, we all live in the Matrix.
    Posts
    1,228

    Certifications
    CISSP,,CCSP,CNSS-4013+4011,MCT MCSA2K3,CWNA MCSE2K3:Sec LPT ECSA CEH CHFI,CCNA CS-CFW, CCIE-Sec/Written, etc..
    #2
    It would in part depend on where you want to end up. I would suggest either gaining some level of expertise in an OS area first, whether it be Linux, Unix, Windows or whatever OS you currently have experience in. For example maybe MCSA:Security to start with, then look at C|EH. The fact of the matter is, to truely be effective when it comes to penetrating a system, intimate knowledge of that particular system is key. I started with Linux security, so jumping to Windows security was a smooth transition. Do the same with networking. For example, gain some experience/knowledge with Cisco routers and firewalls. Then either obtain respective certs in that area, or at the least, aquire the knowledge required for those respective certs. Examples would be the Cisco Pix/ASA specialist stuff.

    Bottom line, trying to understand the security of any OS or device without first understanding the workings of that OS or device puts you at a severe disadvantage and even makes you as the attacker/pentester/security professional vulnearable. Imagine trying to do a physical security recommendation for convention center without seeing and understanding a blue print of the place and knowing where all the doors are. And to top it off, you have no idea how human traffic flows in, out, and through the place. I've seen a many pentests fail horribly simply because the tester lacked sufficient knowledge concerning the particular system he/she was trying to attack.

    Also you really need to decide if you're going to be a generalist, or a specialist. I'm seeing the IT security industry do like the medical field and branch off in to areas of speciality. IDS/IPS, Peremiter Security, Windows Security, Application Security (databases, OS's, web app, etc), Firewalls, or Forensics, just to name a few. Here's a couple of recommendations I have.

    1. MCP (270 or MCDST)

    2. MCSA (Security+ as one of your electives)

    3. MCSA:Security

    4. MCSA:Messaging (Messaging security is a concern)

    5. MCSE (understanding the processes and considerations engineers go through when designing an infrastructure and AD environment has proven to be valuable to me more than once, while conducting pentests.)

    6. CWNA - If you're going to be taken seriously, you need to know something about wireless (other than how to setup the linksys you bought from Bestbuy)

    7. SSCP (If you meet the experience requirements by this time)

    8. CISSP (If you meet the experience requirements by this time)

    9. C|EH (C|EH fits nicely as an add on to CISSP as in getting more specialized. People forget that CISSP is a very generalized cert. By now you will have started to either conduct, participate in or oversee pen tests) The management slant of the CISSP will equip you for always seeing the big picture in theses tests and assesments, while the C|EH knowledge will prove helpful in laying out a tactical pentesting methodology for your team.

    10. CWSP - Again wireless, wireless, wireless.

    11. CHFI- Forensics is rapidly growing, and you as a pentesting professional need to know what the forensics teams will be looking for. This does wonders in helping you "cover your tracks"

    Now keep in mind, this order DOES NOT reflect cert popularity or respect. If you have acces and/or experience with Cisco gear, you can stop right at number 5 and head off into the wild red yonder of the CCSP (and you'll certaily need to be on the Cisco forums with Mikej, darby, kenny and the rest of the experts there)

    My question to you would be what about security interests you and what about it makes you feel you'd be successful in this field?

    Just a hint to all job seekers out there, this is one of my favorite interview questions.
    Reply With Quote Quote  

  4. Questionably Benevolent Moderator Slowhand's Avatar
    Join Date
    Oct 2005
    Location
    Bay Area, CA
    Posts
    5,074
    Blog Entries
    1

    Certifications
    A+, Linux+, Server+, Security+, MCSA 2003, MCSA 2008, MCSA 2012, CCNA(expired), ITIL Foundation v3 (2011), VCP5-DCV, VCA-Cloud, VCA-DCV, VCA-WM
    #3
    I definately agree with keatron on this one, go and get up to speed on the types of systems you want to work with. (Well, when dealing with security, there's really no such thing as too much knowledge, so getting up to speed on a lot of things, not just what you want to do, might be a good idea.)

    I think the advice I got about where to go once I'm in my post-CCNA era says it best: "Go for CCNP before you do the CCSP. I know you want to do security, but you gotta know the network before you harden, or someone else will know it better than you.) I think it was good advice for me, and I'd say it's not a bad idea for anyone who wants to be a security professional. MCSE, CCNA/CCNP, LPIC, RHCE. . . all good things, especially if you're looking to secure those same types of networks/systems.

    -------------------------------------------------------
    ITHumidor.net - "Futuaris nisi irrisus ridebis"
    -------------------------------------------------------

    Free Microsoft Training: Microsoft Virtual Academy
    Free PowerShell Resources: Top 50 PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
    Reply With Quote Quote  

  5. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #4
    Just looking over this thread again and decided I would bump it since we keep getting so many question about what to do after the Security+.

    Thanks again Keatron...

    **bump**
    Currently working on: Resting
    Reply With Quote Quote  

  6. Senior Member impelse's Avatar
    Join Date
    Dec 2006
    Location
    Houston, TX
    Posts
    1,211

    Certifications
    CISSP, CEHv7, CCNA, Security+ 70-290, 70-291 CCNA:S
    #5
    Good post Keatron, there is not short way.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #6
    Related post: Security certification - where to start?

    One of the first things I did after joining TE was reading every one of Keatron's posts. Seriously.
    Reply With Quote Quote  

  8. Senior Member Super99's Avatar
    Join Date
    Apr 2009
    Location
    West Coast
    Posts
    271

    Certifications
    A+, Network+, Security+, MCP: 70-270, 70-290, CCNA R&S, CCNA Security, CCNA Wireless
    #7
    Then I'd say look into MCSE or maybe the Cisco certs?
    Reply With Quote Quote  

  9. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,654

    Certifications
    eCPPT, GPEN, GWAPT, GCIH, CISSP, CCNA (expired), MCTS
    #8
    Quote Originally Posted by dynamik View Post
    One of the first things I did after joining TE was reading every one of Keatron's posts. Seriously.
    Same here! I time to time (like today) go through and read his posts to keep my education plans sensible.
    Currently working on: Resting
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Feb 2010
    Location
    United States
    Posts
    392

    Certifications
    GSEC MCNE CDE CNE CNA NCA CLDA Linux+ A+ N+ P+ ACHD, Security+
    #9
    I'd think it would be depend on what you want to do and want to specialize.

    Maybe more advanced security certs?
    SSCP
    CISSP
    GSEC
    CEH

    Maybe other certs to round out your knowledge:
    Microsoft
    Linux
    CCNA

    I'm kinda looking more at specializing at Linux so,
    LPI
    SANS - Linux security
    Novell's Linux certifications
    Red Hat

    Also specializing in Identity Management and Directory services.
    Reply With Quote Quote  

  11. The Colosus of Clout Paul Boz's Avatar
    Join Date
    Oct 2006
    Location
    Baton Rouge, LA
    Posts
    2,607

    Certifications
    CCNP, CCIP, CCDP, CCDA, CCNA, CCNA Security, NSTISSI 4011, GSEC, GCFW, GCIH, GCIA
    #10
    You will not get very far into IT if you don't have a traditional skillset to supplement the security knowledge. You have to know how to build something before you can secure it. If you're a host/server guy start on some entry-level Microsoft certifications. If you lean towards networking, start on the Cisco track. You'll need a certain level of experience for many of the higher-level security certs so you really need to get these foundation skills to be able to get that experience.

    For some perspective, I started in IT focused 100% on networking and Cisco technologies. I was able to leverage this knowledge to get into employment positions which allow me to have an impact with security. If you don't have any experience in traditional IT what can you really do with security? You can't be any good at penetration testing if you don't know about servers and the networks they're connected to. You can't audit an IT environment if you don't know anything about how IT environments are supposed to be set up.

    After being in security for a while now I've come to realize something: If you don't have the experience or knowledge to back up security training, you don't really know anything. There are two types of security practitioners out there: Those that live in the real world and make impactful statements, and those that live in the fantasy world of text books.
    Reply With Quote Quote  

  12. Senior Member
    Join Date
    Jun 2009
    Location
    Canada
    Posts
    702

    Certifications
    Most Recent: CISSP & CCDA
    #11
    PHD = Piled higher and Deeper (after BS = Bull..., MS = More of the Same...)

    Oh and security sucks donkey balls most days. I was promised glamour and prestige I got reports and lectures.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks