+ Reply to Thread
Page 3 of 4 First 123 4 Last
Results 51 to 75 of 93
  1. Member rampage's Avatar
    Join Date
    Mar 2012
    Location
    Iran,Mashhad
    Posts
    48
    #51
    Hi everyone
    Thank you all especially keatron for this great information.Your suggestions are very useful.but i have a question:Are these security certificates useful for becoming a top-class hacker? if not what do you suggest for that?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member ChooseLife's Avatar
    Join Date
    Feb 2011
    Location
    runlevel 3
    Posts
    926

    Certifications
    BCSc Network Security, VCP, MCSA:Sec, CCNA:Sec, GIAC GSEC, Sec+, ITIL-f
    #52
    Quote Originally Posted by rampage View Post
    Are these security certificates useful for becoming a top-class hacker?


    Quote Originally Posted by rampage View Post
    if not what do you suggest for that?
    Learning how computers, networks, and systems work - reading and practicing, reading, learning, practicing... Architecture of different OSes, programming in multiple languages, hardware, networking, TCP/IP protocols, RFCs, databases, SQL, RDBMS. Reading, practicing, thinking, learning... Do it for some 5-10 years and you will be well set on the path to becoming what you aspire to be
    Reply With Quote Quote  

  4. Member rampage's Avatar
    Join Date
    Mar 2012
    Location
    Iran,Mashhad
    Posts
    48
    #53
    Thabks a lot
    Can you explain more,please?In which order i should study,how to practice....
    Reply With Quote Quote  

  5. Senior Member ChooseLife's Avatar
    Join Date
    Feb 2011
    Location
    runlevel 3
    Posts
    926

    Certifications
    BCSc Network Security, VCP, MCSA:Sec, CCNA:Sec, GIAC GSEC, Sec+, ITIL-f
    #54
    Quote Originally Posted by rampage View Post
    Thabks a lot
    Can you explain more,please?In which order i should study,how to practice....
    Mastering CS/IS takes multiple iterations, and a particular order is not important, though having general CS fundamentals, OS architecture principles, and network basics down first probably helps. Practicing is specific to whatever you're learning at the moment - could be writing "Hello World" in assembly or configuring a firewall ruleset.

    A top class hacker is "just" an expert in many different CS fields, so for the first 5-10 years the road is to be shared with those aspiring to be top class programmers, network engineers, DBA's, cryptographers... And by the time you have traveled the road long enough, you get a much better idea of what it's all about...
    Reply With Quote Quote  

  6. Member rampage's Avatar
    Join Date
    Mar 2012
    Location
    Iran,Mashhad
    Posts
    48
    #55
    Quote Originally Posted by ChooseLife View Post
    Mastering CS/IS takes multiple iterations, and a particular order is not important, though having general CS fundamentals, OS architecture principles, and network basics down first probably helps. Practicing is specific to whatever you're learning at the moment - could be writing "Hello World" in assembly or configuring a firewall ruleset.

    A top class hacker is "just" an expert in many different CS fields, so for the first 5-10 years the road is to be shared with those aspiring to be top class programmers, network engineers, DBA's, cryptographers... And by the time you have traveled the road long enough, you get a much better idea of what it's all about...
    Thanks again for this great information . This is very useful for me .
    Reply With Quote Quote  

  7. Member flt0nujr's Avatar
    Join Date
    Apr 2012
    Location
    ATL
    Posts
    63

    Certifications
    CCNA, CCNA Security, JNCIA, Security+
    #56
    I'm attempting to break into the Infosec career field. I recently passed my CCENT and Security+ certifications. I'm now trying to determine my next move in deciding which security cert to pursue. i no longer want to deal with ISP providers, troubleshooting circuits and
    I dont want to be locked into only Cisco. I'm looking at the following:


    1) SSCP
    2) CEH
    3) CCSA

    If you can offer any suggestions or opinions of the best possible path. I'm currently enrolled for an MS for Information Security Mgmt and my ultimate goal is to be either:

    Intrusion Detection Specialist
    Vulnerability Assessor
    Security Analyst
    Information Security Auditor
    Reply With Quote Quote  

  8. Junior Member Registered Member
    Join Date
    Oct 2012
    Location
    Chennai - India
    Posts
    4

    Certifications
    OCP - Java 6
    #57
    Hello Everyone!!

    I need some career advice from all the security gurus here. I am a Java based Web and Enterprise Application Developer with 5+ years of experience now looking to get into the field of Information Security. Will my previous experience as an Application Developer have any value add in the field of InfoSec?

    Please advise where to start with the certifications related to the InfoSec and the best certification path that i need to take with regards to my previous experience as an Application Developer.

    Thank You.

    Regards,
    emzee
    Reply With Quote Quote  

  9. Junior Member Registered Member
    Join Date
    Feb 2013
    Posts
    1
    #58
    I would like to ask since it is 2013, trying to start a career in Info Sec which route should I follow? My goal is to become a CEH then progress to CCIE and CISSP, I'm going to self study for Sec+, Since the times change I cant find MCSA:Sec so what would be its modern day equivalent? Also after taking Sec+ I was thinking of taking "the new MS equal" and going for CCNA then CCNA-Security followed by SSCP as you suggested. I just want to know if that sounds about right, your opinion is valued!
    Reply With Quote Quote  

  10. Junior Member
    Join Date
    Feb 2010
    Posts
    6
    #59
    Good security engineering route depends on what you want to specialize in. I've seen way too many people that memorize nist 800-53, iso 27000, itil, cobit... and claim they are security engineers. These people are not security engineers, they are auditors or security managers.

    if you are looking to become a well rounded security engineer this is what you should know.

    Offensive security: Scripting(python,ruby), Programming(C, Assembly), Javascript, PHP, Metasploit, sqlmap, Burp-proxy, SQL, OSCP/E, ollydbg, pydbg, etc...

    Defensive security:
    • Network Route: CISCO, JUNIPER, CHECKPOINT, MRTG, SOLARWINDS- NAC, AAA, VPN, SSL, AES,SHA,MD5. Understand the difference between a hash and encryption. CA, Wireshark, TCPdump, Network segmentation, Architecture roles. Understand Next gen Firewalls such as Palo Alto's, Understand IPS such as Snort, SIEM, wLoadbalancing(f5,citrix). Bluecoat,Riverbed,Netscaler type products.
    • System Route: Linux(RHCE), Microsoft(MCITP), Mcafee EPO, Nagios, CLAMAV, Websense or other DLP, Qualys, nexpose, SQL, NOSQL, you should probably understand concepts of NIST 800-53 and ISO27000, Certificate Authorities, Active Dir., Puppet
    • Manager : ISO27002, NIST 800-53,34, COBIT, ITILv3, CISSP,CISM,CISA. Not very active in technological side more interested in Confidentiality Integrity Availiability. Gets really in depth with security access and flows. Very interested not just in technology(logical) but also Physical and Administrative
    • Programming : Learn SQL injections, Web-app security(web application hackers handbook 2), know everything I've written for Offensive security plus know agile, waterfall, etc different methods of application creation. Best bet for this path would be learn assembly x86 and 64. Learn how to create APT and end up working as a malware or security researcher
    Good luck, takes a very long time and a dedicated person to become a sec engineer
    Last edited by blaker00; 02-17-2013 at 11:57 PM.
    Reply With Quote Quote  

  11. Member flash27's Avatar
    Join Date
    Mar 2013
    Posts
    32

    Certifications
    CompTIA A+, Security+
    #60
    Great post. Thanks!
    Last edited by JDMurray; 03-28-2013 at 05:51 AM. Reason: Removed unnecessary quote
    Reply With Quote Quote  

  12. Junior Member Registered Member
    Join Date
    Jul 2011
    Posts
    1
    #61
    Thank you so much for the info.
    Reply With Quote Quote  

  13. Junior Member
    Join Date
    Jun 2013
    Posts
    13
    #62
    Could anyone tell me is MCSA:Security and MCSE:Security certifications retired? If they are, what are other alternative Microsoft certification with security concentration. I need a full explanation please. I have been on MS website and I seem not to find any info regarding MCSA/MCSE: security.

    I would appreciate if Kreaton , JDMurray will comment on this post and have it broken down for me.

    I want to follow kreaton's advice on

    Security+
    MCSA, MCSE
    CEH
    CNNA/CCNP:security
    SSCP

    If MCSA/MCSE: security are retired? What do you suggest I do to follow the above plan sequentially?


    Thanks for your response.

    MIke
    Reply With Quote Quote  

  14. Member itsgonnahappen's Avatar
    Join Date
    Apr 2012
    Posts
    94

    Certifications
    B.S. - IT, A.A.S. - Networking, CISSP, CCSP, GMON, GCIH, CCNA-S, Security+, Network+, Project+, A+
    #63
    Tagging this post for reference. Keatron props +1.
    Reply With Quote Quote  

  15. Junior Member Registered Member
    Join Date
    Sep 2013
    Posts
    2
    #64

    Question Entry level security jobs for Network Engineers.

    I am CCNA Certified and have 2 years of experience in Network Monitoring and troubleshooting field.


    I have interest in Information security. I am planning to pursue CEH.


    But I don't have any experience in Info. Security.


    Please advise Keatron or any experienced security professional if I should go for CEH .
    Reply With Quote Quote  

  16. Netzwerksicherheit Master Of Puppets's Avatar
    Join Date
    Jan 2013
    Location
    /dev/null
    Posts
    1,175

    Certifications
    CCNA R&S, CCNA Security, CCNP R&S, CCNP Security
    #65
    A little more info would be useful but the CEH will definitely increase your chances of getting a job.

    Do you know the area you wish to get into?
    Reply With Quote Quote  

  17. Senior Member JustFred's Avatar
    Join Date
    Feb 2012
    Location
    DeepSpace 9
    Posts
    649
    #66
    I just wanted to say thank you all for this post. It gave me ideas on the path to follow as a network engineer who also wants to have a solid background in security since I'm starting to deal with firewalls and security a lot.

    It's great when people share their knowledge with others. Some people seem annoyed just by asking them a simple question or some guidance. It's a shame these people do not realize they were once novices too.
    Those who have been intoxicated with power... can never willingly abandon it.
    Edmund Burke
    Reply With Quote Quote  

  18. Netzwerksicherheit Master Of Puppets's Avatar
    Join Date
    Jan 2013
    Location
    /dev/null
    Posts
    1,175

    Certifications
    CCNA R&S, CCNA Security, CCNP R&S, CCNP Security
    #67
    Quote Originally Posted by JustFred View Post
    I just wanted to say thank you all for this post. It gave me ideas on the path to follow as a network engineer who also wants to have a solid background in security since I'm starting to deal with firewalls and security a lot.

    It's great when people share their knowledge with others. Some people seem annoyed just by asking them a simple question or some guidance. It's a shame these people do not realize they were once novices too.
    That's great to hear! Just a little side note on the annoyed people you are talking about - a lot of people, especially in infosec, get retarded questions on a daily basis by people who want to become an ethical hacker but can't tell the difference between a computer and a fridge(people who have no idea what it is and say they want it because it sounds cool and everyone else is doing it). Or people who want to take an easy way and continue to ask stupid questions even when you have explained to them that you can't join Anonymous after 3 months of studying hacking.

    I just wanted to point out the some of these people in some circumstances, should not be blamed for not wanting to deal with it all. However, it is an entirely different story when someone wants to begin/advance in a certain field, knows what he is doing, has ambition and a desire to learn, improve and get better. In other words - like many people on this forum. It really is a shame when people deny individuals like that advice. Knowledge should be shared and I have always tried to help someone if I am competent enough on the subject. But we should bear in mind that some people do not deserve help as much as others.
    Last edited by Master Of Puppets; 03-07-2014 at 10:48 AM.
    Reply With Quote Quote  

  19. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,616
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #68
    Quote Originally Posted by Master Of Puppets View Post
    a lot of people, especially in infosec, get retarded questions on a daily basis by people who want to become an ethical hacker
    When people ask me how to get a job doing pen testing, ethical hacking, digital forensics, etc. I first ask them why they think they would like to do that for a living. Most answers I get usually involved the perceived notion that the money is very good or that it's a really fun/kewl job to have. I tell them it's also about long hours, hard travel, boring and tedious investigations, business meetings with customers, and generating lots and lots of documentation. I also recommend that they find people who actually work in those jobs and ask them.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  20. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,425

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #69
    Quote Originally Posted by JDMurray View Post
    Most answers I get usually involved the perceived notion that the money is very good or that it's a really fun/kewl job to have.
    Yeah - One of my boss's go-to questions in interviews is, "why security?" - The last guy said "because it's big right now.."
    Reply With Quote Quote  

  21. Netzwerksicherheit Master Of Puppets's Avatar
    Join Date
    Jan 2013
    Location
    /dev/null
    Posts
    1,175

    Certifications
    CCNA R&S, CCNA Security, CCNP R&S, CCNP Security
    #70
    This is part of the point I was trying to make.

    Quote Originally Posted by JDMurray View Post
    When people ask me how to get a job doing pen testing, ethical hacking, digital forensics, etc. I first ask them why they think they would like to do that for a living. Most answers I get usually involved the perceived notion that the money is very good or that it's a really fun/kewl job to have. I tell them it's also about long hours, hard travel, boring and tedious investigations, business meetings with customers, and generating lots and lots of documentation. I also recommend that they find people who actually work in those jobs and ask them.
    I'm sure the people who are asking you for advice are quite fortunate because I have no doubt it will be of the highest quality. I have a tremendous amount to learn and I am nowhere near as experienced as you but when someone asks this, I too try to sneak the question about their motives and expectations. A lot of times someone perceives this negatively and assumes I am not willing to help while my goal is the exact opposite - I think a serious desicion like that should be informed and not made for the wrong reasons. This is what I did when I was around 15. I researched every aspect of the job for a long time before deciding this is what I wanted to do. Many people think that you sit in front of a black terminal with green letters all day but as we know this is not the case.
    Reply With Quote Quote  

  22. Senior Member JustFred's Avatar
    Join Date
    Feb 2012
    Location
    DeepSpace 9
    Posts
    649
    #71
    Thanks for the reply.

    I ordered a security+ book, then i found this thread and I'm happy i did. I will work on getting a solid security background on a CCNP like level and also help others along the way who will most likely end up in the position I'm currently in one day.
    Last edited by JustFred; 03-07-2014 at 09:22 PM.
    Those who have been intoxicated with power... can never willingly abandon it.
    Edmund Burke
    Reply With Quote Quote  

  23. Member
    Join Date
    Apr 2014
    Posts
    45
    #72
    This is an awesome thread, kudos to all who spent time posting the useful information.
    I too am thinking of moving into info/web security and ultimately aspire to land jobs that pay north of 120K+.
    I guess that means I must become a CISSP or CCIE. Are there any other top notich certificates that can get me 120K+?
    Secondly, I have about 15 years experience in help desk environment. I am msce in win NT/2K/MCDBA. I never worked directly in network administaration although I do have "peripheral IT and Network" experience while poking with clients' networks during troubleshooting etc.
    So what would be ideal path for me to start to acquire some:
    A. Certifications
    B. Real life security related knowledge

    I was thinking for starting with ccna and then ccnp but please suggest what you think is best path to above.
    Thanks in advance.
    Reply With Quote Quote  

  24. Senior Member
    Join Date
    Dec 2010
    Posts
    371

    Certifications
    VCA5-DCV, CEH, ECSA, CHFI, ITILv3, CND
    #73
    Quote Originally Posted by blaker00 View Post
    Good security engineering route depends on what you want to specialize in. I've seen way too many people that memorize nist 800-53, iso 27000, itil, cobit... and claim they are security engineers. These people are not security engineers, they are auditors or security managers.

    if you are looking to become a well rounded security engineer this is what you should know.

    Offensive security: Scripting(python,ruby), Programming(C, Assembly), Javascript, PHP, Metasploit, sqlmap, Burp-proxy, SQL, OSCP/E, ollydbg, pydbg, etc...

    Defensive security:
    • Network Route: CISCO, JUNIPER, CHECKPOINT, MRTG, SOLARWINDS- NAC, AAA, VPN, SSL, AES,SHA,MD5. Understand the difference between a hash and encryption. CA, Wireshark, TCPdump, Network segmentation, Architecture roles. Understand Next gen Firewalls such as Palo Alto's, Understand IPS such as Snort, SIEM, wLoadbalancing(f5,citrix). Bluecoat,Riverbed,Netscaler type products.
    • System Route: Linux(RHCE), Microsoft(MCITP), Mcafee EPO, Nagios, CLAMAV, Websense or other DLP, Qualys, nexpose, SQL, NOSQL, you should probably understand concepts of NIST 800-53 and ISO27000, Certificate Authorities, Active Dir., Puppet
    • Manager : ISO27002, NIST 800-53,34, COBIT, ITILv3, CISSP,CISM,CISA. Not very active in technological side more interested in Confidentiality Integrity Availiability. Gets really in depth with security access and flows. Very interested not just in technology(logical) but also Physical and Administrative
    • Programming : Learn SQL injections, Web-app security(web application hackers handbook 2), know everything I've written for Offensive security plus know agile, waterfall, etc different methods of application creation. Best bet for this path would be learn assembly x86 and 64. Learn how to create APT and end up working as a malware or security researcher
    Good luck, takes a very long time and a dedicated person to become a sec engineer
    Thanks for your guidance.
    Last edited by chopsticks; 04-02-2014 at 04:37 PM.
    Reply With Quote Quote  

  25. Member
    Join Date
    Apr 2014
    Posts
    45
    #74
    Well, anyone?
    Quote Originally Posted by luking View Post
    This is an awesome thread, kudos to all who spent time posting the useful information.
    I too am thinking of moving into info/web security and ultimately aspire to land jobs that pay north of 120K+.
    I guess that means I must become a CISSP or CCIE. Are there any other top notich certificates that can get me 120K+?
    Secondly, I have about 15 years experience in help desk environment. I am msce in win NT/2K/MCDBA. I never worked directly in network administaration although I do have "peripheral IT and Network" experience while poking with clients' networks during troubleshooting etc.
    So what would be ideal path for me to start to acquire some:
    A. Certifications
    B. Real life security related knowledge

    I was thinking for starting with ccna and then ccnp but please suggest what you think is best path to above.
    Thanks in advance.
    Reply With Quote Quote  

  26. Junior Member Registered Member
    Join Date
    Sep 2014
    Posts
    1
    #75
    Hi everyone , i am new here so i needed some help from security gurus. I have recently completed masters in information systems and wanted to do some certification in information security or network security
    1. Which has better job opportunities and good salary.
    2. If i wanted to do CCNP security, what is prerequisite like i first have to do CCNA or CCNA security

    I have no experience

    Thanks
    Reply With Quote Quote  

+ Reply to Thread
Page 3 of 4 First 123 4 Last

Social Networking & Bookmarks