Solved

how to start my Security career ?

Posted on 2010-11-23
6
497 Views
Last Modified: 2013-12-12
i know repeated question .. but i need your help guys

im working as network / system administrator in IT Dept .. and i have arround 7 years experience in that field and Bachelor degree not in IT field, in some engineering
also im certified MCITP EA 2k8 server - CCNA - IBM AIX os Admin
and i realized that i need to take the security direction to increase my CV value and gain more knowledge & experience

what certification i should start with ? this is the question

should directly take CISSP ?? or should i start with CEH ... or ...etc

so guys help me
0
Comment
Question by:F_A_H_D
6 Comments
 
LVL 5

Expert Comment

by:cjordan323
ID: 34202651


CISSP is the most recognized. That is where I would start.

Also this organization is very good for the IT security professional to get involved with. You won't find a lot of technical resources here but you should be able to really do some networking within this organization:  http://www.infragard.net
0
 
LVL 25

Expert Comment

by:madunix
ID: 34202796
0
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 34205615
CISSP is probably the best known. However, here is a quote from an actual employer:

"In terms with joining an pentest company we have have all CV's from
recruiters (or HR) sent to the team leader, who then decides on who they
interview, then once in the interview they are accessed on technical
abilities and if they will be suitable to the team, then if we like them
during said interview we put them on a Vmware based assult course and
ask them to demonstrate said abilities. Sorts the men from the boys.

We dont look for people with CISSP (its nice if you have it, but your
more of a security consultant (sorry!!) than a pen-test consultant; we
dont actively push people to CISSP or CCNA - we want people with CREST
or CHECK or in a position to be able to easily pass it."

This is taken from the pentest mailling list at securityfocus btw - the question comes up quite regularly, so searching the archives at http://www.securityfocus.com/archive/101 (or joining the list) may pay dividends.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 25

Expert Comment

by:madunix
ID: 34273069
keep yourself updated about : Information Security, Process Security, Internet Technology Security, Communications Security, Wireless Security, Physical Security ..etc. Learn Linux/Unix and Networking and DB.

Look @  
http://packetstormsecurity.org/
http://hakin9.org/
http://www.linuxjournal.com/ 
http://www.linux-magazine.com/
http://www.linux-magazine.com/Issues/2010/121

Use opensource tools ), maybe you could use BackTrack, a nice distro with a lot of security tools to ethical hacking....
http://www.backtrack-linux.org/
http://en.wikipedia.org/wiki/BackTrack
http://www.linux-magazine.com/w3/issue/77/BackTrack.pdf
0
 
LVL 25

Expert Comment

by:madunix
ID: 34273415
0
 
LVL 15

Expert Comment

by:Giovanni Heward
ID: 39715532
If I had to pick one it would be the CISSP.

What I'd actually recommend is following the DoD Approved 8570 Baseline Certifications track to achieve IAT Level I, II, and III.

IAT Level I: A+, Network+, SSCP
IAT Level II: GSEC, Security+, SSCP
IAT Level III: CISA, CISSP, CASP, GCIH, GCED

In addition to the CEH, I'd consider other SANS training/GIAC certifications of interest (e.g. GPEN, etc.)

While this question is dated, my advice is not and I provide this information for future search results.

Additionally, WGU offers excellent (and inexpensive) online BS and MS degrees programs.  The latter being based on the CISSP domains and CEH.  They will gladly waive credits based on current certifications and other relevant course work completed in the past.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question