passed Sec+ last night

Well, I passed the Sec+ exam last night. I can't say it was a hard test, as it is largely entry level, however, there were several poorly worded questions.

It's over, and that is all the matters.
I used the text to study, along with my classes at Capitol.
http://www.amazon.com/gp/product/0072227419/102-3145860-3484123?v=glance&n=283155

Now, I ask the board, what cert should be next? I plan on doing the cissp late summer, however, I was looking to the CEH or some of the SANS certs.

thoughts?

 

Check out http://www.techexams.net/forums/ and scroll down to the infosec certs for info...

What are you looking to achieve longterm? MCSE: Security is one of the top 10 certs this year ( according to certcities ) as is the CCNP / CCSP...

Personally, I'm going for Sec+ then CWNA -> CWSP - since you're into security much like I am, I'd suggest exploring the wireless security aspect - plenty of wired security specialists out there, but not nearly as many wireless ones...

Just my two pesos

 

are you a traveling man? : )

Long-term, work on my PhD in security. That goal somewhat falls outside of this thread. In the near term I wish you set a cert path to round out my education. I have worked on several security projects, but never directly in Infosec. My goal, upon graduation this summer, is to attain full time employment in the infosec field (maybe even contract).

I like your idea on the wireless certs. I will have to check those out. By the way, that web site is great - thank you.

I also thought about the mcse security, I just wondered if that should be my *next* step. Choices Choices.

 

You have Security+ now - and Certs are definately in demand alongside a degree. Most IT Sector HR folks are familiar with the likes of CompTIA - even though they _are_ entry level.

If I were in your shoes, I would look at other certs, especially with a Masters in Information Security, I would look into penetration testing certs as that weighs heavily into the security side.

GSEC jumps to mind - here is a link for GIAC's security certs:
http://www.giac.org/certifications/security/

Again, I am a huge fan of wireless networking - it is a growing trend that is not even close to peaking.

Choices Choices... yep - there are plenty of Choices out there - but you can't go wrong with recognized Certs.

What would I do.... I'd go with the Wireless -> GIAC -> MCSE: Security

Face it, winblows isn't going away and there are a lot of MCSEs out there already, so you work backwards, to what a company isn't likely to have - which would be Wireless and GIACs

Of course, there is always the CCIE with the Security focus, but only if you eat,live,breath cisco - but you also set yourself up for big $.

 

You talked me into it; I bought a CWNA study book. Hopefully it will be mostly review, as I have had the two wireless classes at Capitol. I will post back after I take the exam (late April maybe?)

On exam “deck”; TICSA, CWSP and CISSP (although thinking about substituting SSCP).

 

Good luck. I should note that if you have not directly worked in infosec the CISSP is a no go. It requires (now) 4 years in the field and a sponsor.

That being said, everyone in IT should take some security training. I think security is simply one measure of quality in a system or design, and we all want to create a quality computing enviorment.

Funny thing is that after spending a fair number of years in infosec I think a law degree would help me the most.

 

tscalzitti,
Thank you. You are correct about the CISSP and the 4 years.
I was planning on doing the associate program, where I would still need another 2 years of Infosec experience. I get one year for my B.S. and another year for my MSIA/NS (as it is a NSA school).

 

Yes that will get you closer but no reason to wait - start working in infosec now.

Really I am still (somehow) amazed about the number of CodeRed alerts my IDS systems still get. You would think some admins would have accidentally patched by now.

We need help

-T

 

You should read carefully what is required to earn experience though. If you manage the A/V or audit logs then that qualifies. I have been told that even some "Security Guard" experience would be applicable under the "Physical Security" domain. Just look carefully at what you do on a day to day basis, logging, compliance documentaiton, virus cleanup, backups...all those things can be used.

If you are prepping for the test I recommend www.cccure.org

Clement has excellent quizes and good forum relating to the topic.

This one is a bit of a bear, but it definatly doable...Let me know if I can help out.

On an off-hand note, I am gettting ready for a couple of smaller tests. I am scheduled to do the CEH (Certified Ethical Hacker) in the last week in April, and the EnCe (EnCase Cert. Examiner) in late may. Has anyone had to sit for any of these test?




Lou

 

Don't forget about the random audits - you don't want to stretch too much and get rejected. Remember its a lifetime ban.

I did EnCase some time ago, but that was before it became an 'official' cert. It was still only given directly after onsite training (at the vendor that is)

I would also consider the ISFCE - Certified Computer Examiner program. You are still going to want to know EnCase but this covers a broader background of information.

The last thing in infosec that you could conside is CISA or CISM. The CISA is going to continue to be in demand as companies work with SarBox and other legal requirments in the years to come

 

O, you definatly would not want to be untruthful with them, just examine what you do extensivley and make sure that you dont already have the nesecarry requirements. Dont sell yourself short.

Ill check out the ISFCE. The instructor at the class in austin was EnCe and I think ISFCE also. He made a nice living on the side doing civil investigations.

The CISA and CISM are big, and those blasted SOX and GLB requirements will make them more valuable. Also, GIAC has a ISO17799 cert also that could evolve into a "Compliance" cert.

Very few people have any serious clue when it come to compliance and fewer with technical knowledge, so it is definatly that place to be.

 

That last part was sadly true, just read some of the laws and you can see that some people are less than aware of technology.

I think HIPPA was worse, but its all bad

 

Lou,
I have some study material for the CEH if you would like it. It is also on my list, but not currently at the top.

PM me your email address if you are interested.

 

Hi scubasteveiu

I just completed my CEH. Its a great program and I think that you would definitely enjoy the program. I think though that if you would like to go into IT Security as a career, then definitely you should look at doing both CEH and CISSP. CISA and CISM are also very good programmes as well.

 

Hello,
Yes, I am looking to get into infosec / IA, as a career. I welcome any advice. I have worked 5 years at a fortune financial 100 company (web infrastructure and COTs support, along with some PM work), done sys admin work prior to that, while founding a wireless networking company on the "side" (if you can call it that). I applied for, and did not get an infosec position current company. As a result, I already told my current manager I am leaving - hopefully this summer, after I graduate.

How long have you been in infosec and how did you get “in”?

Did you take the CEH class or just study on your own? What did you think of the exam?

Also considering the NSA scholarship (you work for the govt when you finish your schooling. In this case my PhD) and the FBI as an agent - I know some ppl already "in", however, only about 1% get in.

 

Speaking for myself, I started with Microsoft supporting DOS then Windows (3.x). I Moved into networking after that. Firewalls were always part of networking, and are still what many people think of when they talk about security. So I started working more and more with couter measure type technologies as the field grew.

When I was building a infosec team and practice for a consulting company I looked for people with a solid IT background and a good sense of paranoia. After that I always felt they could grow into the field.

Some training and maybe a few certs wil get you the interview, the rest is up to you.

 

Hi scubasteveiu

I've been in I.T as a career for the past 10 years in various capacities- in Business Development and Consulting, and most recently for the past 2 years as a Technology Systems Manager.

I went through the CEH class which I felt was a major help to me to pass the course. If you are already in security with a few years experience, ecspecially if you are very active in it, then perhaps you can study on your own, however, I think if you have the opporunity to attend a course then you should go that route. The exam's pass mark is 70%. When I first did it, I failed by 3%, but that was my fault- I didn't put in the necessary amount of work needed to pass the exam. The next time around, I passed it but I had to put in the work. The taught course is usually a fairly intense 5-day programme with the exam a day or so afterwards.

Here's what you need to do though- they are sample exam questions that you can get from testking.com and other braindump sites- you need to practice these questions. Not once, but at least 3 to 4 times. Once you can do this, this provides you with around a 60 to 65% probabliity of passing the exam. In addition to the past exam questions, you can also need to read a good portion of the study guide which is also extremely helpful.

Seeing that you want to make Info Sec your career, I would really recommend that you do this course plus either CISSP, CISA or CISM. CISSP is known however as the golden standard for Info Sec, so you can't go wrong with that option. It can't hurt however to do both CISSP plus CISA/CISM after you do your CEH. The CEH provides you with the practical know-how. The CISSP is more policy based than it is practical- the 2 certifications go very well together. I'm supposed to start my CISSP later this month.

The CEH program will teach you the various methods of how attackers attack a system and the countermeasures against those attacks.

Hope that I've been of help.

 

Braindump are ufortunatly, but truthfully, all that is required to pass alot of exams, but they tend to hurt the credibility of the cert eventually. Thats whats great about the CISSP and CISA/CISM. The last dump i saw for CISSP was over 1600 questions so I dont think it would be helpful.


How to pass the CISSP first try:

Materials:

Official Study Guide
Secondary title, liter in content. I used the CISSP Passport book
www.cccure.org
Index Cards

Read the big yellow brick, twice at least. Review every chapter with the secondary book to make sure you undrestand some of the verbage. The Official study guide is a tough read. Do review questions on cccure until your eyes bleed. Make an index card for every question you missed. They are the concepts you must grasp to pass. Review Review Review. Take the flash cards everywhere you go traffic, work, home, bathroom. When you are batting about 80% then you are ready to go for it.

I have not heard good things from people I know who took an official review class, but i think it depend on your instructor. Stay away from most CBT stuff. I dont think it goes deep enought ot get you through.

Also, know each area well, you cant slip by if you are not well rounded. Every person i know says there test emphasized one area during the test. So you better know BCP and legal as well as Telecommunicaitons and they other fun areas.


One last note....the legal area of the test has been in flux and is centralizing on internation standards and not US specific. There is alot of material posted now as it relates to US laws, but I would review but not dwell on that part.


Good luck

 

Thanks Lou! You have a PM as well.

I bought the passport and I have one of Shon's books - have not bought the "brick" yet. I assume you are talking about the one from ISC2 - right?

 

Bluemason,
I just got my CWNA book in the mail (http://www.amazon.com/gp/product/0072255382/sr=8-1/qid=1144861365/ref=pd_bbs_1/104-4675717-8253540?%5Fencoding=UTF8)

After I read a little more, I will post a "review".

When do you plan on taking the exam? CWSP?