Certification Advice

[Shajin]

Hi

A complete newbie here.. So please be gentle with me

This has probably been asked a million times before, but I think my case is slightly different. Hence the reason for my post. I have read the guide here for beginner's entry into Security, but I also needed your valuable opinion on the below certifications.

I was looking to move into IT Security area and was wondering if any of the experts here could give me any advice on choosing the right certification.

Let me start with a little bit of my background.. I have been in the IT industry for the past 8 years on and off, but not with much commercial experience. I have completed my MCSE 2003 few years back, but not had a chance to work much in a commercial environment. I had worked as an IT Support Engineer (for 1 year) for a small firm few years back. The firm got closed down and I was forced to take up a sales job (which involved very few IT skills). I set up my own IT Support business last year, supporting few of my clients on Microsoft platform, both server and clients. I have got experience in Windows 7/XP/Vista/2003, Office 2003/2007, Active Directory, Exchange Server, Backup, Firewalls, VPN, DNS, TCP/IP, WLAN, Antivirus, AntiSpyware, etc.

As my business is not doing very well, I was looking to move into IT security, which I believe is very much in demand these days. Would you be able to recommend any certifications that the employers are looking for these days? I was looking to complete the certification and take up a suitable position is some company. If you can recommend any such certification for someone with my background, that would give me an entry into IT security, that would be very much appreciated. To start off with, I would think a generic rather than a vendor-specific certification would be more appropriate. What do you think? I am aware that certifications like CISSP, CISM, CISA are very much in demand these days, but these wouldn’t suit someone with my background. I was thinking of doing the CEH, but I was told that it was a bit advanced. The EC-Council’s Network Security Administrator (ENSA) looked quite interesting. Any ideas on this? The other options I have been given are Comptia Security+, CISMP, ECSA, a combination of CISMP, CEH and ECSA, etc. If you can give me any recommendations, I would be very much obliged.

I have been doing a lot of research on this and struggling to make up my mind. I hope I can find a favorable answer here.

Sorry for the long detailed mail. I thought it was essential for you to know my background to guide me to the 'right track'.

Thanks for your time and patience.

[Bri1981]

I think the Security+ would be a good place to start, with the experience you have the material should be relatively straightforward. Once this is out of the way (depending on what exams you completed for the MCSE) you may only need one more for the MCSE Security cert.

[Shajin]

Thanks for your reply and suggestion..

I compared the Security+ with ENSA and the ENSA seems to cover a wide range of topics.

The following modules are covered in ENSA program:

Module: Fundamentals of Network
Module: Wireless Network Security
Module: Web Security
Module: Virtual Private Networks
Module: Troubleshooting Network
Module: Security Standards Organizations
Module: Security Standards
Module: Security Policy
Module: Securing Modems
Module: Protocol Analysis
Module: Patch Management
Module: Packet Filtering and Proxy Servers
Module: Network Vulnerability Assessment
Module: Network Security Threats
Module: Network Security
Module: Network Protocols
Module: Log Analysis
Module: Intrusion Detection System (IDS) and Intrusion Prevention Systems (IPS) Module: Incident Response
Module: IEEE standards
Module: Hardening Routers
Module: Hardening Physical Security
Module: Hardening Operating Systems
Module: Firewalls
Module: E-mail Security
Module: Disaster Recovery and Planning
Module: Creating Fault Tolerance
Module: Bastion Host and Honeypots
Module: Authentication: Encryption, Cryptography and Digital Signatures
Module: Application Security

whereas Security+ seems to cover the following:

Day 1: Introduction to General Security Concepts
InfoSec Overview and History
Access Control
Authentication
Non-Essential Services/Systems/Protocols
Attacks
Malicious Code
Social Engineering
Auditing
Remote Access
Email
Web
Directory
File Transfer
Wireless
Devices
Media
Security Topologies
Intrusion Detection
Security Baselines
Day 2: Cryptography/Operational/Organizational Security
Algorithms
Concepts of Using Cryptography
PKI
Standards and Protocols
Key Management/Certificate Lifecycle
Suspension
Recovery
Renewal
Destruction
Key Usage
Physical Security
Disaster Recovery
Business Continuity
Policy and Procedures
Privilege Management
Forensics
Risk Identification
Education
Documentation

More information on the ENSA course and its contents are available on the EC-Council website:

http://www.eccouncil.org/training/co...e_outline.aspx

Any good?

Thanks!

[Shajin]

Seems like nobody is interested in helping me..

[GiddyG]

Quote:

Originally Posted by Shajin

Seems like nobody is interested in helping me..

Not so.

I would suggest that Bri1981 is correct that Sec+ is a valid certificate to go for. It is certainly a certificate that can be used, or it certainly used to be, as an elective for the MS route. There is a book written by Darril Gibson which is very good. Its ISBN number is: ISBN-10: 1439236364.

Following on from that, you could look at the likes of the CEH as appropriate certs where you hold the requisite knowledge.

You may also wish to consider the likes of the CCNA, where you can work towards the CCNA Security certification, if you are working in a Cisco networking environment.

Best of luck.

John

[Trogdor]

I think the Security + exam is a good place to start. It also counts to adding a security specialisation to your MCSE, which is an added bonus. Realistically, I think you need some substantial commercial experience to get a position in security. What kind of experience do you have? What are you doing at the moment?

[Shajin]

Thanks for all your suggestions...

The reason why I was considering ENSA over Security+ was that ENSA seemed more "hands-on" and seemed to cover a wide range of topics. I am not sure whether Security+ or ENSA is more in demand in the job market.

@GiddyG
As a starter to security, I thought a more generic certification would be more appropriate rather than going for a vendor-specific certification. I could look into that later on as I progress. What say?

@ Trogdor
My entire life history has been stated in the first post I am self-employed at the moment, supporting few of my clients mainly on Microsoft platform.

All suggestions welcome.. Thanks!

[GiddyG]

Quote:

Originally Posted by Shajin

@GiddyG
As a starter to security, I thought a more generic certification would be more appropriate rather than going for a vendor-specific certification. I could look into that later on as I progress. What say?

Well, the Security+ is vendor-neutral, hence it's always a good one to go for. There are a few books about Sec+ out as well. Personally, I think it would give you a very good grounding in security, over and above what you already know. Mind you, I find that with all of the subjects I read books about, even those I think I know quite well.

Best of luck with your studies!

[Shajin]

Thanks for your reply GiddyG.

I understand that Security+ is a vendor-neutral certification. And so is ENSA. I wanted your opinions on which one to go for out of the two. I believe ENSA is a fairly new course which is why not many people have heard about this. The course curriculum looks very interesting. But how are EC-Council certifications generally? Do they have any upper hand over CompTia?

Thanks!

[GiddyG]

I do not believe that the ENSA certification would hold sway, certianly not at the moment. As has already been mentioned by me and others, the Sec+ can also be used as an elective against the MCSE. This, to my mind, makes it the certification of choice as a starter for ten.

Someone like WagnerK (Ken) will no doubt have his own valid views on the matter.

[Shajin]

Sorry if I sound dumb.. But who is WagnerK???

[greenbrucelee]

Quote:

Originally Posted by Shajin

Sorry if I sound dumb.. But who is WagnerK???

He is another member here who knows lots about certifications and what will be best for you, why not PM him and ask him.

I would also agree with above posts about that Sec+ would be better for you to do than the other one.

[wagnerk]

Sorry for the late reply, been very busy at work

I agree with what's already been said, if you're trying to gain entry into the IT Security field, the bare minimum that I (as an IT manager) would like to see in a candiate (certification/knowledge wise) is the Comptia Security+.

I would recommend doing your Security+, then using that whatever other MS exam(s) you need to top up your MCSE to the MCSE: Security.

To tell you the truth, the only cert that is widely known is the CEH from the EC-Council. They are more US based, and while they are gaining more popularity (mainly really only due to the CEH). I would recommend looking into the ICS2 instead, nothing against the EC-Council, just that ICS2 already has a foot-hold in the UK/EC in fact global market and industry. Hence they are more recognised and accepted in the UK. Their entry level credential is the "Associate of (ISC)²".

One thing that I would like to point out that you can gain all these certs/credentials, but you should also be getting the experience to back it up, otherwise (imo) it'd all be almost useless. Start implementing what you're learning/learnt on your clients networks, etc - with their permission first to get basic experience. If you're going to be looking for employment with a organisation then you may only get the entry level (possibly one level about that) IT Security post.

Along with gaining membership into the ICS2, I would also recommend looking into Professional Membership of the BCS - if only to show that you're guided by the BCS Code of Conduct. I joined in support of the IT field and to gain my CITP, so I am pro them. Some find them useful, some don't.

Hope this helps

-Ken

[GiddyG]

Thanks Ken. I knew you could add a bit of meat to the sandwich.

[Shajin]

Thank you very much for all your help and advice.

I think I will go with Security+ like all the experts here suggested.

As I am spending the time and money for Security+ anyway, I wouldn't mind doing another course with it. What would go well with Security+? CEH? Network+? Server+ or any others that you can recommend?

Also, does it add value if the certification is obtained from the UK? I was planning of getting it done outside the UK (may be India) as it is much cheaper.

Thanks!