How to get into Security

Discussion in 'Training & Development' started by Swann, Aug 3, 2013.

  1. Swann

    Swann New Member

    3
    0
    1
    I am looking to study for my security exams and was wondering if anyone could help me with a path to follow? Not sure which is best..

    I was also looking at CFCE and was wondering how you would work to get this too

    Thanks
     
  2. BraderzTheDog

    BraderzTheDog Kilobyte Poster

    276
    2
    49
    Hi Swann,

    What type of security are we talking more desktop / server side security or network security?

    If its network security I would start with doing the CCNA get some network understanding and a Vendor cert (im not sure on you're background) then maybe do the CCNA security after about a year.

    Once you have done that get specialised in a product like Juniper or Checkpoint, and you will advance to a more senior engineering role. Eventually you can get into the exams like CISSP / PCIDSS / ISO27001, which is where the real money is in net security.

    Hope this helps.

    Brad.
     
    Certifications: CCNA R&S, CCNA-SEC, CCSA, JNCIA FWV, MCITP, MCTS, MTA, A+
  3. Swann

    Swann New Member

    3
    0
    1
    Not sure which side really. I first took the interest in security when looking at the CDFE...any suggestions?

    Also any ideas on CDFE?

    Reference to any books in any of the above would be helpful

    Thanks
     
  4. Monkeychops

    Monkeychops Kilobyte Poster

    301
    22
    25
    CISSP et al isn't really a network security cert though, it's more a security management cert.

    I echo the question though about what do you want to be doing in security, even just narrowing it down a little helps, do you want to be fully hands on techy, more hands off etc.

    CDFE is not something I've ever come across in my years in security, having a quick look I can't vouch for how much value it would bring but you've got to remember that forensics is a pretty specialised area of security and not one that's entirely common when it comes to jobs being advertised. On the flip side means that the roles there are in forensics are generally pretty decent :)

    A common entry to security would be from a support type background, be it networks or server. Generally if you're wanting to be techy you need to have a good grasp of your subject area first, so will likely have gone down the routes of things like network or server specific certs or experience first.

    Then you can build up the security knowledge, so starting out things like the CompTIA Security+ are a decent enough introduction to things, gives you an idea of some of the concepts and subject areas within security.

    From there you can then start to move down whichever route you like that will suit your needs, be it the more hands off type things such as CISSP, CISA, CISM etc or down the techy side with things like CEH.

    A lot of security is not necessarily being a product expert, knowing how to do actually do the stuff in Cisco/MS or the like, it's about knowing security itself and how it may apply to the things you want to do so that you can articulate what needs to be done. The techy can then translate that into what buttons to press ;)

    What IT experience do you have so far?

    Apologies for the rant, I can talk for hours on this sort of stuff, been doing it a fair few years now so any questions just ask, or send a pm.
     
    Biggjoe81 likes this.
  5. mrobinson52

    mrobinson52 Security Maven Gold Member

    194
    9
    74
    I am working on my CISSP now after having gotten the MCSA:Security and Security+ Certs and Bachelor and Master's degrees in Information Assurance, and still being blocked out of the field by a cert that requires 5 years experience. Nobody wants to hire entry level. The CDFE might be a good way to go if it is really computer forensics you want to go into. The hardest thing is to get the experience everyone wants.

    My BFF works at a University doing repairs on computers and had to work on recovering files for the students/professors. She soon became the person the campus police contacted to help them find information on recovered stolen laptops that could be used in prosecution, so she was getting the experience that would help back up the CDFE, So maybe get into a job where you are doing file recovery work and go for the CDFE if that is what you really want to do. But in the job market, experience seems to trump certs or degrees.
     
    Certifications: A+, Network+, MCSA:Security, Security+
    WIP: CISSP
  6. Sparky
    Highly Decorated Member Award 500 Likes Award

    Sparky Zettabyte Poster Moderator

    10,718
    543
    364

    Would have to agree experience seems to be the best thing to have – I also have MCSA:security and Security+

    I worked on a fraud investigation as the IT Security specialist and got the pleasure of bursting into an IT department and asking everyone to log off (two other guys were with me with the legal docs) so nobody deleted any info while I was doing the investigation. Probably one of the best contracts I have worked on!
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) MS-900 AZ-900 Security+ Network+ A+
    WIP: Microsoft Certs

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.