What is the easiest one? I am looking to just get one under my belt and I am nervous about it....Any suggestions? i got the Exam Cram books for Security+ not sure if thats the best way to go or not? any suggestions?
Printable View
What is the easiest one? I am looking to just get one under my belt and I am nervous about it....Any suggestions? i got the Exam Cram books for Security+ not sure if thats the best way to go or not? any suggestions?
Why go with the easiest one? I'd imagine that the Security+ is the easiest (I think most of their exams are entry level). But why go with the easiest instead of going with the one(s) with the best return on investment?
Might want to look into the following:
From ISC2: CISSP and SSCP (managerial/theoretical inclined; not technology specific)
From SANS: GIAC family of certs (technically inclined)
Simply because i am not a good tester...Never have been and i am very worried about failing it...and not passing...
The SANS ones might be good since they require a white paper in addition to the exam. AFAIK, most certs out there (for security and otherwise) are multiple choice so it's not that difficult (in a sense). I hate testing to but I've survived a few certifications now. Go ahead and try the Security+ but I'd humbly suggest considering others since in the long run I don't think it will be a benefit by itself.
Yeah, i appreciate your perspective. I was going to try and boost my confidence level with an easier one then get some more and i was thinking of GIAC or SSCP
I'd go with the GIAC GSEC certification. It covers a broad area of security, covers some of the cissp cbk, etc.
I'm have a CompTIA a+ and I'm will get Comptia Network+ soon. Those 2 certifications will allow me to get a MCSA without any exam... Security+ gives you a MCSA and MCSE automatically
http://www.microsoft.com/learning/mcp/partners.asp
me thinks you are misinterpretting the wording of "an elective credit" for meaning "scott-free". essentially, by having those certs, you get to skip the P.E class if you want. but you're still required to take history, math, english, etc. in the cases where you would be receiving a "specialized credit" it's a simple replacement based on the most parallel material. if you think you're going to get a mcse without a hard case of active directory, which is a completely void topic (let alone the lack of focus on ldap) in the comptia certs...you've got a rude awakening ahead.Quote:
Originally posted here by SDK
I'm have a CompTIA a+ and I'm will get Comptia Network+ soon. Those 2 certifications will allow me to get a MCSA without any exam... Security+ gives you a MCSA and MCSE automatically
http://www.microsoft.com/learning/mcp/partners.asp
Maybe.. I send the question to M$ MPC to be sure yesterday. I'm waiting their answer.
SDK:
That's the key phrase..... "an elective credit _toward_". It doesn't mean you get the MCSA "because" you have one of the combinations..... It means you get credit _towards_ it.... You still have other stuff to do.Quote:
To receive an elective credit toward the MCSA certification
I have yet to come up with a way around these "certifications". I have taken many "tryout" tests for the different certifications. They all seem the same. There is a _heavy_ emphasis on the "keywords".... The questions are entirely an issue of "do you know what the industry, (in this test), calls the different things you are implementing without knowing the official name for it"? Here are four possibilities....
I really don't give a rats.... thingy... ;) what you want to call it..... To me it's a logical thing I do within my knowledge of the operating system..... But it's my knowledge of the OS and the threat that is important..... The questions they ask tend to be so "theoretical" as opposed to questions like:-
"What are the steps required to remove the "Allow Parent Paths" setting from an IIS web server"? (silly example but valid to show the point.... I can't tell you right off the top of my head, but I can tell you where to go looking for that setting and how to deny it.... The tester would have to read that and determine if I was even going in the right direction..... Or whether I have no clue as to what I am looking for.... That's pretty important to an employer..)
The problem is that the certifying agency doesn't want the tester to have to read, they want the computer to decide whether or not you picked the right(?) answer from a "four pick".... It's cheaper you see..... Which, in my mind is BS... utterly.....
It allows the "certifying agency" grind out Certification X at minimum cost to themselves.... Magic... Totally magic..... No skill required..... Just be able to "spout" the right "keyword" for the right issue and we'll throw you a "cert"..... (no offense meant to those with their certifications... but look at them and determine whether I'm "pretty close"....).
Practical experience is never taken into account.... You can actually run a whole bunch of "cert's" and have never worked on a real world network in your life. Don't get me wrong, the theory is incredibly important when you are faced with a genuine issue, if you don't know how it "should" work you'll never know why it isn't working.... But let's be honest here.... Being able to say... "Well, it's a TCP/IP problem", isn't quite the same as understanding that two network cards have the same MAC address...... (again, silly example....).
To end my "rant" I'll stand by my decision to tell our HR dept. to remove all requirements for degrees or certifications from all the job descriptions for the positions in my department....
I don't know how to make it "right".... I just know it needs to be "fixed".....
Not true. CISSP/SSCP require real experience before you get certified. And it can be audited at any time.Quote:
Practical experience is never taken into account.... You can actually run a whole bunch of "cert's" and have never worked on a real world network in your life.
Just wondering... Is there an age requirment to take certs? Like 18? Also, where do you sign up and then take these tests? I have never seen any advertisement of any sort in my area for this type of thing. I think it would be kind of nice to take one or two every year then by the time I get into the job world I will have a few already under my belt...
AFAIK, there isn't a minimum age requirement. The youngest MCSE was, IIRC, 12.
Thanks!
Now I just have to find a place around here to take it... Do colleges usually host them?
http://www.cert.org/
http://www.antionline.com/showthread...ht=certs+value
Thorse lays it all out in that thread.
The one of the mothaz
To sit for the CISSP examination, a candidate must:
* Submit the examination application with the required $450 fee.
* Assert that he or she possesses a minimum of four years of professional experience in the information security field or three years plus a college degree.
* Complete the Candidate Agreement, attesting to the truth of his or her assertions regarding professional experience and legally commit to adhere to the CISSP Code of Ethics. click here to view the CISSP Code of Ethics
* Successfully answer four questions regarding criminal history and related background.
I'm still trying just to learn the 10 security domains ;)
There is no experience reqirement for MCSE or MCSA althoug they say you should have X amount of exp for those test.... I got both those certs virtually with no exp. at all.
M$ has accepted some of Comptia certs as ELECTIVES for these certs, you still need to take the other core and elective requirements of the cert u follow. I did security+ as an elective for my MCSE:security (this is MCSE specialised in security). AFAIK, A+ and network+ combined will qualify as an elective for MCSE and MCSA.
MCSE requires 7 test.... 4 core, 1 elective form design and 2 any other elective
back to the topic.... security+ is a good test, it wasn't that hard for a n00b like me, covered bit of all security aspects, but not in depth.....
hope this helps......
Thank Tiger for the point, I was not sure of the meaning of "elective credit toward".
There is an exception to this. You can get what is known as an "Associates CISSP" whereby you write the exam even without the 4 years of experience. If you pass, you'll get a designation of Associates CISSP and once you get the experience, then get the full status. It's interesting because it does identify those with and without experience. ;)Quote:
To sit for the CISSP examination, a candidate must:
* Submit the examination application with the required $450 fee.
* Assert that he or she possesses a minimum of four years of professional experience in the information security field or three years plus a college degree.
* Complete the Candidate Agreement, attesting to the truth of his or her assertions regarding professional experience and legally commit to adhere to the CISSP Code of Ethics. click here to view the CISSP Code of Ethics
* Successfully answer four questions regarding criminal history and related background.
*edit* nevermind, I didni't really read the thread thoroughly. Looks like security+ is probably the best introductory test for a guy like me. :)