How to get experience 2

[Citt1]

This is a serious question. I have been in IT for 5 years. I have help desk and LAN administration background. I just don't know how to get started. I know of a quality school where I can get my CCNP and CCSP. I am currently studying for my CCSA (Checkpoint) on my own, but I fear that no one would take me seriously because I have no real experience.

Also, just curious. I know one or two people in Security who claim not to have great knowledge of IT. Doesn't security and IT go hand-in-hand? Can one really defend a network without a strong IT background? Don't you really need to understand the OSI model and apply it and figure out where there could be security problems?

Is going for the CCSA and CCSP with CCNP a good move or is there a better to get the understanding to work in security?

Thank you in advance for any help or advice.

 

[jbaugh]

Getting security experience can be a difficult effort, if your current job doesn't allow you to work with security tools, policies, etc. I think you are going down the right road working on Networking and Security certs, of course that was the path I took when I got started in the Security field, so my opinion may be biased. However, everyone has to get started somewhere and that is as good a place as any.

You didn't say anything about the size of your company or if there were internal opportunities for you to move into after you get your CCNP, CCSP and CCSA certs. If it is a small company, you may have to move on to another to get the hands-on security experience that you will need to apply for the CISSP exam.

Good Luck,

Joe


Joseph B. Baugh,
PMP, CISSP, CISM, CBM, IAM, CCFS,
CCSE, CCAI, CCNP, CCDP, CUE
Network Services Manager, Sierra Southwest Cooperative

"The road goes on forever and the party never ends." -- Joe Ely: Love And Danger, 1993

 

[troyan]

http://www.hardgamers.org/forum/lire.forum/2794.html

 

[JRMS]

This a good point that is being brought up. I am in a similiar situation. I currently work for the state government. My employer is state wide and I am located at the HQ. We serve over 3000 end users. We don't really have a security department but I try to stay abreast with security vulnerabilities. I'm current preping to take the CCNA exam in two weeks. I'm also going for the CCSP and CISSP before the year is over. I have approx. 6 years in IT. How can I become more security oriented. I try to establish guideline and polices with upper Management. I visit Security web sites also. Will this experience allow me to sit for the CISSP. Can anyone give me advice to improve my skills. Funding for training is out. PLEASE ADVISE!!!!!!!!

 

[nothing123]

JRMS. why don't you create a web page, post your abilities and some innovations in the field and direct potential employers to it?

there is nothing that the world loves more than someone who can talk the talk and prove by doing.

 

[SSiguenza]

Hello all,
I like some of you are getting started in the IT Sec field, I have about 4 years of experience(mostly as a Net Admin). I am actively searching for the best sites containing information(Common practices, recommendations, guides) That is how I found you. Can you please share any other sites that would prove helpful to us rookies???

Thank you!!
SSiguenza

 

[langleymass]

I'm thinking of going for a CISSP also. Generally I love taking tests. At the same time, I was burned so badly on an MCSE in NT 4 that I have taken one test since the spring of 2000. The test I did take was the free upgrade in late 2001.

It sounds like the CISSP is worthwhile, but people were saying the same thing about the MCSE back in 1999 and 2000.