One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 1493779 |
| Date de publication | 2019-12-12 14:00:00 (vue: 2019-12-17 22:00:15) |
| Titre | Which security certification is for you (if any) |
| Texte | It is hard to look at an information security job posting without seeing some certifications desired. Some make sense and others not so much. I have looked at junior helpdesk positions asking for CISSP, and some of the roles at some of the most respected companies do not ask for any certifications. There are some certifications that in having them demands instant respect: OSCP, OSCE, GXPN, and GREM, to name a few. Dave Kennedy has stated that anyone with an OSCE that applies to TrustedSec will at least get an interview. So, as a n00b, where do you start? Honestly, there is no right or wrong answer. I am sorry to disappoint you. Before you exit this article, I have some insight for you. Let’s start with the discussion of to get certifications or not to get certifications. Off the bat, if you plan to work for the US Department of Defense or Federal Government (as a contractor or civilian), you need certifications. Starting with CompTIA Security+, then EC-Council’s C|EH, then (ISC)2 CISSP, then a variety of other certifications from CompTIA, SANS, etc. DOD Directive 8140.01 mandates this. What about outside the government? There is no specific right or wrong answer, as I stated above. I know this is anti-climactic, but not all jobs require certifications. Some employers/hiring managers will hold some certifications to a high esteem and may hold grudges against others, thus hurting you for having it. In the absence of the job posting saying not to apply if you have insert certification here, there is no way to know. Having a certification should differentiate (not define) you as a candidate. If you are equally experienced and qualified as another person, the certification may put you over the top in getting that offer letter, but there are other factors in play. Regarding certification vendors, not all are created equal. Some focus on non-technical material primarily, others have excruciatingly challenging exams while others are best for entry-level certifications. Some certifications, like the AlienVault Certified Security Engineer (ACSE) or Cisco Certified Networking Associate (CCNA), are focused on a specific vendor. Full Disclosure: I hold the ACSE certification and have previously taught |
| Envoyé | Oui |
| Condensat | 2600 dave defcon derbycon dod isaca penn there 2 cissp 2 course 507 8140 able about above absence account acse active added addition additionally advance after against aggressively alienvault all also analyst and owasp and/or another answer anti any anyone applies apply are article ask asking associate attack audit auditor author back bat becoming been before best boil bootcamp but by wondersmith campus candidate career ccna certification certifications certified challenging chances chapters cisa cisco cissp civilian class climactic club clubs colleges committee communities companies comptia concentration conference consider contractor conversation could council council’s course created current currently c|eh decision defend defense define demands department desired deviations different differentiate directive disappoint disclosure: discussion doesn’t doing don’t done easiest ecsa employed employer employers/hiring endorsement engineer engineering engineers entire entry equal equally esteem etc ethical exam exams exception excruciatingly exit experienced expert explain express fact factors federal feedback finally find finding finish first focus focused for your future from full funded gainfully get getting give got government grem groups grudges gse gsna gxpn hacker hackerhalted had hard has have have insert having help helpdesk here high hold honest honestly hurting importantly information infosec insight instant instructor interest interview isc issmp job jobs junior kali keep kennedy has know knowledge later least let’s letter level levels library like like issa chapters listen local look looked make management managers mandates material may maybe meaning meet mentor mentors months most moving much n00b name navy necessarily need needed network+ networking next non not notable objectives odd off offensive offer offered one only organized osce oscp osint oswe oswp other others out outside over pass passed passing passionate path pentesting people person plan play positions possess posting practical practice previously primarily process professor put qualified rae recommend regarding relationship renew require required respect: respected respectful right role roles row same sans sans/giac sat saying sec504/gcih secure security security+ seeing self sense sent should sit skill social sole some someone sorry speaker specific start starting state stated story student studying successful successfully supervisor systems take taking talk target taught teach technical technology test them then then theoretical think thriving through thus time times to trustedsec will tons took top training trust truthfully twitter unemployed usm variety vendor vendors voucher vouchers want wanted way well what where which who will willing without work working workshop world would wrong years yet you’re your |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.