IT Certifications and Careers (Official Discussion Thread)

[Ice_MF_Mike]

You in security too breh

 

[↓R↑LYB]

#WeOuchea

 

[Ice_MF_Mike]

#WeOuchea

#SixFigureGang

#GETTHATMONEY

 

[Ice_MF_Mike]

Reposting this. For those that are looking to get into security. Understand it is a HUGE area with alot of different directions you can go or get into. Below are the main domains of study that are used in the CISSP exam. They can help give you an idea of the different areas you can go into.

Its a security certification. Its in very high demand. And more importantly, it gives you a very broad knowledge of the infosec realm. From there you have a better idea which direction to proceed as its a HUGE field. Below are the domains for this certification:

The CISSP® domains are drawn from various information security topics within the (ISC)²®CBK®. The CISSP CBK consists of the following 10 domains:

• Access Control – A collection of mechanisms that work together to create securityarchitecture to protect the assets of the information system
  • Concepts/Methodologies/Techniques
  • Effectiveness
  • Attacks
• Telecommunications and Network Security – Discusses network structures, transmission methods, transport formats and security measures used to provideavailability, integrity, and confidentiality
  • Network Architecture and Design
  • Communication Channels
  • Network Components
  • Network Attacks
• Information Security Governance and Risk Management – The identification of anorganization’s information assets and the development, documentation andimplementation of policies, standards, procedures, and guidelines
  • Security Governance and Policy
  • Information Classification/Ownership
  • Contractual Agreements and Procurement Processes
  • Risk Management Concepts
  • Personnel Security
  • Security Education, Training and Awareness
  • Certification and Accreditation
• Software Development Security – Refers to the controls that are included within systems and applications software and the steps used in their development
  • Systems Development Life Cycle (SDLC)
  • Application Environment and Security Controls
  • Effectiveness of Application Security
• Cryptography – The principles, means and methods of disguising information toensure its integrity, confidentiality, and authenticity
  • Encryption Concepts
  • Digital Signatures
  • Cryptanalytic Attacks
  • Public Key Infrastructure (PKI)
  • Information Hiding Alternatives
• Security Architecture and Design – Contains the concepts, principles, structuresand standards used to design, implement, monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels ofconfidentiality, integrity, and availability
  • Fundamental Concepts of Security Models
  • Capabilities of Information Systems (e.g. memory protection, virtualization)
  • Countermeasure Principles
  • Vulnerabilities and Threats (e.g. cloud computing, aggregation, data flow control)
• Operations Security – Used to identify the controls over hardware, media and theoperators with access privileges to any of these resources
  • Resource Protection
  • Incident Response
  • Attack Prevention and Response
  • Patch and Vulnerability Management
• Business Continuity and Disaster Recovery Planning – Addresses thepreservation of the business in the face of major disruptions to normal businessoperations
  • Business Impact Analysis
  • Recovery Strategy
  • Disaster Recovery Process
  • Provide Training
• Legal, Regulations, Investigations and Compliance – Addresses computer crime laws and regulations, the investigative measures and techniques that can be used todetermine if a crime has been committed, and methods to gather evidence
  • Legal issues
  • Investigations
  • Forensic procedures
  • Compliance Requirements/Procedures
• Physical (Environmental) Security – Addresses the threats, vulnerabilities, andcountermeasures that can be utilized to physically protect an enterprise’s resourcesand sensitive information
  • Site/Facility Design Considerations
  • Perimeter Security
  • Internal Security
  • Facilities Security

 

[GollyImGully]

The CCNA Security exam is extremely easy. So it might be worth taking just to take it, though its not a cert i typically see jobs asking for. And it will cover some basics that are in CISSP. For the CISSP however, you need at least 4 years of experience in the infosec realm. You might be better served building deeper network knowledge for now, especially if you want to be in the network security area of infosec. Then working on the CISSP in about two years to start the move over to security.

Im thinking you and @bdizzle are probably right to get that CCNP in routing/switching this way ill have that complete network knowledge

CCNA security i looked through the book i can knock that out pretty quick

The CISSP requires 5 years of experience so you can't get that yet. But if you want to get into network security on the Cisco side then get the CCNP Security. I learned a lot about good security practices and the many ways to secure the IOS.

Also FYI network security is a big field, it's not just routers and switches. There's load balancers, IPS sensors, web filters, SIEM servers, firewalls, VPN's, and a bunch more I cant think of. Plus you have to know networking very well for obvious reasons.

Security is wide open though so either way you'll be never be unemployed

I think i just have to figure out where in security id like to be. @Ice_MF_Mike what is a typical day like for you guys at work?

Reposting this. For those that are looking to get into security. Understand it is a HUGE area with alot of different directions you can go or get into. Below are the main domains of study that are used in the CISSP exam. They can help give you an idea of the different areas you can go into.

this def a good look ii have to research some of these

 

[Ice_MF_Mike]

I think i just have to figure out where in security id like to be. @Ice_MF_Mike what is a typical day like for you guys at work?

typical day for me? no day is typical for me. I spend a good portion of my time in meetings at different customer offices, and when im not in meetings, i'm doing risk assessments for potential customers or current customers. I also work from home so if im not in meetings like most of this week and last, im posted up in my sweats at the crib on webex's all day whilst bumpin some Freddie Gibbs.

Its great. But my role is closer to the business side of things as a sales engineer. Where you want to be you will be will likely be completely different. Remember its a huge field though. So many options out there bruh.

 

[Renkz]

I barely passed my Object Orientated Class. Next semester I have database and data structures, please tell me it gets bit easier

 

[Apollo Creed]

I barely passed my Object Orientated Class. Next semester I have database and data structures, please tell me it gets bit easier

lol all that stuff was easy to me, but I think learning about DBMS before programming helped me in School. I did an Into to DBMS > Intro to Visual Studios > Adv DBMS > Advance Web Design when I was in school

 

[↓R↑LYB]

I barely passed my Object Orientated Class. Next semester I have database and data structures, please tell me it gets bit easier

If it don't work out UPS is hiring

 

[Renkz]

Id it don't work out UPS is hiring

Thanks for the looking, breh

 

[↓R↑LYB]

Thanks for the looking, breh

Anything I can do to help

 

[↓R↑LYB]

@Renkz daps and reps are appreciated for the life changing advice I gave you

 

[havoc]

This is the most informative and progressive thread in this forum. So much lives has changed because of this thread.

 

[semtex]

I barely passed my Object Orientated Class. Next semester I have database and data structures, please tell me it gets bit easier

lol the OOP gets more tricky in the industry. For example, it's far less obvious when some code is tightly coupled than it is in them textbooks examples. Good thing is you will have people to guide you and code review all your stuff if you work for a halfway decent company.

 

[Adidacs]

In college with two years experience with Javascript, learning Python at the moment. Am I in the right thread?



nikkas in here talking 150K in something that requires no degree, sounds like a nice backup plan. Page numbers where can I get the meat of what you guys are talking about? Also, are there any software/app developers in here, or anywhere else on the Coli?