Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
 
  • Post
  • Reply
Diva Cupcake
Aug 15, 2005



I was given a nudging by my manager to start pursuing a higher level security cert. I've been in a sort of hybrid Sr. Windows SysAdmin/IT Security role for a few years now and with a new CIO re-org coming, it definitely can't hurt. My future goal is to move into a senior ITSec role when/if one becomes available.

I assume he's nudging me towards CISSP but I think CCNA Sec, CEH or SSCP would also be valid paths. Which would you pick as far as effort and knowledge value go? I read the "Why You Should Not Get A CISSP" pdf a few pages back and I agree with a lot of the points, but if it ensures my positional standing at a job I quite enjoy, I still do it.

Adbot
ADBOT LOVES YOU

Diva Cupcake
Aug 15, 2005



pretend to care posted:

If anything I'd do CEH last. Not sure what sort of "industry" you're in, but I know that where I am almost every one of these positions REQUIRES a CISSP/CISM/CISA type cert, and then stuff like CEH or Security+ are nice to have (but really nobody cares if you have the main one).
Thanks. HealthCare. I already have Security+ so that wouldn't count as a higher level cert in his eye. Plus, he has CISM so that's why I'm assuming he wants me to get a CISSP*.

CEH I know nothing about and it doesn't sound like something that carries much weight but I'd be open if it was worthwhile from an information standpoint.

*I assumed CISM was also (ISC)2 and I was wrong.

Diva Cupcake fucked around with this message at 17:54 on Mar 28, 2013

Diva Cupcake
Aug 15, 2005



pretend to care posted:

What areas? In my time in defense everyone who was doing IT or infosec as a career was getting a CISSP, and the other people who didn't give a gently caress but were just put in a position like IAO/IAM/ISSO were getting S+ because it was a little easier to get.

Also, that's just US Fedgov as gently caress. The people stewarding our classified information? Oh we just picked some dummy we couldn't get rid of and made him do it, he's not an IT or infosec or computer science person but WHO CARES!
I have the InfoSec thread bookmarked for lurking. Thanks.

CEH is one of the certs required for any of the 8570 network defense classifications. I don't work in DoD but the cert for better or worse holds value.

http://www.giac.org/certifications/dodd-8570

Diva Cupcake
Aug 15, 2005



ascii larry posted:

Does anyone know if this has been implemented yet? Or is it for the next round of CompTIA tests? I'm looking to book Network+ soon, specifically.
When I took Security+ a few months back there were 3 lab questions to begin the exam that were apparently new and as far I know they count the same as the other 98 multiple choice questions. They were relatively simple like matching ports to a service via a dropdown list, watching a graphic and determining what kind of attack was going on (Smurf Attack!), and I think the last one was configuring a WAP to be most secure considering the network hardware on their diagram.

I wouldn't worry too much about them because they didn't add any difficulty.

Diva Cupcake
Aug 15, 2005



An Unoriginal Name posted:

I'm going to be trying to get my Security+ very soon so question about Security+ materials, is the OP recommended book still good? I have this book I picked up a while back for a class I was taking, is it just as good/better/worse? Is the Certblaster software any good?
The Darril Gibson Sec+ book is really fantastic. I haven't read the one in the OP but Gibson is clear and concise and easy to read. I had no problems passing with existing knowledge plus this.

http://www.amazon.com/gp/aw/d/1463762364/ref=mp_s_a_1?qid=1367842379&sr=1-1-catcorr&pi=SL75

E: Apparently that was the one in the OP. Oops. Get that one though.

Diva Cupcake fucked around with this message at 12:24 on May 6, 2013

Diva Cupcake
Aug 15, 2005



Elucidarius posted:

How valuable is the Security+ certificate without any actual job experience? I'm fairly certain I can pass, I know my stuff. I just don't have any actual experience. I'd be fine with an entry level job I'm just worried I'll shell out the time and money only to get nothing due to lack of experience.
In the private sector, probably not very unless they're looking to fill a junior IT Sec position with someone who at minimum cares enough about it to get base-level certified. It does fulfill the requirements for DoD 8570 Technical Level II and Management Level I positions though, which may not have been open to you prior.

Diva Cupcake
Aug 15, 2005



AgentSythe posted:

Any of you cool dudes have recommendations on study materials for CISSP? I only saw Sec+ listed in the OP.

Im studying for it now and the two main books are "CISSP All-In-One" by Shon Harris and "CISSP Study Guide" by Eric Conrad. Everyone that Ive talked to used the Harris book almost exclusively so Im grinding my way through that one first.

Diva Cupcake
Aug 15, 2005



Powdered Toast Man posted:

This is sort of a weird request, but...has anyone ever seen a script or even just raw data in a CSV that you can use to quickly populate AD with a bunch of users (with real names) that you can then work with? It would be a lot faster than trying to do it by hand.
This guy created a PS script that will import 25k users into AD along with attributes filled from Fake Name Generator.

http://www.wictorwilen.se/how-to-use-powershell-to-populate-active-directory-with-plenty-enough-users-for-sharepoint

Diva Cupcake
Aug 15, 2005



Tab8715 posted:

Heh - there are Citrix Certs too... Curious, how much are these worth on their own? Are they as valuable as a CCNA or CCIE?
There are places that are heavily invested in Citrix and might place a check mark next to your resume because of a specific Citrix cert, but as a whole I'd say it's probably not nearly as "valuable" career-wise as a CCNA, and certainly not in the same universe as a CCIE.

We use XenApp Server and it's wholly owned, operated, and designed by the Windows sysadmin team.

Diva Cupcake
Aug 15, 2005



This should maybe go into the InfoSec thread but no one really posts there any more. SANS put out a fantastic resource infographic for PenTesting and and their associated courses/certs.

http://pen-testing.sans.org/blog/pen-testing/2013/06/20/announcing-the-ultimate-sans-pen-test-poster


Diva Cupcake
Aug 15, 2005



psydude posted:

Actually now that you mention it, the security guys are always the ones pointing fingers. It's always the network engineers' faults.
IT Security are basically the hall monitors of our organization.

"Please disable directory indexing on your public facing web server"
"For the love of god retire your lovely Windows 2000 app server already"
"Stop running in the hallways"

etc...

Diva Cupcake
Aug 15, 2005



I took "VMware vSphere: Install, Configure, Manage [V4.1]" a couple years back and stupidly put off testing until I eventually forgot about it.

Just to be clear, I'd have to pass VCP410, take the "VMware vSphere: What's New [V5.1]" course, and then take VCP510 in order to be current, correct?

Diva Cupcake fucked around with this message at 15:19 on Jul 1, 2013

Diva Cupcake
Aug 15, 2005



Moey posted:

Correct. I just checked on the PearsonVue website and it looks like the VCP410 is still available as well.
Thanks. That's what I figured. "What's New [V5.1]" is $1700 and "Install, Configure, Manage [V5.1]" is $3900 but would only take 1 exam.

Ugh.

Diva Cupcake
Aug 15, 2005



That's pretty disappointing. I just re-upped my subscription in March.

three posted:

If you buy TechNet, are the licenses it gives you for that year good forever or just essentially 1-year-long trials?
You'll no longer have access to the TechNet portal to download ISOs or the ability to request new licenses but the software should still work, even though you're not permitted to use it.

Microsoft posted:

The subscription provides you with access to software and associated benefits. When your subscription concludes, you will no longer have access to the software or any associated benefits and must discontinue your use of the software.

-You may not use the software if you do not have an active subscription.
-You may install and use the software on your devices only to evaluate the software.
-You may not use the software in a live operating environment, in a staging environment, or with data that has not been backed up.

Diva Cupcake
Aug 15, 2005



But seriously, gently caress Prometric.



All day.

Diva Cupcake
Aug 15, 2005



Swink posted:

What's the process for renewing a Cisco cert once it's expired?
You need to completely start over with the CCNA track.

Diva Cupcake
Aug 15, 2005



Charles Martel posted:

Am I reading it right where the CCENT exam costs $295? This is what the Pearson VUE site is saying after I've registered. I figured it would be +$100 but not that much. Is there anywhere to get it cheaper?
You're on the wrong exam.

640-822 CCENT/ICND1 $150
640-816 ICND2 $150
640-802 CCNA $295

Diva Cupcake
Aug 15, 2005



MrBigglesworth posted:

Are CBTNugget videos downloadable at all, or is the subscription locked into online only viewing? I will be needing 70-640 and 70-646 in the future to get MSCA Windows Server 2008 certified. We will also be working on CCNA, but when this was enrolled and scheduled it was well before the new flavor of Cisco test was even announced.
Strictly video streaming, although the IT Training plan includes audio .mp3 downloads of the course material.

Diva Cupcake
Aug 15, 2005



Comradephate posted:

Second, what's the preferred material for MCSA - Server 2012?

E: if these are questions that are in the thread 45 times just pretend I never asked them, as I realized too late that they probably are, disregard. I'll read the thread as I have time.
I don't know about preferred but definitely take a look at the Microsoft Study Group wiki. It has TechNet article links for each of the exam's skills objectives.

http://borntolearn.mslearn.net/certification/server/w/wiki/491.410-installing-and-configuring-windows-server-2012.aspx#fbid=ClTSTC-Q3kh

Diva Cupcake
Aug 15, 2005



Comradephate posted:

Seriously though, I'm not sure. I've heard people talk about simulation errors that were present, and then present again when they re-certified. Doesn't seem like Cisco is that fussed about it.
From what I've read Microsoft has in the past put intentionally and clearly wrong answers in their exams to try and red flag a person for further review with the assumption that if you got it "correct" you either guessed (not bad) or used outside guidance. They don't count the question obviously.

Diva Cupcake
Aug 15, 2005



e: wrong thread.

Diva Cupcake fucked around with this message at 20:14 on Sep 10, 2013

Diva Cupcake
Aug 15, 2005



Is the Michael Jang book the go-to resource for RHCSA? Any others you'd recommend?

Diva Cupcake
Aug 15, 2005



SeamusMcPhisticuffs posted:

Thanks guys, I went to Pikes for lunch and had several people try and sell to me, but I've got an interview today for a Law Enforcement IT job and if I get it I'll probably have to piss in a cup.
Possibly related, but what the general requirements to joining say a state police "cyber crimes division"? Massive amounts of forensics experience or do you need to join and work your way over from detective?

Diva Cupcake
Aug 15, 2005



Awesome info. Thank you very much.

Diva Cupcake
Aug 15, 2005



CentOS. Or you can also use AWS Free tier if you need to have the RHEL badge.

http://aws.amazon.com/free/

Diva Cupcake
Aug 15, 2005



Is the Scott Lowe 'Mastering vSphere 5' book a decent enough replacement for whatever Stanly course materials there are?

Diva Cupcake
Aug 15, 2005



Moey posted:

Great book. I am really just using the Stanly course as my "rubber stamp" so I can sit the exam. I don't expect to really learn anything from it.
Thanks. I think that's what most people are doing. I have the pre-req course for the VCP4 complete but I'd still need a $1800 refresh if I wanted to sit VCP5. Stanly is the way to go.

Diva Cupcake
Aug 15, 2005



Moey posted:

Also where the hell are these quizzes? The only two "quizzes" I found were the class overview and the VMware registration.

I just want my rubber stamp!
Theres only been 2 quizzes as far as I can tell, right at the beginning. I also ignored the class for almost a month and now I'm just banging out labs. Are these discrepancies further on than Lab 13? That's what I've caught up to over the last couple nights.

Seems disgustingly easy and straightforward so far so obviously no substitute for actual studying.

Diva Cupcake
Aug 15, 2005



hackedaccount posted:

I remember having about 6 quizzes. If you don't see them you might want to send a Jmail (or whatever it's call) to the instructor.
...
When in doubt e-mail the instructor. Mine was really good at getting back to me.
I ended up emailing the instructor and he told me as long as I had completed everything through Lab 21, I was good to go.

There were 3 quizzes: Class Overview Quiz, which is just reading the syllabus, VMware Registration, self-explanatory, and the Module 2 Quiz, which covered the Intro. The other 10 modules are just videos and labs.

Diva Cupcake
Aug 15, 2005



Sweet. Stanly course has shown up on my VMware transcripts and I just got the voucher in email. Now I guess I just need to finish studying for the actual exam.

Diva Cupcake
Aug 15, 2005



slightpirate posted:

I want to play alphabet soup by the end of the year. What sort of preparations do I need to make to start down the CISSP rabbit hole?
Personal preference but I'd start with the Eric Conrad books; Shonn Harris made me want to become a cutter.

Diva Cupcake
Aug 15, 2005



I may want to cut myself during and afterwards but I'm kicking the idea of taking the 70-331 and 70-332 track for SharePoint.

Are the ExamRef books the only worthwhile materials? I also have 'Pro SharePoint 2013 Administration' from Apress handy.

Diva Cupcake
Aug 15, 2005



BaseballPCHiker posted:

To anyone who has taken the vcp course through Stanley Community College, how much did you use the required book? It's like $45, I've never heard mention of it and I think I'd rather just spend the money on the Scott Lowe book.
I never bought it. The class is just ~20 labs that don't even make mention of the book so just buy whichever one you want for self-study.

Diva Cupcake
Aug 15, 2005



BaseballPCHiker posted:

Thank you so much for this! I had similar $reasons$ to start studying for that and have gotten side-tracked in the last month with a new dog and family matters. It's probably the single most dry boring material I've ever had to study for. I needed a cram type guide to study and get it out of the way before I start on my VCP class.
My last job required all of IT Infrastructure to be ITIL Foundations certified, which was a pretty reasonable goal in itself. Everyone sat through the most boring 5-day class imaginable and essentially crammed "Which phase would this be?" type questions the night before for a couple hours. I think maybe 2-3 people didn't pass out of ~150.

Diva Cupcake
Aug 15, 2005



Dr. Arbitrary posted:

I wonder what the success rate is for the 5 day VCP course?

Anecdotally, I know of a company that sent a team to the VCP class and only one guy ended up passing.
Anecdotally, we sent 10 people to the 5-day 4.1 Install, Manage, Configure back in 2010. Only 4 people took the exam directly afterwards since they had the free voucher and zero passed, myself included. The 2 lead virtualization engineers eventually passed with loads of self-study but everyone else never bothered. Management didn't press it because at least the admins knew how to use vMotion and deploy a template if need be.

Really it was an exercise in using up allocated training budget dollars in order to justify the same dollar amount the following year.

Diva Cupcake
Aug 15, 2005



The discounted prices aren't too much better than Kindle but close enough to give them business. Buying Bejtlich's "The Practice of Network Security Monitoring". Thanks.

Diva Cupcake
Aug 15, 2005



If you're in a stable position I'd definitely say bang out ITIL in a week or so and then actually study for a PMP.

A lot of our middle IT management that was laid off during outsourcing had a very hard time getting equivalent positions elsewhere as they no longer had any discernible technical ability. Project management is a good way to stay needed.

Diva Cupcake
Aug 15, 2005



Japanese Dating Sim posted:

For some reason Storage+ sounds depressing to study for. I think it's because once I get my Security+ I consider myself done with CompTIA forever, outside of renewing Security+ when necessary.
I considered my Sec+ a warm-up for CISSP, figuring by the time it expired I'd have already passed the next step up and could safely let it expire. Of course I'm lazy and haven't yet scheduled my CISSP 2 years later so I'll see how my motivation versus plan of action plays out.

Diva Cupcake
Aug 15, 2005



MJP posted:

Those on the MCSE track, you may want to get your exams in before MS "improves" them.

http://www.theregister.co.uk/2014/07/22/microsofts_mcse_and_mcsd_will_become_harder_to_win/
This is pretty awesome news.

quote:

To that end, he said Microsoft will add "a variety of richer test types that make it harder for people to memorise answers. We're also adding richer questioning types. In test for SQL certifications we ask you to actually create an SQL query.

The requirement to actually wield SQL has been included to make certifications reflect more real-world effort, instead of just theory.

Adbot
ADBOT LOVES YOU

Diva Cupcake
Aug 15, 2005



Yeah, bringing a more Red Hat-esque approach to real-world scenario testing would be greatly appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply