| > |
You'll need certain basic background in networking: topologies, technologies,
protocols, and so forth, is essential to understanding computer and network
security. Thus, if you don't already have a networking background, I
strongly
urge you to obtain the CompTIA Network+ certification (you don't indicate
how
much networking you had in your Chesapeake bay computer science program).
After that, I recommend a pseudo-"ladder" of security certifications as
follows:
1. Start with the BrainBench network and internet security exams, to
get yourself up and running (www.brainbench.com)
2. Tackle the CIW Security Professional exam next (www.ciwcertified.com);
some colleagues of mine wrote a pretty good book on it called "CIW
Security Professional Certification Bible," Hungry Minds, 2001.
3. Tackle the TruSecure ICSA (TICSA) certification next, or some other
entry-level "serious" certification credential: (SANS GSEC, ISC-squared
SSCP, etc.). You'll start seeing books on most of these certs at
mid-year,
right after you polish off items 1 and 2.
4. From there, let your budget, availability, and interest dictate some
mid-level security cert to you (most require 3 years of on the job
experience, and take a fair amount of study, so expect to take a hiatus
between the previous step and this one): CISSP, ICSE, SANS GIAC Level II,
and so forth.
5. If you plan to work in environments where specific products or hardware
are in use, you should also investigate vendor-specific security certs
from companies like Cisco, CheckPoint, ISS, and so forth. Combined with
the preceding elements and 3-plus years of experience you should be
able to get a pretty good job.
|
|
