Entry level certifications

dcdesmond · February 26, 2019, 3:09am

Hello guys!

So I am finishing my graduation this year and I decided to seek job in the ITsec field, and because of that I started to search for some entry level certifications.
But most of the certifications that I found was not looking like a entry level, or beginner one.
Do you guys recommend one to start with? For now I am thinking about getting Cisco CCENT so I can get some general certification before focusing on ITsec.

Thanks for the help

sillydaddy · February 26, 2019, 3:30am

I would recommend to get that OSCP . Prepare couple of months and just go for it !!!
All the best

iseethieves · February 26, 2019, 3:43am

CCENT isn’t worth much, but it’s something. More importantly you can get a CCNA from it (test ICND1 for CCENT, Then do the ICND2 to “upgrade” to a CCNA, makes the study load much more manageable).

I work in IT and i’ll be honest, I don’t use 90% of what i learned in from getting a CCNA (and literally none of the cisco specific stuff which is like half of a CCNA).

BUT, it is a damned solid foundation in networking, and there have been more than a few times where having a solid understanding of networking has made me look like a hero. Case in point, an ISP of our client had all their CPE in the same RFC 1918 subnet, BUT had firewalled all of their clients off from each other. Essentially, no two customers of the small town ISP could ping each other because of this. Try figuring that ■■■■ out without a solid understanding of the subnetting cisco certs drill into your skull.
I honestly don’t think i’ll pursue any higher cisco cert (or even renew my CCNA tbh). A CCNA is the sweet spot imho unless your job title includes the word “network”.

Beyond that, i hear good things about the Windows Server 2016 MCSE. I can attest that 90% of IT is dealing with Winderrs in some way, so an MCSE is my second top cert.

And/Or an RHCE if you expect to be working with primarily linux. There are not a whole bunch of entry level linux IT jobs, but they do exist, and they pay quite well. Being decent (if uncertified) with *nix is also very handy, as literally everything is running busybox or something similar. Sophos Firewalls? linux based. Every consumer grade router ever? busybox linux. Datto backup appliances? linux based. Datto Switches? linux. locally hosted VoIP servers? guess what, it’s linux!

Finally, the big two infosec certs are the OSCP and the CISSP. The CISSP tends to get more hits from HR people, but it requires 3-4 years of proven work experience in a security related IT role before you can even take the exam.

Lastly, There’s the CompTIA network+/linux+ certs, and other very entry level certs. I honestly think these are a complete waste of time, and you’d be better off with something a little more specific and challenging.

RyanW18 · February 26, 2019, 8:07am

I did the ICND1,ICND2, CompTIA PenTest+ (Intermediate cert) then the CISMP. All good exams to have so I’d say I’ve got a pretty good understanding in all of those areas.

peek · February 26, 2019, 8:13am

oscp but work your skills in a training course first

dcdesmond · February 26, 2019, 10:10am

Thanks for the answers guys! Really appreciated.

@iseethieves I thought that CCNA was gonna be hard for me to get but gonna look into it as you said that is manageable

As for the rest that said about OSCP, its my ultimate goal. But I dont think I can get knowledge until the end of the year to pass the test. I have started studying pratical pentesting only 2 weeks ago. Even thoguth I am really proud of my evolution (rooted 3 boxes so far hehe) I think I need some time. I will see.

Also the money is kind a factor, I am not from USA or EU so think that every cert ist 4x more expensive for me. But I am saving for this so one day I will get them all!

sesha569 · February 26, 2019, 10:36pm

AFAIK if you want to be pentester CCNA knowledge may help little bit. But cert may not help much…as of now two gold certs are oscp and cissp…
So read the books about ccna and gain the knowledge. Don’t spend money on certificate…
If you want worth the $$ or your currency is security tube or pentester academy certs… or at least their free videos or mega primers and of course ippsec videos…

NonStopCyber · February 27, 2019, 8:48am

CCNA is good groundings, I would avoid CEH though if you want to be a pen tester, OSCP is recognised all over the world so it’s a good one to aim for. If you’re in the UK, Australia or Singapore CREST CPSA/CRT is also useful. I’ve not had much call for the SANS ones overall but that could be different in other countries.

Experience is the best cert you can get though, try and get as much as you can, even if its following other pen testers around where you work currently or doing a test on a friends website.