To everyone taking Security+, CySA+, PenTest+, and SecurityX
- Thread starter Gregory Childers
- Start date
Normally no one should be talking security if
1. you cant set up a pc
2. set up a basic soho network and understand its make up
3. script or code in any language whatsoever
have advocated for this for donkey years.. Lol
wondering how someone will secure what he/she doesn't understand how to set up - its a mirage
Anyway there are slim exception - people can go into cybersecurity or choose to write this certs as a + to their CV( Since passing a cert insnt an actual test of knowledge or experience) but prefer to take on non-technical cybesecurity role like
- GRC
- Technical writing
- Sales, Marketing, Support for cybersecurity products/services and platforms
etc...
By the way your advice is 100% valid
This is not just important, but very important...... I usually tell my students that Networking skills like understanding data encapsulation/decapusulation the headers themselves.... TCP headers(flags inside), UDP headers..... Purposes of ports and services/protocols on OSI model down the layers, IP addressing they are all the heart Network Basics for Hackers my favorite book
Linux, scripting and of course programming are also the skills that are also equally very important to master.
Lastly: Good communication, Critical Thinking, Teamwork, Attention to Detail, Adaptability and not limited to Time Management
Linux, scripting and of course programming are also the skills that are also equally very important to master.
Lastly: Good communication, Critical Thinking, Teamwork, Attention to Detail, Adaptability and not limited to Time Management
There are so many people that just want the "quick and easy pathway" to Security+ and higher and find learning basic networking, computer skills, or the like to just be a hinderance.
But, so many people just want to go cyber/be cyber and so on, to the point where they leap over basic skills. I've had students ask me and I just tell 'em, "Go get your A+ and Net+ first, then come back and talk to me."
To date, I've not gotten a single one come back to me after.
Not worth my time, tbh.
/r
But, so many people just want to go cyber/be cyber and so on, to the point where they leap over basic skills. I've had students ask me and I just tell 'em, "Go get your A+ and Net+ first, then come back and talk to me."
To date, I've not gotten a single one come back to me after.
Not worth my time, tbh.
/r
I wish I had a dollar for every story I've heard about someone going after their Sec+, CySA+, and PenTest+ with zero experience and no Net+ or A+, only to hear them complain that no one will hire them.
So THAT'S how we get to $75/hr...lol
…and I wish I had a dollar for every Security+ student I’ve had that did not understand the class C subnet or why DNS exists.
Same thing applies to experienced certified professionals, There is not magic wand , you have to keep learning, earn vendor specific certs , volunteer...etc.
I've been in tech for 30+ years and I'm studying for five new certifications this year. Never stop learning.
AI is also something worth learning. A lot has changed in short space of time.
I tell my students that you have to know how something works in order to defend it, maintain it and to improve it.
In one of the most extreme ways, when I was working Missile Defense, deployment of updated systems was VERY slow - working on systems that are 20+ years old is very common - because you can get predictability down to the wire level. In other words, O&M would know every signal, every voltage, everything that would run up and down every wire. It was that detailed.
So you knew that if there was an anomaly, you could see it and correct it. Given the need for extreme reliability for systems involved in defense or space applications, knowing how your system worked helps with maintenance.
Now, it brings up the point of why we have SIEMs and SOARs - because no one can know or see it all. Even on the most simplest of infrastructure systems - say, five desktops and one little server, you still have to have a bit of faith in something. IMAO, Zero Trust, while a great goal, isn't completely possible. To me, ZT is like a logarithmic scale - the harder you go, the more expensive, costly, and difficult it gets to actually get there. So you go for a 'good enough' and hope that takes care of you.
With trained IT staff to not understand how the network actually works, to me, is asinine, even if they aren't directly involved in Cyber operations. The thing is, Network+ is not one of the more sexy certifications out there. Everyone wants the certifications that will score big money and Net+, on its own, doesn't command THAT much. Even today, I reckon, CCNA/CCNP has fallen out of favor. Networking becomes to be something you just "do" to get to the next level. In fact, out of the Core triad, I see Network+ requested far less in job listings than Security+ or even A+.
I don't see any of the A+/Net+/Sec+ courses any more. Most of my time is teaching SecurityX, CISSP, CISM, Cloud+, CySA+, PenTest+ and project management classes. My guess is that students are doing self-study for the CompTIA trifecta or working on vendor cloud certs.
True actually - I dont and rarely engage in the A+, N+ and the Sec+ cos they are fundamentals - as regards what the day to day task, role, job will require from you. for a long time I had stop teaching A+ and N+ - most of my engagement or advisory for these are for the sake that its give good heads up to what really matters.
What I do see are over-priced bootcamps with "job guarantees" that teach the trifecta and then charge you upwards of 14k$ (sometimes even 20k$). A lot of those bootcamps prey on veterans and their juicy, juicy GI Bill
That is unethical sales & marketing. Actions like that are ruining our industry. No one should be paying more than $4k for a boot-camp and NOTHING should ever be guaranteed. I tell every single one of my students that I do not guarantee passing scores, but that I can show them what they need to do in order to increase their probability of passing. And no one can guarantee a student a job.
I am with you on this Gregory.