±Forensic Focus Partners

Become an advertising partner

±Your Account


Username
Password

Forgotten password/username?

Site Members:

New Today: 3 Overall: 33055
New Yesterday: 2 Visitors: 141

±Follow Forensic Focus

Forensic Focus Facebook PageForensic Focus on TwitterForensic Focus LinkedIn GroupForensic Focus YouTube Channel

RSS feeds: News Forums Articles

±Latest Articles

RSS Feed Widget

±Latest Webinars

Advice on Security Certificate

Computer forensics training and education issues. If you are looking for topic suggestions for your project, thesis or dissertation please post here rather than the general discussion forum.
Reply to topicReply to topic Printer Friendly Page
Forum FAQSearchView unanswered posts
Go to page 1, 2  Next 
  

Advice on Security Certificate

Post Posted: Thu Nov 02, 2017 6:03 am

Hello everyone,

I have got my GCFA certificate recently, and I would like to expand my vision to the network forensics as well as ethical hacking. It seems that CEH is a certifiacte mentioned everywhere, but I think it is a entry-level one, so I am thinking to jump over it and head directly to Offensive Security Certified Professional(OSCP). I ould like some advice on these two certificate, especially on the difficulty and the recruitment market reviews. Meanwhile, I am also thinking of CISA, however, without any audit background, I am hesitate to jump in.  

Last edited by chienchat on Thu Nov 02, 2017 9:25 am; edited 1 time in total

chienchat
Newbie
 
 
  

Re: Advice on Security Certificate

Post Posted: Thu Nov 02, 2017 9:16 am

CEH Certified Ethical Hacker is in Switzerland kind of worthless, was good in 90s. Be aware that OCSP also stands for Online Certificate Status Protocol which is a technical and not personal certificate related to CRL Certificate Revocation List.  

RolfGutmann
Senior Member
 
 
  

Re: Advice on Security Certificate

Post Posted: Thu Nov 02, 2017 9:24 am

- RolfGutmann
CEH Certified Ethical Hacker is in Switzerland kind of worthless, was good in 90s. Be aware that OCSP also stands for Online Certificate Status Protocol which is a technical and not personal certificate related to CRL Certificate Revocation List.


RolfGutmann, thanks for your advice. I should have clarified that OSCP that I mentioned is Offensive Security Certified Professional. Also, do you have any advice for any other certificates worthy to get than CEH?  

chienchat
Newbie
 
 
  

Re: Advice on Security Certificate

Post Posted: Thu Nov 02, 2017 10:05 am

Difficult to say but maybe you can check about Certified Information Systems Security Professional (CISSP). But very helpful is if you get certified by e.g. Cellebrite. Their certifications are high-value.
In the U.S. I guess more SANS certs are required. But in Europe less.

What certs are in U.K. fine?  

RolfGutmann
Senior Member
 
 
  

Re: Advice on Security Certificate

Post Posted: Thu Nov 02, 2017 2:11 pm

- chienchat
I ould like some advice on these two certificate, especially on the difficulty and the recruitment market reviews. Meanwhile, I am also thinking of CISA, however, without any audit background, I am hesitate to jump in.


OCSP is fairly well regarded in security-testing circles. It's a tricky certificate though, so be prepared to fail the first dozen times you take it (partly joking, partly serious). Unless you really know your stuff already.

CISSP is really a management certification (project leader who knows security), and is very wide and very shallow. Oddly enough it's in demand, so CISSP may actually be something you need, but its mostly because it's not well understood. (I used to be a CISSP, but dropped it just because it pulled me towards project leader tasks. Things may have changed, however.)

CISA is often what CISSP people take if they lean towards auditing.

GIAC certificates ... are in my opinion not worth much. They're largely a question of information retrieval, unless SANS and GIAC are getting their act together.

As for recruitment market ... it's a local thing. Read ads for whatever jobs you're looking for. I warn you that I doubt that any of the certifications mentioned are in high demand in computer forensic circles.  

athulin
Senior Member
 
 
  

Re: Advice on Security Certificate

Post Posted: Fri Nov 03, 2017 2:13 am

- RolfGutmann
Difficult to say but maybe you can check about Certified Information Systems Security Professional (CISSP). But very helpful is if you get certified by e.g. Cellebrite. Their certifications are high-value.
In the U.S. I guess more SANS certs are required. But in Europe less.

What certs are in U.K. fine?


Thanks, but I think CISSP is not yet in my picture at this moment. I don't want to push myself to the road of InfoSec manager. As for vendor-oriented certificates, I am not that into them. One important reason is that the price are quire high and different employers adopt different softwares. I still prefer the vendor-neutral certificates if I have to pay for it.  

chienchat
Newbie
 
 
  

Re: Advice on Security Certificate

Post Posted: Fri Nov 03, 2017 2:17 am

- athulin
- chienchat
I ould like some advice on these two certificate, especially on the difficulty and the recruitment market reviews. Meanwhile, I am also thinking of CISA, however, without any audit background, I am hesitate to jump in.


OCSP is fairly well regarded in security-testing circles. It's a tricky certificate though, so be prepared to fail the first dozen times you take it (partly joking, partly serious). Unless you really know your stuff already.

CISSP is really a management certification (project leader who knows security), and is very wide and very shallow. Oddly enough it's in demand, so CISSP may actually be something you need, but its mostly because it's not well understood. (I used to be a CISSP, but dropped it just because it pulled me towards project leader tasks. Things may have changed, however.)

CISA is often what CISSP people take if they lean towards auditing.

GIAC certificates ... are in my opinion not worth much. They're largely a question of information retrieval, unless SANS and GIAC are getting their act together.

As for recruitment market ... it's a local thing. Read ads for whatever jobs you're looking for. I warn you that I doubt that any of the certifications mentioned are in high demand in computer forensic circles.


Hi Athulin,

I do agree you that CISSP is not an ideal choice for people who want to go for the technical path. Actually I am considering OSCP and CISA at this moment. Personally I enjoy the pen-testing direction, but most of the advice that I got from others shows that CISA has a more opportunities in the market. What do you think about these two?  

chienchat
Newbie
 
 

Page 1 of 2
Go to page 1, 2  Next