|
Martytoof posted:Thanks! Now I just got confirmation that I've been signed up for CCSP so here we go again Congrats on that - I have a friend at a CCSP class now (no idea with who). I'm getting sent to training for NetWitness, so my company won't spring for any other in-person training for CISSP or anything else for me this year. I've got the ISC2 Official Study Guide (7th ed) and Eric Conrad's 11th Hour Study Guide. Are there any others you'd recommend? I'm 4 chapters (out of 21) in, taking the practice tests at the end of each chapter, and keeping in mind the 'think like a manager not an implementor' mindset is helping, although there are a couple points where the ISC2 book is a little inconsistent in wording IMO.
|
#
?
Dec 7, 2016 19:59
|
|
|
|
| # ? Jun 6, 2024 06:52 |
|
|
Solaron posted:Congrats on that - I have a friend at a CCSP class now (no idea with who). I'm not going to be able to say for sure which is empirically better since I did most of my study through the classroom and didn't use either the book or the 11th Hour as my sources of information From the last minute cramming I did I can say that like 95% of all the information I remember on the test was definitely in the 11th Hour book in an acceptable level of detail, and the remaining 5% may also have been there and I just glossed it over. My approach would be go through 11th Hour and the only use the official book if you need further clarification on concepts. The way my instructor explained the book to me is that the book is all encompassing of the common body of knowledge, but the team that writes the book doesn't actually know what's on the exam so they're not going to teach it to the exam. If your goal is to learn everything there is to know about everything in the CBK then inhaling the book is a good way to go. If your goal is to learn enough to pass the CISSP then the book is absolutely awful. 11th Hour is much more concise and manageable. The biggest tips for the exam I got from my instructor: - When you're studying, think of answering everything as if you're stuck in an elevator with your CEO and have to explain it to him - When you get into the exam, write "CEO" in giant block letters on your whiteboard sheet and remember to look at it EVERY SINGLE TIME - For every question, hold the card up to the monitor so it blocks the answers. Read the question THREE TIMES, understand the question. Remove the filler words, then ask yourself "WHAT DOES THE ANSWER HAVE TO BE?" So you're trying to reduce the question to its most basic idea. Like "Name the preferred access control model to implement when you need to restrict a named user's access to classified material", you ask yourself "what does the answer have to be?" and you try to junk all the nonsense words. The answer HAS to be an access model that has to be concerned with confidentiality. Only NOW do you actually put the card down and look at the answers. So if you have answers like A) Discretionary Access Control B) Multi-Level Security C) Biba D) Bell LaPadula, you know that there's only one answer that meets your criteria. - If an answer has the word "policy" in it, seriously consider it as being the correct answer - If you're down to two "right" answers, just pick the one that looks better. Don't try to justify to yourself why one might be better in one scenario or another. - If you picked an answer that is correct for technical reasons while there's also a broader business-y answer, congratulations you picked the wrong answer. Remember, you're stuck in an elevator with your CEO. He doesn't want to hear that you put a WAF in front of your application to protect it from layer 7 attacks, he wants to hear that you have appropriate controls in place to protect assets based on their value in accordance with the goals of the organization. Anyway, to make a long story short I didn't do a single practice test or open my CBK book more than halfway. I think 11th Hour is probably plenty, but again I also did the course so it's possible that whatever I missed from 11th hour was already given to me in some way shape or form over the span of that week. Actually, not only is it possible it's the very reason my company shelled out $5k for me to attend. some kinda jackal fucked around with this message at 02:20 on Dec 8, 2016 |
|
#
?
Dec 8, 2016 02:16
|
|
|
Thanks a ton - this is good stuff.
|
|
#
?
Dec 8, 2016 14:51
|
|
|
No worries. If you guys have any other questions I'm happy to answer without sticking a fork in my NDA.
|
|
#
?
Dec 8, 2016 15:28
|
|
|
Round 2 for the 70-410 today (Server 2012 R2 install and configure) Failure 2! I got a 606, but I actually feel better about this score than the 560 I got last time. More than just getting 50 more points. It seemed that my knowledge was more solid, but I got hung up on some of the questions. Here's my favorite (paraphrasing): You have a 2012 R2 Standard installation with Full Desktop Experience. Your boss tells you to drop it to a minimal server installation. You run the following command: Remove-WindowsFeature Server-GUI-Mgmt-Infra Which of the following features remain after running this command? Server Manager Internet Explorer Microsoft Management Console Taskbar So what features do get removed? Remove-WindowsFeature is a 2008 command which was replaced by Uninstall-WindowsFeature. I chose to keep them all because I thought the command was wrong. Even if the command worked, there was no -restart. Won't the commands remain anyway? Be gentle if I screwed this up...my sanity is fragile.
|
|
#
?
Dec 9, 2016 00:33
|
|
|
Keith Stone posted:
I think the command still works in 2012. Edit: Yup. https://blogs.technet.microsoft.com/heyscriptingguy/2013/01/25/use-powershell-to-remove-the-gui-on-windows-server-2012/ "EXAM ALERT In Windows Server 2012 (with Windows PowerShell 3.0) the Add-WindowsFeature cmdlet is renamed Install-WindowsFeature. The Remove-WindowsFeature cmdlet is renamed Uninstall-WindowsFeature. For backwards compatability, Add-WindowsFeature and Remove-WindowsFeature are added as aliases." This does seem needlessly tricky.
|
|
#
?
Dec 9, 2016 14:42
|
|
|
So I'm not really sure if these exist or if there any worth getting, but does there exist a world of webdev certifications out there? If so, are they worth picking up?
|
|
#
?
Dec 9, 2016 15:56
|
|
|
Kashuno posted:So I'm not really sure if these exist or if there any worth getting, but does there exist a world of webdev certifications out there? If so, are they worth picking up? I vaguely remember looking for one at some point, but it seems the webdev (and most dev / programming) industry prefers examples of completed projects on GitHub. They'd much rather see a website you created and how you coded it vs a certificate saying you know how.
|
|
#
?
Dec 9, 2016 16:12
|
|
|
Might be a dumb question but here we go... I'm looking to get into the IT field, more specifically Cyber Security. I've been a TV producer/editor for around 10 years with no real IT experience. Would getting a bunch of certs (A+, Network+, Security+, CCNA, etc) help me at least land a job in IT? Would my broadcasting Diploma have any merit? Or is it hopeless without going back to actual school and getting a CS or IT diploma?
|
|
#
?
Dec 13, 2016 22:28
|
|
|
sh1fty posted:Might be a dumb question but here we go... There's a security specific thread you might get better info about specifically getting into infosec, it's titled something like "Don't roll your own crypto"
|
|
#
?
Dec 13, 2016 22:31
|
|
|
MF_James posted:There's a security specific thread you might get better info about specifically getting into infosec, it's titled something like "Don't roll your own crypto" Okay let me rephrase for this thread. Will certs be enough to at least get my foot into most doors (even an entry level IT job), or am I wasting my time because my diploma isn't computer specific?
|
|
#
?
Dec 13, 2016 22:36
|
|
|
sh1fty posted:Okay let me rephrase for this thread. Will certs be enough to at least get my foot into most doors (even an entry level IT job), or am I wasting my time because my diploma isn't computer specific? Entry level sure. Entry level security, only if you are lucky.
|
|
#
?
Dec 13, 2016 22:47
|
|
|
sh1fty posted:Might be a dumb question but here we go... Learn how to a Unix system. https://www.youtube.com/watch?v=dFUlAQZB9Ng
|
|
#
?
Dec 13, 2016 23:02
|
|
|
You can get Sec+ and Net+ and probably find work as a SOC analyst but those positions are literal slave labour with an insane turnover rate. MSPs are always looking for fresh meat as long as you don't drool on your interviewer, and can speak coherently. Only recognize what you're getting into. If you want something more enjoyable then you might have to do your time in the salt mines listed above, or you can approach it from a strong unix and networking background like I did and get lucky talking to the right people to get you on your way. That's really unhelpful, I know, but security is a wide field and there are a number of ways to specialize.
|
|
#
?
Dec 13, 2016 23:07
|
|
|
And in case I didn't make it sound unappealing enough let me emphasize: Don't go work in a SOC.
|
|
#
?
Dec 13, 2016 23:08
|
|
|
sh1fty posted:Okay let me rephrase for this thread. Will certs be enough to at least get my foot into most doors (even an entry level IT job), or am I wasting my time because my diploma isn't computer specific? Your degree doesn't matter. Certs will get you into an interview, but not much further. You'll need actual skills to get hired and progress beyond help desk or poorly-paid-one-man-IT-dept. Security is a fine direction to want to go in, but you need a solid understanding of the fundamentals first. You having a non-IT-related work history could be a big help if, during the course of that work history, you have developed good communication skills, team skills, and work ethic. You're not wasting your time, but you have a long road ahead of you. Read about the available certs, pick one, and go get it. This thread has lots of good information about them and how to study for them.
|
|
#
?
Dec 13, 2016 23:17
|
|
|
With no prior experience in IT you can bootstrap pretty loving hard at an MSP. Plenty of experience with customers, co-workers, and common problems. From there you can find what you want to do and specialize with certs. I thought i wanted to do networking, then i thought I wanted security, now I'm pretty happy in management. Don't limit yourself to one path without getting experience first.
|
|
#
?
Dec 13, 2016 23:30
|
|
|
Security is also pretty broad. Do you want to do penetration testing or forensics? Security policy? Application security? Security engineering? They're all related, but different, areas that typically require different skillsets and experience.
|
|
#
?
Dec 14, 2016 02:27
|
|
|
Anyone use the INE all access pass? Possibility that my team may get 5 to 8 passes and I see they have a poo poo ton of Cisco material.
|
|
#
?
Dec 14, 2016 02:39
|
|
|
IT security sucks, if you don't have a passion for it I'd pick a different discipline
|
|
#
?
Dec 14, 2016 05:42
|
|
|
skipdogg posted:IT In my experience, this version is more honest.
|
|
#
?
Dec 14, 2016 06:09
|
|
|
ErIog posted:In my experience, this version is more honest. what are you talking about i LOVE getting thrown under the bus for not meeting expectations that people simply made up without telling anyone.
|
|
#
?
Dec 14, 2016 15:33
|
|
|
skipdogg posted:IT security sucks, if you don't have a passion for it I'd pick a different discipline If you're halfway decent at it, it's an easy way to make laughable amounts of money. Technology has far outpaced the average human being's ability to comprehend what people sitting on the other side of the planet can do to them remotely, from stealing their money, to shutting off their power, to literally killing them. The collective reaction from both the public and private sector over the past 4 years has been to throw an unprecedented amount of money at people who know why both Phish the band and phshing emails are bad and which HTTP methods should be blocked on a layer 7 firewall. Whether this is sustainable or not is a valid discussion, but if your stock bonus has a four year vesting period then you're probably fine.
|
|
#
?
Dec 15, 2016 05:37
|
|
|
Make your target the governance side of IT Security, kick back and light a cigar with a $100 bill.
|
|
#
?
Dec 15, 2016 13:50
|
|
|
What you don't want to be is the guy with a Sec+ and a degree in Cyber Security from ITT Tech sending a pissy email and holding up an ATO because the exec-timeout 10 command isn't entered into the switch or router. exec-timeout 10 is the default value and won't show up unless you do a show run all
|
|
#
?
Dec 15, 2016 16:06
|
|
|
I've begun studying for my CCNA Collaboration, but I've discovered that customer feedback on Amazon for Cisco's official CCNA Collab study materials is really negative: Here's the two-book set And here's the CICD book by itself The common refrain seems to be that the official Cisco prep materials don't reflect what's actually on the exam. Did you successfully obtain your CCNA Collaboration cert? Which study materials did you use, if not the official ones? Should I 'revert' to the old CCNA Voice materials? Mark Snow at INE said the CCIE Collaboration is basically still CCIE Voice with some enhancements, so maybe the same is true for the entry-level exams? Start reading under "Overview"
|
|
#
?
Dec 19, 2016 22:50
|
|
|
Anybody in the Dayton, OH area with a CCNA interested in a job? We're looking for a network admin with Sec+, CCNA and a security clearance (although if you're the right candidate they would likely be willing to wait while you get your interim). I've been told that it will not pay below $75k, but our PM doesn't know the actual salary range just yet.
|
|
#
?
Dec 19, 2016 23:43
|
|
|
Consolidated Ed posted:I've begun studying for my CCNA Collaboration, but I've discovered that customer feedback on Amazon for Cisco's official CCNA Collab study materials is really negative: I got the CCNA voice and video certs, which gave me the collaboration for free. I have heard the collaboration books suck. You should be OK with older voice related books. Learn qos, sip, and cucm menus.
|
|
#
?
Dec 19, 2016 23:52
|
|
|
Heads up to any prospective ICND2 v3 takers that want to use the Boson practice exams. They're still very shaky even a few months out from v2 having been retired. There's still questions about Frame Relay for some god forsaken reason. There's also questions asking about implementation for things that are only marked "describe" in the exam topics like 802.1x and switch stacking. There's also some very strange questions about SDN concepts with regard to MPLS. I've been studying for about 4 months and have been labbing really hard and revising notes I took while reading Odom's book and I'm on kind of a razor's edge with these practice exams. I've been getting like 70-75%, but then when I go back and take into account the bullshit questions like the ones I mentioned above it usually pushes me just above passing. I've also found more instances than I'd like of the exam question re-use where it will be the same questions and answers but saying "Which ones are false (pick 2)" instead of "Which ones are true (pick 3)". The style is very similar to the actual test, but it's tough to have any confidence in it.
|
|
#
?
Dec 21, 2016 08:23
|
|
|
I wish there was a certificate that Cisco mailed out when you become decertified as well. I want one that says "Martytoof no longer gives a gently caress" come January.
|
|
#
?
Dec 22, 2016 04:12
|
|
|
Speaking of the CCNA, is this the right book for the latest revision? Assuming I want to go the Lammle route. https://www.amazon.com/Routing-Switching-Complete-Study-Guide/dp/1119288282/ref=dp_ob_title_bkMartytoof posted:I wish there was a certificate that Cisco mailed out when you become decertified as well. Some sort of lovely MS Paint printout with CCNA crossed out and IDGAF written in would be a pretty baller addition to your cube/office/whatever.
|
|
#
?
Dec 22, 2016 05:08
|
|
|
Keith Stone posted:Round 2 for the 70-410 today (Server 2012 R2 install and configure) Server manager, Ie, and taskbar is removed. MMC is still accessible. (Source: CBT nuggets)
|
|
#
?
Dec 22, 2016 06:16
|
|
|
Docjowles posted:Speaking of the CCNA, is this the right book for the latest revision? Assuming I want to go the Lammle route. https://www.amazon.com/Routing-Switching-Complete-Study-Guide/dp/1119288282/ref=dp_ob_title_bk Yes, that's the right book, and as a recent buyer of his 200-105 book due to getting real skittish about the exam content I have to say that it's well worth the money. He goes into detail about stuff Odom doesn't bother to touch while collapsing other content that Odom spends way too much time on. I can't complain enough about Odom's OSPFv3 and EIGRPv6 chapters where he appears to have written it targeting people who don't know what a router is. So you comb through all this loving OSPF and EIGRP info that's the same as their IPv4 counterparts and come away with a list of like 5 major differences for both. I hope he steps on a Lego. I'm sure everything will be better in another year or so when there's more updated study materials, but everything about all the new CCNA R/S v3 content just feels shaky. ErIog fucked around with this message at 06:38 on Dec 22, 2016 |
|
#
?
Dec 22, 2016 06:27
|
|
|
So I only have one class left at WGU...the CCNA Security. Material seems so dry.
|
|
#
?
Dec 23, 2016 11:54
|
|
|
Aging Millenial posted:So I only have one class left at WGU...the CCNA Security. Material seems so dry. What did you think of project+? I'm studying now and it seems like a vocab based test, but the Linux+ shook my confidence.
|
|
#
?
Dec 24, 2016 01:20
|
|
|
Judge Schnoopy posted:What did you think of project+? I'm studying now and it seems like a vocab based test, but the Linux+ shook my confidence. It was easy, I think I just read the text book once. Linux+ was challenging as someone who had never touched before, and it appeared that the text books on the subject aren't ideal. Managed to get through it though.
|
|
#
?
Dec 24, 2016 02:11
|
|
|
How much time would/does it take to study for A+, Network Plus, and CCENT (each, on average)? Long story short, I'm graduating in May with my BSEE and I think it'd be a good idea to work on and pick up some certs in the meantime. The reason I'm looking into these certs is because my last internship was in the wireless telecomm industry plus the classes I've done the best in are communication engineering and DSP. I began looking into careers in IT and I think my best chance at getting into this field is to start out somewhere in network engineering, and I'll need these certs for an entry level position. Thoughts? Am I an idiot? Am I on the right path? 
|
|
#
?
Dec 24, 2016 03:55
|
|
|
If you think you can flip that internship into a job, just focus on your CCNA and don't worry about any other certs. Especially since you will have a BS, which gets you past a lot of HR filters. Network+ is comparable to the CCENT and totally skippable. A+ is a desktop support cert, which is useful if you have literally no IT experience, but it sounds like you're past that point. What were you actually doing in the "wireless telecomm industry?" Were you like configuring routers all day or doing marketing/HR/whatever for a company that happens to be an ISP?
|
|
#
?
Dec 24, 2016 06:18
|
|
|
Oh I wasn't doing anything remotely related to that. I was on the automation engineering team where we looked into current processes that we could automate to reduce costs. For my business case I had to "interview" a network field engineer to automate the tracking of a TPTL metric. Towards the end of my time there I spoke/networked with several RF, RAN Planning, Optimization, Microwave, and Network Field Engineers that my manager was responsible for hiring over the last couple decades so I'm fairly confident he'd be able to find me a position within the company. I already spoke to him about possibly joining the company, but before reaching out to him again I'd like to pick up the relevant certs first. On my very first day there he and a coworker highly stressed CISCO certs, ITIL, and Scrum (our team was just starting to integrate Scrum so I feel like I know all there is to know there). I want to at least start with A+ because although I hang out around computers and robots all day I don't actually have any IT experience and I feel like that would help with giving me a solid foundation before diving into CCENT. Dangerous Mind fucked around with this message at 06:53 on Dec 24, 2016 |
|
#
?
Dec 24, 2016 06:51
|
|
|
|
| # ? Jun 6, 2024 06:52 |
|
|
Dangerous Mind posted:Oh I wasn't doing anything remotely related to that. I was on the automation engineering team where we looked into current processes that we could automate to reduce costs. For my business case I had to "interview" a network field engineer to automate the tracking of a TPTL metric. Towards the end of my time there I spoke/networked with several RF, RAN Planning, Optimization, Microwave, and Network Field Engineers that my manager was responsible for hiring over the last couple decades so I'm fairly confident he'd be able to find me a position within the company. I already spoke to him about possibly joining the company, but before reaching out to him again I'd like to pick up the relevant certs first. On my very first day there he and a coworker highly stressed CISCO certs, ITIL, and Scrum (our team was just starting to integrate Scrum so I feel like I know all there is to know there). As someone who has an A+ and is currently studying for the CCENT/CCNA, skip the A+, its a waste of time. The only reason I got it was to get past the HR filter for my first IT job.
|
|
#
?
Dec 24, 2016 07:05
|
|
