IT Certification Forums is home for an active and helpful community with forums for CCNA, MCTS, Network+, Security+ and many other IT certifications en Thu, 20 Sep 2018 06:56:21 GMT vBulletin 60 IT Certification Forums Hedge Fund Job opportunity Thu, 20 Sep 2018 01:16:08 GMT Hello all, Got approached for HF position in NY total compensation would be around 180k...but I live in DC area. its a Senior Position relating... Hello all,

Got approached for HF position in NY total compensation would be around 180k...but I live in DC area. its a Senior Position relating to GRC, Awareness,Security Engineering (my jam), operations/response. trying to gauge if this is worth the moving to being government contractor my entire career. the reason it interest me is because my end goal is to become a CISO and this appears to be a leap in the right direction however is it a game changer? (haven't had a chance to talk to recruiter on additional details). part of what holding me back is even though salary is cool...i know New York is a much higher cost of living i figured my expenses would be around $3500-$4200 with a month

trying to get different member perspectives/angles on this..i get offers all the time but for whatever reason it sticks out..but totally ignorant when it comes to private sector

edit: i'm looking at this from the potential experience i can gain on becoming CISO, the money is the incentive to move and deal with renting out my place before returning a few years later ]]>
IT Jobs / Degrees Z0sickx
Unauthorized materials security+ Wed, 19 Sep 2018 23:29:47 GMT Hello everyone
I begin my journey preparation for Comptia Security+ exam.
I found many talking about unauthorized training materials and I've learned that they can revoke certifications if they discovered any use of these materials.
I think they are talking about brain dumps but not sure if there are other kinds of unauthorized materials.
I have 2 questions:
1/ I am wondering about how Comptia can detect any use of unauthorized training materials in exam takes ?
2/ Where can I find an updated list of authorized materials in order to restrict my preparation on it ? (anything other than dumps ?)
Thank you for consideration ]]>
SECURITY+ romero99
Advice on Future Co-Worker Wed, 19 Sep 2018 22:22:42 GMT So, I got a new job several weeks ago and I love it. Everything has been on the up and up and running smooth. I get along with the person I work... So, I got a new job several weeks ago and I love it. Everything has been on the up and up and running smooth. I get along with the person I work directly with however that person may be relocated to another state in a few months due to another site is opening up.

I got a message today from one of my old co-workers telling me that an offer was given to a person that I previously worked with who is awful. This person was one of the reasons I left my last job and to think I might be stuck with them has pretty much killed my day. What I mean by awful is that they dumped their certs (even brag about it), are completely clueless because they don't know anything, constantly acts helpless trying to get someone else to bail them out and is just overall annoying. Note that this is still a few months away.

This is a rumor. But the source is pretty reliable and I don't want to be stuck with that person. I thought about contacting the head manager but I don't know if that is wise or not. Does anyone have any advice for something like this? ]]>
IT Jobs / Degrees Deathgomper
MCSE done - Passed 70-533. Wed, 19 Sep 2018 19:48:53 GMT Started a couple of months ago. Probably did 5-7 hours a day for about 10 weeks. Never touched azure before. Used the Press book + technet/few other... Started a couple of months ago. Probably did 5-7 hours a day for about 10 weeks. Never touched azure before. Used the Press book + technet/few other websites.

Exam wasn't enjoyable.. Hit a load of objectives I wasn't expecting on a far deeper level than I expected. Came out feeling a bit lucky, but a pass is a pass.

Linux+ up next. ]]>
MCSA 2016 / MCSE 2016 Pseudonym
<![CDATA[Passed the GSEC (my first SANS exam): My experience, tips & lessons learned]]> Wed, 19 Sep 2018 19:22:09 GMT My experience with the GSEC exam: This was my first GIAC exam and I passed with a 90% :D. I would like to thank all of you who have written about... My experience with the GSEC exam:

This was my first GIAC exam and I passed with a 90% :D. I would like to thank all of you who have written about your experiences because they were very helpful to me.

I would like to share how I prepared for the exam as well as my own personal lessons learned, in case it can help someone else.

First, I did not have time to listen to the mp3s (except the first one). I would really have liked to though since I enjoyed the first one. I also did not do the labs again, though I did some of them twice while I took the course (I did them at home in the evenings).

I indexed all the books, however I did not index all the terms (as this was my first exam and I didn’t expect the level of detail). In hindsight, perhaps I should have taken a practice exam before making the index since it was my first SANS course. Not indexing all the terms was a mistake in my opinion, and if I were doing it again, I would have indexed everything. I needed to take the GSEC exam and move on to other courses, or I might have spent more time.

Pre-preparation: Read all the different ways that people have prepared for the exam and read how people have prepared indices (such as as well such as JDMurray’s blog, Better GIAC Testing with Pancakes).

1. The GIAC GSEC Exam Experience - IT Certification Blogs
4. Search for GSEC on and read what people say when they passed. There are often very good comments about indices and other items in the responses in the follow-ups to postings.

For my index, I used a variation of Better GIAC Testing with Pancakes indexing. I decided not to prepare a color coded excel/word index ( I didn’t think I needed the colors in the index), but I did tab/flag my books as well as highlight information in different colors. This tab/flag method has worked well for me in the past, while studying for certification exams. I used 0.5” Post-It Flags in various colors and tabbed the various sections on the books. Each book had a color and every module was tabbed with that color and deemed important sub-sections with a related color (I didn’t tab all sub-sections) .

For example, the first book was blue (for the modules). Then the sub-sections (some of those listed in the objectives) received a related color - light blue. I would write (very small) on the tab, what the subject was. Then any important items that had several slides but was a component of a sub-section, I tabbed/flagged in another color, yellow. For example, TCP. The labs got their own color (e.g., pink) - since a lab description might be useful to an answer. These flags were all down the 11” side of the book. Book 1 had 24. So that I could read what was written on them and include all the information I wanted I used a 0.3mm Ultra Fine Zebra Sarasa Clip Pen (it was hard to find a pen that worked how I wanted - medium pens didn’t work for me).

On the top of the Book 8.5”, I listed pages that were useful. For example, TCP Header, or comparisons. For Book 1, these were orange and green color flags. I also remarked the labs on the top of the books. Book 9 had 12: 9 useful information and 3 labs. Each book had a different main color. So like the Testing with Pancakes, I could associate a color with a book. Book 1 as blue. I was able to find post-it flags that had a dark version of the color and a light one, with the exception of orange and yellow.

I found these tabs/flag really useful for rapidly finding information. I used them a lot during the exam. I also found it added some fun and color to indexing the material.

I also created a one page that had an overview of all six books (excluded the Workbook) and what page each module started on. I used this during the exam if I wanted to find a section. It came in very useful during the actual exam because it turns out that I was missing some terms that should have been in my index and I needed to look for the information in a particular section. There is so much material in these books, from my perspective, one might remember hearing it or reading it but not exactly where.

I indexed the books using Excel. I had two columns, the first reflecting where, the second reflecting what.

Column 1: Book.Module.PageBeginning-PageEnd. (e.g., 5.3.105-106 meaning Book 5 Module 3, pages 105-106)

I didn’t want two columns in my spreadsheet so instead of separate columns for Book and Page numbers like some people do, I just merged them into one column: book and page numbers with an added module number (since I had module tabs on the right side of the book). For me, the idea was to compress information so I didn’t have to turn lots of pages.

Column 2: Term: Description of Term
I used abbreviations if I knew what they were, such as GPO. If I was writing a sequence from a slide, I would use a sequence counter.
For example,
5.4,162: GPO Settings-1: (passwd, …. )
5.4.162: GPO Settings-2: …

This kept my entries in alphabetical order when I did the Alphabetical Order Sort.

Then I printed out two forms of the index:
1. Book Order (this was actually separate by book the way I created it)
2. Alphabetical Order (sort on the text column)

I didn’t use end up using Book Order index in the actual exam, so I might not do that again, but I liked the thought of having all the information the way I created it (as I am a visual person).

Practice Exam 1: Decided to wait until I studied. I know some people take them right away to see what they know, but I didn’t want to use this to see what I could guess. I wanted to study and learn the material as much as I could.

Took the Exam with:
- Index
- 1 page Book/Module Sheet (in a plastic colored sheet protector)
- cheat sheets (what was given in class and what I found on the SANS website).

Got a 85%..

I realized from this exam, that I my index was missing lots of windows commands and I also was weak on some vulnerabilities and mitigations. So I:

- Created a “cheat sheet” of all Windows tools I found in the book and what page
- Created one for some of the Linux ones that I didn’t know (but I am more familiar with Linux than Windows)
- Created a list of all ports that were mentioned in the book
- Created a partial list of attacks, vulnerabilities & mitigations (partial because I didn’t finish it)
- Wrote out the diagram of the Crypto Algorithms that was in the book, so that it was handy and I didn’t have to look it up (I referred to this a few times in the Exam).
- I also printed a copy of ports from a website online as well as a hexadecimal/binary cheat sheet.

I put them in colored clear plastic sheet protector, so I could remember, e.g., windows commands in reddish plastic one, ports in green, ...

The idea behind this is that if one has to look up information, find it fast. Time is precious.

I also reviewed the Exam 1 summary to find my weaknesses on the exam.

Decide to take Exam 2, per JDMurray’s advice to learn more (as this is my goal :-) as well as pass). I didn’t look up items on this exam, I just guessed if I didn’t know. I was really glad I did this, the second Practice Exam had questions the first exam didn’t. Some of the questions were exactly the same though.

In the Actual Exam: I took of course the tabbed books, and:
1. Indices as described (used this)
2. 1 page sheet All Book/Module outline (includes page numbers) (used this on exam)
3. Cheat Sheets that I created (used the Windows one a lot, I am more familiar with Linux)
4. SANS cheat sheets (you can find more on the SANs site - I printed these out)
5. My notes from the SEC401 class - I typed them all into Google Docs during the lectures.

During the actual exam I had to do more lookup than I would have liked, but I had the time. I had to go through some sections in detail because I was missing the term completely in my index.

I also didn’t drink any coffee/tea/soft drinks to avoid going to the restroom other than the 15 minutes break. I did however bring some coffee creams for break that gave me a bit of a caffeine boost. 5 hours is a long time!

Lessons Learned:
- index more fully, there is a lot of detail on the exam
- create useful 1 page cheat sheets based on the material - they are easy to refer to during the exam.
- make sure all the terms in the SANS books index are in yours. I found one item in the SANS course index after the course (that wasn’t in mind). If I had checked the SANS provided index, this would have enabled me to answer a question correctly.
- create an each book summary similar to my 1 page all book/module summary.
- take the practice exam summary only somewhat seriously. If one scores well it may be due to the questions asked on the practice exam. My final exam summary and practice exam summaries didn’t always overlap in terms of how I scored on the various areas. However, the practice exam summary was definitely useful for studying my areas of weakness.

Comments on my approach are always appreciated! :D

Thanks again to the creators of this forum - it is really beneficial!

Good luck to everyone on their certification exams!

SANS™ Institute GIAC Certifications JGS
Offered a SANS Work Study Place for SEC504 (GCIH) Wed, 19 Sep 2018 14:18:02 GMT As the title suggests, I applied for the September & also October (London) SANs event and this morning I was offered to facilitate the October SEC504 course (which is amazing and I'm super exicted!).

I'll make sure I put together a write up on my experience once I finish the course and keep everyone updated in regards to my exam prep.

Has anyone done the SANs work study program? If so, do you have any tips/experiences you would be able to share?

Also - is anyone going to the London SANs October event? Would be cool to link in with people. ]]>
SANS™ Institute GIAC Certifications snowchick7669
nessus help Wed, 19 Sep 2018 13:05:55 GMT There's been some changes at work and I've been ask to take over our vulnerability management software. We use Security Center.

I said yes, I'll do it, even though I'm not a security guy. I'm interesting in possibly going that route down the road.

In looking at what we do, we run a weekly scan using the "Internal PCI Network Scan". My question for Nessus users or even for people who use competing products, is this good enough? Should we be also running another type of scan? ]]>
Off-Topic mnashe
Need a Worthy Study Material | Suggest 70-705 exam Preparation Source Wed, 19 Sep 2018 06:31:51 GMT After so extreme hard work, still I could not find the most significant and easy-to-find educational content for the preparation of my "Designing and Providing Microsoft Licensing Solutions to Large Organizations" Exam. I request you all that to recommend me such educational material through which I examine my 70-705 exam nobly. ]]> Windows 10 exams jaylajuliette Feeling Disheartened Need Some Advice How To Learn Smarter Tue, 18 Sep 2018 20:07:56 GMT Howdy guys I am going to have a rant and maybe one or two of you can help me. You see I haven't really achieved much in life I have this inner pain of frustration that I am destined for better things and a yearning to better myself. This is going to be raw so sorry if I sound like I am beating myself up but I need to do this to hopefully improve myself. Who knows maybe other people are in the same position

I have training videos on subjects, books, and guides the sad reality is call is laziness, call it a lack of focus or drive for the life of me I cannot see to complete one single task. It's like my brain just gets bored or sidetracked and I end up going off down different paths and not completing anything it's like a vicious cycle of lack of achievement I end up feeling bad about myself and comfort eat and do other unhealthy habits and just generally not achieve anything.

I always get envious of others and feel others are getting ahead and myself I won't amount to anything. Sometimes I will be honest the lows get intense just a feeling of unfulfilled and lost potential.

It's like my mind becomes torn between what I should learn oneday I am ecstatic about Linux, The next it's Windows one-day it's Cisco it's like I have bipolar or something. I just end off going down different paths and not learning anything of substance.

I have a family and young son and I work so finding the time at the moment to sitdown and actually do something productive is hard or maybe I am making it hard, Maybe I need discipline.

I was thinking of keeping one set of training videos on a device only, buying a notepad watch the nuggets and write notes focus on one subject at once only i.e Windows Server 2016 installation and compute. Even if I do not take the exam figured I can learn some new things improve my self esteem.

So guys where am I going wrong? How can I fit in a good routine into my day to day life I don't want to become to overwhelmed initially as I find this is counter productive.

Any tips? self improvement books?

Help me guys i'm sick of being like this ]]>
Off-Topic ally_uk
Cyber Security Analyst II – Austin Tue, 18 Sep 2018 19:33:49 GMT This job is at my agency, The Texas Department of Licensing and Regulation, in Austin. The new hire will be working with me and a couple of others. ... This job is at my agency, The Texas Department of Licensing and Regulation, in Austin. The new hire will be working with me and a couple of others.

I'm not allowed to offer advice on how to apply for or obtain this job. All I can say is that if you apply, make sure that your application fits the job requirements to be considered. Try to cover every bullet point if you can. Essentially, it's a network security role.

This position closes on 10/2/2018. ]]>
IT Jobs / Degrees tedjames