+ Reply to Thread
Results 1 to 12 of 12
  1. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    454

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE, CySA+ and others
    #1

    Default Thinking about what's next

    As I await my CISSP endorsement to be completed, I started to think about what's next. I'm not sure if I'll get through another certification this year, as I need a break, but always good to keep things in mind. I recently became a cybersecurity manager, which includes a lot of hands on work. I've worked on both the server and network sides of the house (more recently networking). Even though I'm on a mini certification break, I wanted to keep learning, so I decided to spend some time learning about securing windows 2016 and active directory 2016. I figured, my employer is 95% windows, so it doesn't hurt.

    When I do go back to certs, I think I'll want to stay security focused. Not sure if I should go for ISC2 CCSP or maybe go left field and learn some pentesting, maybe eJPT? Incident Response?

    Decisions decisions
    Reply With Quote Quote  

  2. SS
  3. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    768

    Certifications
    SSCP, Security+, eJPT +4
    #2
    I finished eJPT earlier this year. Currently working on CISSP. After that, I'm going to keep developing my penetration testing skills and push that as far as I can. I'm not going to pursue another certification any time soon. I'd rather just learn on my own without a deadline for awhile. Maybe you could just choose a skill that you want to learn and do it. And then later if you decide to get another certification, you can.
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    454

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE, CySA+ and others
    #3
    Quote Originally Posted by tedjames View Post
    I finished eJPT earlier this year. Currently working on CISSP. After that, I'm going to keep developing my penetration testing skills and push that as far as I can. I'm not going to pursue another certification any time soon. I'd rather just learn on my own without a deadline for awhile. Maybe you could just choose a skill that you want to learn and do it. And then later if you decide to get another certification, you can.
    That was my original plan and is still a good idea that I am considering.
    Reply With Quote Quote  

  5. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    765

    Certifications
    PenTest+, CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #4
    I felt like the eJPT was more of a pleasure break from certs. Instead of slogging through a dry technical manual, it was like reading an entertaining yet educational issue of a good PC magazine. Well maybe exaggerating a little.
    2018: CCNA Cyber Ops cohort 7
    2019: OSCP | CISSP or CISA
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    454

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE, CySA+ and others
    #5
    Did you both buy the Elite package?
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Feb 2016
    Posts
    115

    Certifications
    CCSK, eMAPT, eCPPT v1, CEH, MCP, WCSD, Qualys Certified Specialist
    #6
    You can get the eJPT basic package if you register for their upcoming eWAPT webinar, however I would not recommend upgrading. The cert itself is not recognized and the course is really-really basic. If you have enough experience either go with the OSCP or skip eJPT and go straight for eCPPT.
    Reply With Quote Quote  

  8. Senior Member yoba222's Avatar
    Join Date
    Jun 2013
    Posts
    765

    Certifications
    PenTest+, CySA+, LFCS, GCIH, eJPT, CCNA, CAPM, CompTIA Trifecta
    #7
    For the PTS I did the middle one, which I think was best. Maybe for the PTP paying extra for more lab time would be beneficial. I wouldn't do the bare bones one because the labs are practically the whole point of the training, which you wouldn't get.
    2018: CCNA Cyber Ops cohort 7
    2019: OSCP | CISSP or CISA
    Reply With Quote Quote  

  9. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    768

    Certifications
    SSCP, Security+, eJPT +4
    #8
    Quote Originally Posted by yoba222 View Post
    I felt like the eJPT was more of a pleasure break from certs. Instead of slogging through a dry technical manual, it was like reading an entertaining yet educational issue of a good PC magazine. Well maybe exaggerating a little.
    I got the Elite package. As someone else stated, If you already have penetration testing experience, eJPT may be too rudimentary for you. If you have no experience, it's the perfect place to start. As Yoba said, it's a nice break from the traditional multiple choice tests. This one requires you to learn the tools and is completely hands-on. It may not be recognized the way the CEH is, but it will give you some great practical skills that you can apply right away. It's a good stepping stone.
    Reply With Quote Quote  

  10. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    454

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE, CySA+ and others
    #9
    Quote Originally Posted by tedjames View Post
    I got the Elite package. As someone else stated, If you already have penetration testing experience, eJPT may be too rudimentary for you. If you have no experience, it's the perfect place to start. As Yoba said, it's a nice break from the traditional multiple choice tests. This one requires you to learn the tools and is completely hands-on. It may not be recognized the way the CEH is, but it will give you some great practical skills that you can apply right away. It's a good stepping stone.
    yup, I have no pen test experience. I don't see myself in that role, but it's always good to know things
    Reply With Quote Quote  

  11. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,630

    Certifications
    GPEN, GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #10
    eJPT will give you a nice intro to pentesting, and you get to test your knowledge and learn new cool tools (nmap, nessus, webapps pentesing), stuff that you can start immediately using in your current job

    If your employer can pay for it, SANS certs are great (GCIH for incident response), or GCFA for a more advanced cert



    Or you can read the incident response book by Eric Conrad...it's good.
    Goal: MBA, March 2020
    Reply With Quote Quote  

  12. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,403

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+, CySA+, Cloud+, and CASP; MCSA: Windows 7, ITIL F/CSI/OSA, CCNA: Cyber Ops
    #11
    Quote Originally Posted by MitM View Post
    I don't see myself in that role, but it's always good to know things
    This is, in my opinion, the right attitude to have. Far too many of my colleagues have no desire to move forward in their knowledge and that confuses me to no end. Want to be a better defender? Learn how pentesters/hackers/crackers attack your system. Want to be a better attacker? Learn how network defenders do their jobs. Seems far too simple to me.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  13. Senior Member
    Join Date
    Oct 2017
    Location
    Asia
    Posts
    272

    Certifications
    CISSP, CASP, CRISC, CISA, ISO27001 LA, CISM (application pending)
    #12
    I was planning to take the eLS PTS/eJPT, but a colleague of mine who is a pentester suggested that I go for freely available resources first (including the training materials that our penetration team has) before going into paid ones. Cloud-related certs are also viable especially if your employer has plans of going into cloud.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks