Looking for Advice.

Michael Meyers

Hey all,

I do hope I'm posting this in the correct forum.
I'm looking for a little advice on where to get going when it comes to certifications.
I'm currently studying to my A+ core 1/2 and my plan to have my "trifecta" completed by January.
Once I have that milestone reached, I'm wanting to deep-dive into the security side of the IT world.
I don't have a degree or much experience in this field. My entire background is in HVAC/R. So I'm wanting to find what certifications are more likely to give me a head-start in eventually landing that first job that I can continue to springboard into Cybersecurity in the long run.
Any information or advice would be very appreciated!

Thanks,
Mike

daniel-lowrie87

Greetings Mike!

I would say that you're on the right track so far.

When you're ready to start branching into security specifically, there are many roads you can take, but you first need to decide on which branch of security you're going to focus on.

Defensive Security (aka Blue Team)
Offensive Security (aka Red Team)

These are the two main "branches" of security. There is plenty of overlap in each branch, but you'll be focusing on skills that are specific to their respective branches.

With Blue Team, you'll focus on implementation of tools/tactics/procedures geared towards building a fortified network system. This includes things like Threat Modeling, Defense-In-Depth strategies, monitoring (SIEM/Logging/IDS), Antivirus, EDR, Mobile security, Cloud security, Incident Handling/Response, Disaster Recovery, etc.

Blue Team certs include: CySA+, CASP+, GSEC, CFR, ECIH, CCNA Cyber Ops

With Red Team, you'll focus on implementation of tools/tactics/procedures designed to test a network system's defenses by acting in the same manner as a true threat actor would. The Red Team findings would then be utilized by the Blue Team to "fix the weak spots", thus enhancing their security posture.This includes activities like Vulnerability Assessments and Penetration Testing/Ethical Hacking.

Red Team certs include: Pentest+, C|EH, OSCP, eCPPT, GPEN, CPT

I hope this helps.

Cheers,
Daniel