Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
View
Sort
Coming soon
5

I was under the incorrect impression that my boss (who is the IT Director) could endorse me for CISSP. Just started reading the Sybex book and it says the sponsor must also hold CISSP certification.

So what would my options be here? Will someone from ISC2 be able to act as sponsor and interview my boss? What do you recommend?

It seems a little strange to go locate a person with CISSP cert and ask them to interview my boss and help me out. I don't think they would get anything for them out of it.

5
10 comments

I had to have ISC2 endorse my process which I initiated on the 8th of this month. It was just a bit of additional paperwork and a letter from my employer validating my position and start date. I am sure it will add a bit of time but at this point I don't even care. I passed and that was my only concern.

see more
Original Poster2 points · 4 days ago

Congrats on your pass, and thanks for the info!

Original Poster1 point · 4 days ago

Excellent! Thanks for the information everyone. Most likely I will request ISC2 to endorse me and they can contact the IT Director here to verify my qualifications.

Just wanted to make sure I have a path to complete the process before I commit myself to studying for CISSP.

Router also has to have a route listed in the routing table for both subnets/networks. Because both routes are directly connected subnets, you would think those subnets/networks would be in the routing table automatically.

Also like other people mentioned, the default gateway has to be set correctly on both PCs. The default gateway should be set to the router interface for that subnet/network. So PC A needs to have a gateway that is a router interface, not a switch interface.

For networking courses check out Chris Bryant David Bombai, or Neil Anderson on Udemy.com. By the way, Udemy pricing is a bit schizophrenic. I guess they are using some sort of surge pricing. Wait a week or two for the course prices to go on sale for $10 or $15.

3 points · 10 days ago · edited 10 days ago

Taking 1 step back just to be sure

  1. Make sure your WAN connection is sufficient speed.
  2. Redundant high speed WAN connection if business outage would prove costly enough.
  3. Set up Express Route if you haven't done so already.
  4. Set up bandwidth throttling before you start replicating VMs. This will prevent initial VM replication from eating up all your bandwidth.
  5. Use Azure Site Recovery to start replicating VMs.
Original Poster1 point · 10 days ago

1Gb line at the moment. Working on Express route for primary tunnel, at which point our current line becomes the fail over.

Didn't know throttling was an option. ATM we only have a handful of test systems so it hasn't become a problem. But it will, so thanks.

We are using site recover to replicate and fail over. Pretty smooth :)

see more

Here is the information on setting up bandwidth throttling in Azure Site Recovery VM

https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-plan-capacity-vmware

In the exact situation as you and trying to figure out the same thing. If Microsoft wasn't in the middle of changing their 70-533 Azure course / certification track, I would look at that.

Consider AWS, Windows 2016 cert, a security cert, another Cisco cert, etc. Improving your Linux skills is of course a good choice as well.

Original Poster1 point · 12 days ago

That's been my plan since day one. I want to start my own network consulting business and grow from there but I've always felt like I don't know enough to offer a worthy service to my customers. So I've been trying to advance further in my career to the point I can call myself an expert and have some savings, and then start it. Maybe I just need to go for it but I still feel like I'm no where near ready. I'd call myself a lvl1-2 engineer and I haven't done much design which would be a big part of what I'd be doing.

see more

Are you decent at learning quickly? Maybe worse case scenario you make some contacts you can send projects to if it's not in your wheelhouse.

If you're not working now, you have nothing to lose. Every small consulting proj you do will build your experience and be a source of positive references (hopefully) that you can use for future consulting (or a full time position).

Make sure you have a write simple contract for every job describing the scope of work.

You might be able to get business by contacting SMBs with tech openings and offer to be their interim tech person until they find a permanent person. If you do a good job and there really isn't a need for a full time person, they'll probably just keep you on.

Always easier said than done of course. Never saying it is easy.

Original Poster1 point · 12 days ago

Yeah I'm smart and capable. The hardest part of your plan would be finding clients. I don't have a history or reputation to go off of, but I would be down to take on any IT related job. And the only issue I see with your contacting SMB's for temp work is that they typically don't work like that. They can't just have someone work temporarily, without going through HR and onboarding, and if they are going to do all that, they'll just do it for the candidate they're going to keep full time. But thank you for the recommendations. I'm just going to keep hammering the MSP and infrastructure job listings and hope someone takes a chance on me, I really think I'm a diamond in the rough and can prove my worth to the first person that hires me.

see more

The only other way I can think to get clients is attending face to face business networking events. Any type of cold calling or traditional advertising or online advertising is likely going to be a waste.

Job search is tough, and we have no choice but to keep trying, and keep working on improving our resume, skills and experience.... i.e. home labbing -> physical and/or virtual, volunteer 1x month for a non-profit doing tech, certfications, etc.

You might try getting some recruiters looking for you as well. Try to meet with recruiters in person if possible.

Load more comments

Are you having trouble with getting interviews? Than issue could be with your resume and/or cover letter.

Having trouble with interviews? Me too! And I am working on that!

Start working on gaining experience ASAP through the following:

- home lab, physical and/or virtual (sign up for a free Azure account and AWS account, and start training in one or both if possible)

- volunteer once or twice a month if possible to do tech work (i.e. for a non-profit), or more if you can

- Ask your friends if they know anyone that needs help with their laptops or basic tech questions for a low/reasonable rate.

I've been doing this for almost 20 years, and in the last 5 years Azure and AWS came out, so I am working really hard to learn these new technologies just like people straight out of high school and college, if that makes you feel any better.

Original Poster1 point · 22 days ago

Thanks for the advice! Any idea on how this stacks up against other certs?

see more

Same question here. Anyone know how GSEC compares in terms of difficulty to pass, industry demand, scope material, type of material, etc.

Skip companies with requirements like "CISSP and 10 years of experience". That's a senior position and really they don't have a clue because they are combining two shortages to limit their candidate pool to effectively no one (CISSP + 10 years + looking for a job = nobody)

Work on becoming a good network admin with an emphasis on security and automation. That will help you toward the position that you want.

Decisions about an org's security posture are typically done at the senior level (Director, Senior Manager). If you want to get there you need more than a degree; you need real work experience. This is where the "10 years" is actually realistic. Shit gets real at the architect and senior analyst level.

Focus on becoming the best damn admin you can be, with an emphasis on security and DevOps. That will set you up for success.

see more

What kind of skills in automation specifically should we be working on... Powershell? Python? Software Defined Networking? Ansible?

1

I'm a sys admin at a non-profit organization going on 6 years and super interested in security. Being at a small/medium company, and nobody else being interested, I have spent much of my time working on various security projects. I just passed the CCNA Routing and Switching cert, and trying to figure where to go from here.

I would love to get into cyber security full time. I emailed the company (ISC2) that puts out the CISSP exam as to whether my sys admin experience would fulfill the job experience requirements for CISSP. That was about 3 weeks ago and I haven't heard back. So my questions are:

  1. Will my experience fulfill the CISSP experience requirement?

  2. Will the CISSP cert help me break into the security field? What job title might I be applying for if I pass the CISSP?

Also interested in CCNA CyberOps exam, although people are telling me because it's not a well known cert it won't help me much. I might wait until my CCNA Route Switch is two years old, and I could keep CCNA Route Switch cert from expiring by passing CCNA Cyber Ops at that time.

Thank you.

1
14 comments

When I read candidate resumes and that resume has a CISSP on it, it usually ends up looking something like one of these two situations:

"Hmmm, nicely qualified candidate. Good experience and skill set. Oh and hey, and active CISSP is great as well."

"Hmmm, this person has a CISSP but doesn't have any experience. (moves to bottom of pile)"

Lots of companies just want a CISSP and don't know what that entails. I've seen entry level SOC analyst positions and sales engineer positions "require" a CISSP in the job posting. It's just silly.

see more
Original Poster1 point · 28 days ago

I understand that in some cases the popularity of the CISSP is not logical. I'm just trying to figure out if it will help me "break into" (no pun intended! :-)) the security field. Even entry level SOC analyst pays better than my current gig as sys admin at a non-profit. And I do security related projects at my work voluntarily because I enjoy security. Hopefully this will count a little bit as experience in some respects. I don't expect that it will count the same as a full-time security analyst work. Anyhow, I think I need to give this serious thought to try and try to head in this new direction.

At the same time if some really cool people at a really cool company interview me and offer me a better sys admin job as per my discretion, that might work too until I can obtain CISSP, CCNA CyberOps, etc etc. I want to move to a new gig that will benefit my career, and I don't want to wait until I complete CISSP. Hopefully in a new sys admin role I can gain more experience with Azure, AWS or something along those lines. Also get some experience with tech in a larger enterprise. That seems to have been a bit problematic in some larger org interviews... that I work for a smaller company.

So I might end up with a different sys admin / network admin role until then.

Don't fret the CISSP for now. Build your tech and people skills.

When you interview at the right company, a CISSP will help solidify you as a candidate. Until then, focus on real-world skills like troubleshooting and automation.

see more
Original Poster1 point · 23 days ago

Great advice, thank you! What kind of automation skills do you recommend improving? Powershell? Python? Ansible? Software Defined Networking? Other? There are so many choices. Sometimes I just pick something, because something is better than nothing. Perhaps that strategy hasn't been super successful yet. Will keep learning and keep trying.

Load more comments

2

Any system administrators out there that went through the CISSP study and exam process? Would you do it again?

Would you recommend it to another Sys Admin that is super into security topics and wants to help his/her career? I just want to be sure this is a good direction before I commit 6 - 9 months of my life to preparing for this exam and $599. It's a serious commitment.

2
9 comments

Just for point of reference, people invest 100s of thousands of dollars and way more months/years into their education/career and see an ROI and compete with their peers. $600 and 6-9 months(i think you could do it in 2 months however) is a very small investment career wise.

see more
Original Poster1 point · 26 days ago

You are so right! I will try to keep that in mind. I am hoping it will be a good investment.

i dont know a single person who has gotten their CISSP and said it was a poor investment. Though i wouldn't assume you will get it and be guaranteed a job without having had any full time security experience. You will still need to get your foot in the door. But it will give you access to those doors. good luck!

see more
Original Poster1 point · 26 days ago

Thank you! If CISSP doesn't help get me into security field it will help me when applying for new sys admin / network admin at the least, or perhaps an IT Director position at a smaller company. Well that's my best guess at least.

Load more comments

I absolutely recommend it! But I helped write it, so I might be more than a little biased... ;)

see more

Michael, you write CCNA and CISSP content! You are one multi-talented person.

You climbed another mountain:

Long slog up mountain

2

Maybe these are dumb questions. I guess I am opening myself up to the wrath of Redditors here...

If I want to control Win 10 desktops with Group Policy... Would that require a Win 2016 server? Does that Win 2016 server have to be a domain controller? If we have two Win 2008 domain controllers already, could I add a third Win 2016 domain controller?

Currently I have Win 2008 sending out GPs to all clients. But I suspect the controlling the start menu on Win 10 PCs doesn't work properly if the policies are coming from a Win 2008 server.

2
22 comments

It's a little worse than that. They used to work until Microsoft deliberately invested programming resources into disabling them as part of the version 1607 update. On a totally unrelated note, this was about the same time they made it possible for small businesses to license the Enterprise version through Office 365 for $7/month.

As you suspected, the only way I know of to centrally manage removal of CandyCrush and whatnot on 10 Pro business workstations is through pushing powershell scrips.

see more
Original Poster1 point · 27 days ago

Is Windows 10 Professional supposed to for home use? Maybe that was our mistake in purchasing the wrong version.

Microsoft: We're going to put a bunch of consumer apps in the business version, and you can pay us extra so that your users will not see them. :-)

I think the issue is that Win 10 Pro was (is) part of the free upgrade offer and available cheaply through OEM licenses. 10 Enterprise is only available through Volume Licenses (typically with Software Assurance subscriptions) and now through Office 365 as a subscription.

I believe MS decided to push ad and store revenue in 10 Pro due to the lack of recurring revenue. Companies that want to avoid the ads can now pay an ongoing subscription to Enterprise, but either way MS gets additional revenue past just the original OEM license

see more
Original Poster1 point · 26 days ago

Follow the money as they say. And it all makes sense.

Load more comments

1
  1. What is the #1 book for CISSP in your opinion?
  2. What is the best video course for CISSP (i.e. PluralSight, Udemy, etc)
  3. What is the best practice exam vendor for CISSP (i.e. Boson, etc)

Easily doubled or tripled needed time in studying for CCNA Route Switch, because I did not choose the best learning materials. Considering to take the CISSP journey. I don't want to make the same mistake with the wrong learning materials.

1
11 comments

There is no "best" in any sense. Each is "best" for different people for different reasons. For example, I preferred AIO to Sybex while most prefer the other way around, but most seem to come from a networking background while I came from a development and project management background so I needed the depth of AIO. I found almost all of the test questions to be much more difficult than even Boson, but along the spectrum Boson was closer in terms of wording and content than any others. It all depends on your background, your needs, your study habits, etc.

For video courses, IMO the Larry Miller course on O'Reilly SafariBooksOnline is very good, but I found the Sari Greene course unhelpful. Others found her course excellent. Shon Harris' MP3s from her old 2003-ish video course are online for free and are still about 80-90% relevant and very good for listening to.

The only thing we all seem to 100% agree on is that Kelly Handerhan deserves sainthood for her free Cybrary.it course.

see more
Original Poster1 point · 27 days ago

Perhaps instead of "best" I should just say, what are your favorites / recommendations.

No worries, just don't want you to think this is quite like some other certs. It's not one where you can just study a single study guide, so be prepared to use multiple sources regardless.

see more
Original Poster2 points · 27 days ago · edited 27 days ago

For Cisco CCNA Route Switch ICND1 and ICND2 I worked through 3 books, 4 video courses, labs, Boson exams, etc. So perhaps not much different in this case.

Load more comments

I had Boson exam software for multiple Cisco exams on 2 PCs. No issues. CISSP shouldn't be different. If you want to be absolutely sure you can of course contact Boson.

Semi-related, and I've been waiting for something similar to come up somewhere:

I'm 48, was in IT last about 15 years ago, but due to two straight lay-offs due to money because others higher up misappropriated funds, I decided to do other things (retail, rejoin the Army).

Now, I'm trying to get back into IT. I just recently passed my Net+ and Sec+ exams and am currently taking courses for my CCENT/CCNA and Server 2012 MCSA. I have posted my resume on a few job boards and actually been to a few interviews. Unfortunately, I get met with the lack of (recent) experience. Any suggestions by anyone on how to overcome that? I'm planning on going the infrastructure (networking) route.

Thanks in advance!

see more

Take a serious look at trying to get occasional weekend or evening consulting work on your own. Then you can build experience again! Perhaps some of your old contacts need occasional extra help for minor projects.

Don't exclude contract jobs in your search if possible. Can build experience more quickly in contract jobs (probably should have done that in my career too).

I have experience and I am still having a bit of trouble in interviews. Currently working on my own soft skills and my next cert. Linked up with a consultant friend of mine and hoping to do some consulting work occasionally on the side.

Keep working on the certifications and labs (i..e free AWS instance, Cisco Packet Tracer, etc).

26 points · 2 months ago

Learn AWS, and I mean learn it properly: how to design and build resilient and scalable systems. You’ll find that an AWS certificate or two coupled with your sysadmin skills will make you seriously desirable in today’s market.

see more

Doing Azure training from PluralSight, putting 1 production server into Azure as I write this, and working with Azure OMS in production environment as well.

Was studying for Azure 70-533 and that exam is about to replaced. So I will pick up the AZ-100 and AZ-101 exams once someone comes up with training materials I guess.

Hopefully there is a spot in the world for me with Azure work in the future? AWS has a huge lead, but maybe some companies will pick Azure and need help? Currently 41 years young.

5 points · 1 month ago

Totally unrelated to hiring someone or not:

You'd likely be much better off in the long term contracting out the O365 migration and ERP implementations to companies w/ experience in both. Look at it this way, how many O365 migrations have you done? How many will you do in the future? Going to a company that's done hundreds, will be a tremendous time saver.

see more

Regret that I didn't lead the Office 365 migration when I had the chance, but instead worked with consultants. Many companies I have interviewed at since then are looking for someone who has led Office 365 migration previously.

yeah but then network hiccup happens, then users freak out cause of no icons on the desktop or what evs and then they refuse to reboot, then management asks why it isn't working, blah blah blah.

see more

With folder redirection, doesn't that make Windows logins take considerably longer? Not using folder redirection currently, and people's logins are very fast, because they don't have to load 100 mbs from a server to their desktop.

folder redirection doesn't copy data from the server back to the pc. you're thinking roaming profiles.

see more

Ah, that's right. I was thinking of roaming profiles. Thank you.

Load more comments

2

Just passed ICND2 exam to earn my CCNA Route Switch cert.  I have 10+ years doing help desk, and 5 years in a sys-admin role (50% helping end users, 50% servers/network).  I love learning about security. I'm not super fond of Azure, and yet Azure is super important in my field.  Need the Azure skills for my current job, and most other IT jobs out there I am finding out.

Should I focus on CCNA Cyber Ops or Azure 70-533 exam next, or something else?  I think I am somewhat familiar with much of the Cyber Ops material already based on the seeing the exam objectives.  I am guessing I am probably going to have to do both Azure and CCNA Cyber Ops.  I think I could complete both in about 12 - 18 months.  Open to your opinion and recommendations, whether it is for these exams or for something else. Maybe after CCNA Cyber-Ops cert I can get a Security Analyst position and leave Azure behind.

2
7 comments

As someone with both the Cyber Ops and Security+, I would say this is accurate. Granted I found the material for Cyber Ops to be much more interesting and practical than Sec+, the reality is that Sec+ has way more recognition in the industry, and can open the door to DoD jobs (Cyber Ops is not an approved 8570 baseline cert).

I can't really recommend the Cyber Ops at this point unless you were given the scholarship for it, but I believe that Cisco may have ended that program. It was great in that it renewed my CCNA R&S and Sec+ all in one shot, but it just hasn't caught on yet in the industry from what I've seen.

I can't comment on the Azure cert though, sorry.

see more
Original Poster1 point · 1 month ago

Hey no worries. Thanks for the input. From what I have heard that if you can pass CCNA Cyber Ops, you can take Security+ at the same time and with just a tiny bit of extra studying you will pass both. We'll have to see if Cyber Ops catches on with employers, as it is very new.

Not sure if I want to commit to CISSP for like $600. If I fail that and have to take it twice, that's going to hurt. Can being a sysadmin count for the 5 years of experience that is required? I'm not sure if you have to be in the security industry already, or if general IT experience would count. Obviously as a sysadmin we are dealing with security, but it is only a portion of our jobs.

If SY0-501 is the same as SY0-401 (the version of Sec+ I passed a few years ago), I'd say yes, you can take Sec+ at the same time as CCNA Cyber Ops and pass with a bit of extra studying. There is a lot of overlap between the first half of Cyber Ops (SECFND) and the Sec+ from what I can recall. I don't think based on your experience level that it would be very useful to get the Cyber Ops, though, unless you're interested in taking what I presume would be a massive pay cut and applying for T1 SOC Analyst positions.

As for your whether your sysadmin experience would count for the CISSP experience requirement, it's a good question. That would obviously be considered on a case-by-case basis, so perhaps you could give them a call and see if you would qualify.

I'm not in cybersecurity myself, but everything I've seen tells me it's at least a mid-level IT career. There hasn't been a job posting I've seen that I think I would qualify for that would be within the same salary range I'm in currently. I'm not sure if you have a degree, but I get the impression it is much more important there than for general sysadmin work.

see more
Original Poster1 point · 1 month ago

OK my I will just have to reconsider CISSP then, as like you said CCNA Cyber Ops is associate level, so perhaps I need to aim higher. Food for thought, 2x CCIE Kevin Wallace said if he were starting out now, the 1st cert he would get after CCNA Route Switch is CCNA Cyber Ops, and then CCNP Route Switch. Though I don't have a ton of certs, I am not exactly just starting out either.

So I will contact the people at ISC and ask if my sysadmin experience qualifies towards CISSP experience requirement. Thank you.

Load more comments

6

Running an older version of Electrum LTC software on an Linux Mint laptop. When I launch the Electrum LTC GUI, it says it can't connect to the LTC network and has red dot at bottom right (disconnected). I tried about 5 different servers in the list and cannot connect to any of them.

I have a working internet connection. Are there any particular LTC servers people recommend that I can connect to? Or should I download a new version of Electrum LTC perhaps, and copy my wallet folder over?

6
1 comment
Original Poster1 point · 1 month ago

Hmm... Electrum-LTC was connected automatically after I left it running for a few hours and I checked back later.

Build your skillset and move to a place that respects it's employees and it's quality of work.

It isn't that expensive to build a proper environment with room for test deployments, high availability, dual internet and the like. From a % of revenue perspective IT costs are hugely down for 20 years ago.

I aim for 1.5%-3% of revenue for a non IT focused company (accountants, lawyers, project management etc.). That's inclusive of hardware, software, connectivity, servers, training etc.

If the company doesn't want quality IT service (which gives you an actual life), I'll find somewhere else to work.

see more

Is that 1.5% to 3% including IT payroll / salaries?

Probably some people burn out after the 1st exam and don't go on to the second. Also the 1st exam is more broadly applicable, so more people working in general I.T. areas may take that exam.

You can use Packet Tracer and GNS3 for all the labs. Not quite as good as an actual home lab, but it will be enough for the exams. In Neil Anderson's Udemy.com course, he will show you how to set up GNS3. Also I recommend Chris Bryant's Udemy.com course.

If you are repeating the same Boson exams you are just memorizing the questions. You might look at an additional source instead of re-watching Jeremy's videos... i.e. Chris Bryant's videos on Udemy.com.

With the Boson exams make sure to carefully read the explanations for all the questions, even if you answered the question correctly.

You may just need quite a bit more practice. If you are newer to the material, the questions and troubleshooting situations can be intimidating.

u/joshgoldeneagle
Karma
778
Cake day
August 28, 2013
Trophy Case (2)
Four-Year Club

Verified Email

Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.