Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Career Advice


  • Please log in to reply
6 replies to this topic

#1 GeneralAuditor

GeneralAuditor

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 22 September 2017 - 02:32 PM

Hi, I'm new to the forum. I have joined to get some advice from experts here.

I'm a generic auditor (I have the IIA Audit qualification) working in the UK. However, I really want to specialise as an IT auditor, specifically, Cybersecurity (a subject matter expert). Unfortunately for me, I have no qualifications, certifications or experience in IT. My degree was in Accounting and Finance, so a completely different area.

I just want advice on where to start, since I have no idea. I have bought a Dummy's book on Networking to understand basics. Would this be the right book to begin with, since I'm thinking Networking would be a good place to start for Cybersecurity as it's all about protecting the organisation's network? I am also thinking about doing some Open Univeraity modules to get going.

My concern is that Networking is a practical field, so how do I get experience with having a full time job already. From my understanding, I don't think I can build a network at home, since it would be too costly? But is there anything else I can do?

Any practical tips to start with at home and to start this journey would be greatly appreciated.

Thanks GeneralAuditor

BC AdBot (Login to Remove)

 


#2 Kilroy

Kilroy

  • BC Advisor
  • 3,411 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:04:52 AM

Posted 22 September 2017 - 03:17 PM

Welcome to Bleeping Computer.

 

I'd suggest looking at job posting for the position you're thinking about.  That will give you an idea of what you will need to know and what certifications you will need.  I don't know if a Cybersecurity IT auditor would be a penetration tester (Pen Test) or not as I'm on the support side.

 

As far as studying without the equipment there are virtual simulations for things like a Cisco network.  I haven't used them, but ITProTV has online labs, but is pricey, $85.70 US per month.  If you do go with the labs version of ITProTV make sure you take advantage of the Transcender practice tests.  I used them for most of my certifications and highly recommend them.  



#3 GeneralAuditor

GeneralAuditor
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 22 September 2017 - 03:22 PM

Hi Kilroy, and thanks for replying. What would I need to do to become an expert in Pen Testing?

For my organisation, we do bring in external contractors to do Pen Test, so knowing it would be useful. I take it, I would have to know code to create exploits?

#4 Kilroy

Kilroy

  • BC Advisor
  • 3,411 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Launderdale, MN
  • Local time:04:52 AM

Posted 22 September 2017 - 03:34 PM

Unfortunately Pen Testing isn't something I do, so I have very limited knowledge about it.  There are Pen Testing devices you can purchase that do most of the work for you.  This pages has a lot of tools for Pen Testing.  Please remember that using Pen Testing tools on something that is not yours can result in criminal prosecution, loss of liberty, and a very bad day.



#5 arlattimor

arlattimor

  • Members
  • 591 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Beaufort, SC.
  • Local time:04:52 AM

Posted 22 September 2017 - 07:30 PM

You are on the right track by studying networking to get the foundational information under your belt. Because you are starting out, and because I have taught CompTIA & Microsoft courses I would recommend you prepare for your Network+ Certification from CompTIA. If you don't have the money to purchase networking equipment you can use Cisco Packet Tracer, GNS3, or Routersim by Todd Lammle, all of these are excellent network simulators. 

 

The wonderful thing that I have learned about CompTIA Certifications is that they lay a foundation for the next ones. Let's say you achieve your Network+ ok. Would you be surprised to know that a majority of what you learned in Network+ is also in Server+, and Security+? This helps cut down on your study time because you are reviewing information you already know. 

 

So prep for Network+ pass it, then you already have a foundation laid for Server+ and Security+. From there you have enough of a foundation to prep for higher level certifications from other vendors. If you need help let me know always ready to lend a hand.

 

Oh almost forgot, I use www.cybrary.it for all of my continuing education credits and it's absolutely free does not cost you a dime.

 

Hi, I'm new to the forum. I have joined to get some advice from experts here.

I'm a generic auditor (I have the IIA Audit qualification) working in the UK. However, I really want to specialise as an IT auditor, specifically, Cybersecurity (a subject matter expert). Unfortunately for me, I have no qualifications, certifications or experience in IT. My degree was in Accounting and Finance, so a completely different area.

I just want advice on where to start, since I have no idea. I have bought a Dummy's book on Networking to understand basics. Would this be the right book to begin with, since I'm thinking Networking would be a good place to start for Cybersecurity as it's all about protecting the organisation's network? I am also thinking about doing some Open Univeraity modules to get going.

My concern is that Networking is a practical field, so how do I get experience with having a full time job already. From my understanding, I don't think I can build a network at home, since it would be too costly? But is there anything else I can do?

Any practical tips to start with at home and to start this journey would be greatly appreciated.

Thanks GeneralAuditor


Edited by arlattimor, 22 September 2017 - 07:33 PM.

A. Lattimore

CCNA, CWNA, MCITP, MCSA, MCT, MCP, Security+, Server+, Linux+, Network+, A+, CNST

Network Security Engineer

 


#6 GeneralAuditor

GeneralAuditor
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 23 September 2017 - 07:46 AM

Thanks Arlattimor. Will check it out.

#7 RJMass1

RJMass1

  • Members
  • 109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ohio, USA
  • Local time:05:52 AM

Posted 19 October 2017 - 01:41 PM

 I agree Cybrary is great, lots and lots of great free training. I also find www.udemy.com to have some really great low cost courses by some great instructors in the business.

 

 

You are on the right track by studying networking to get the foundational information under your belt. Because you are starting out, and because I have taught CompTIA & Microsoft courses I would recommend you prepare for your Network+ Certification from CompTIA. If you don't have the money to purchase networking equipment you can use Cisco Packet Tracer, GNS3, or Routersim by Todd Lammle, all of these are excellent network simulators. 

 

The wonderful thing that I have learned about CompTIA Certifications is that they lay a foundation for the next ones. Let's say you achieve your Network+ ok. Would you be surprised to know that a majority of what you learned in Network+ is also in Server+, and Security+? This helps cut down on your study time because you are reviewing information you already know. 

 

So prep for Network+ pass it, then you already have a foundation laid for Server+ and Security+. From there you have enough of a foundation to prep for higher level certifications from other vendors. If you need help let me know always ready to lend a hand.

 

Oh almost forgot, I use www.cybrary.it for all of my continuing education credits and it's absolutely free does not cost you a dime.

 

Hi, I'm new to the forum. I have joined to get some advice from experts here.

I'm a generic auditor (I have the IIA Audit qualification) working in the UK. However, I really want to specialise as an IT auditor, specifically, Cybersecurity (a subject matter expert). Unfortunately for me, I have no qualifications, certifications or experience in IT. My degree was in Accounting and Finance, so a completely different area.

I just want advice on where to start, since I have no idea. I have bought a Dummy's book on Networking to understand basics. Would this be the right book to begin with, since I'm thinking Networking would be a good place to start for Cybersecurity as it's all about protecting the organisation's network? I am also thinking about doing some Open Univeraity modules to get going.

My concern is that Networking is a practical field, so how do I get experience with having a full time job already. From my understanding, I don't think I can build a network at home, since it would be too costly? But is there anything else I can do?

Any practical tips to start with at home and to start this journey would be greatly appreciated.

Thanks GeneralAuditor

 


Edited by RJMass1, 19 October 2017 - 01:42 PM.

"The world is a dangerous place, Elliot, not because of those who do evil, but because of those who look on and do nothing." ~ Mr Robot
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users