Network Security Career Guide and Counseling

Question: Network security? I am strongly considering this as a career choice. I know people going out of college doing this job making 100-120 thousand dollars a year. I am currently enrolled in a computer repair and networking class, i was just wondering what all it takes to get network security as a career (somewhat of an Anti-hacker, if you will)

Answer: It isn't a bad career. However The two classes you listed are not enough really. In addition, I'd take computer security classes and consider Novel, Microsoft and Cisco certification as well. Ideally, you should have a college degree in computer security.

Question: How to start a Network Security Business as a Certified Network Security Specialist? Hello! Can anyone please help me with this question? Thanks! I am getting certified in Network Security from my school and should be finished within a month. I plan to start a Network Security Agency or Consultant Group. How would I go about this? Is there a large number of businesses willing to pay for an outsider to mess with their Networks Security? And what type of businesses should I start to market too? I have done searches on this through numerous search Engines, but nothing has come up. I appreciate your responses. Thank You all ahead of time!

Answer: It's totally obvious when a "consultant " walks in and has no real experience in their field, and I personally won't hire a consultant that doesn't have a reference list of similar projects completed. You really need some real-world experience first: get a job in the IT field, after five years you could probably wrangle your way into network security, get at least five years in network security, and then you'll be in a viable position to try this. As an aside: if you're thinking about consulting but don't know if what you want to do is possible, how to do it, if you have a market, or who that market is... that should tell you something important.

Question: How to be a security expert in network and data administration? Hi.I wanted to know about the persons who are called security expert or working to protect the network or data from the hackers.What are the courses available to know all these about network security?What are the qualifications needed to work as a security expert in a company?Thanks to all for your important suggestions?

Answer: Probably the most widely-recognised security-related courses are given by the SANS institute (http://www.sans.org/). They are not for beginners, though: you'll need a solid grounding in network and operating system configuration and deployment. Be prepared for disappointment if you try to get a job armed solely with qualifications. Experience is everything in this industry.

Question: How do I find out my Network Security Key? I've got the Wireless Network properties box open, and it displays: Security Type Encryption Type and; Network Security Key Except the characters aren't displayed, so it's just dots. And the box to tick whether or not to display the characters isn't available. How do I find out the Network Security Key so that I can connect other laptops to my wireless?

Answer: Its usually admin by default,,so just try typing in admin

Question: How do I find my network security key? I've been using my laptop on a wireless router based from my other computer. Apparently my laptop decided to forget the network security key, and I have no idea how to find out what it is. I'm not too familiar with wireless networks, so bear with me. Thanks!

Answer: You need to open the router interface page to find the key. It will be an IP address such as 192.168.1.1 or something depending on what type of router you use. This addy can be found in your router manual. You put this number in your browser address bar and enter.

Question: I cant find the network security key for my Linksys wireless router. How do i reset it? I had to reload the start disk on my computer and i need to find the network security key so I can finish setting up my wireless router. How can I reset the key?

Answer: If you can't access the web interface, then you can reset the router by holding down the reset button for 30 seconds. If you *can* access the web interface (go to 192.168.1.1 in your web browser), then you should be able to change it in there. The username/password combination is probably admin/admin if you haven't changed it.

Question: How to become a network security specialist? Should i go to college or get my certs (CEH, Security +) ? Should i go to a school like UAT that offers a academic program in network security and cost like 70,000 dollars(Way out of budget.) Go to a community college (Already going. Getting my degree in network administration(A.A.S) Or should i just get my certs? Which way is best for getting a job in that field?

Answer: The good thing about computer security is they are always in demand. So to answer your question is Yes yes and yes... CEH or certified ethical hacker is a joke. It is a crap class i have took it. However it still looks decent on a resume. The most prodominant certs to get in the security field is your CCNA and CISSP. These certs alone will get you many network security jobs. But start small with your A+, Network +, Security +, CEH, Certified Penetration Tester, and other white hat certs. The only other thing that will help you out is time under your belt. Get an internship at a local security firm or network secruity office. Anything to put time under your belt. With enough drive you will make it. But start small and work up to CISSP. That is the catch all certification....

Question: How do I get started in Network Security? I will be getting my associates degree in computer networking, this March. I was wondering what kind of beginner job I should get in order to get started in this career field. Most jobs that I have in network security are for people who have 5+ years of experience in the field.

Answer: Start as an administrator. Try a job that requires you to know multiple OS's.

Question: How do you retrieve a Network Security key for a Hewlett Packard Laptop? My boss' wife accidentally deleted her Network Security Key for her wireless router connection and they have asked me to fix it. The problem is, I don't have a clue. I suppose she needs to retrieve the Key somehow. Any help?

Answer: Look on the bottom of the wireless router. If not there, reset the router with the hard reset button on the back, use paper-clip, and re-setup the router. Write the key on the bottom of the router.

Question: Laptop security or network security: which is more important? According to a 2007 study by the Ponemon Institute and Redemtech, 70% of data breaches result from the loss of "off-network" equipment. That is, equipment that's not connected to the Internet. There are some other staggering numbers, but the point is that a huge percentage of data breaches are NOT "hackers" breaking into networks. They're good old laptop thefts, basically. So which is more important to focus energies on (not that any aspect should be completely neglected): laptop security or network security?

Answer: You need to focus on BOTH! As soon as you get tunnel vision on any aspect of security, some bastard is going to hit you from the sidelines. You are correct that most data breeches are due to stolen or lost laptops. That's a simple fix, though, with modern hard drive encryption products. Once a laptop is encrypted it's useless to anyone who doesn't have the appropriate IDs and passwords. Even moving the hard drive to another machine won't allow anyone to access the data on it. Most network breeches are actually from the inside by an authorized user. For this reason it's critical that you include security in your basic network design criteria and document user access authorizations in writing! Of course, any Internet-facing systems need to be hardened against attack. They should also be sand-boxed in a DMZ with firewalls between the DMZ and Internet and a second firewall between the DMZ and the internal network. You must ensure that security patches are applied as needed but don't just blindly apply patches without testing. And don't apply security patches that are not needed; for example a SQL injection patch isn't required on a web server that serves up static pages and isn't connected in any way to a SQL database. Also consider IPS/IDS. Snort is your friend here. You need to be aware of any suspicious activity on your networks and follow through on any alarms. Most alarms will be something innocent, but as soon as you get complacent something is going to go bust. Make SURE that someone is reviewing the logs frequently and documents that review. Also, consider penetration testing, both internally and externally. If you're like most systems admins, your first penetration test will leave you crapping in your jeans and working overtime to patch the holes. Make sure that the testing trips your IPS/IDS alarms reliably and fine-tune as needed to ensure good alarms and minimize false alarms. Finally, do NOT fall into the trap that one OS is inherently more secure that another. ALL OSs have security vulnerabilities in their default installations that need to be addressed. I've lost track of the number of Linux systems running Apace and MySQL that were trounced by simple attacks that should have been avoided if the admin knew what he or she was doing! Information security is a multi-faceted area that must focus on all potential threats simultaneously. Your systems ARE being hammered from all directions and it won't matter how good your laptop security is if an Internet-facing system is compromised by a SQL injection attack that exposes your customer data to an attacker.