Security Basics mailing list archives
RE: security cert
From: "MeaCulpa" <meaculpa () punkass com>
Date: Sun, 13 Apr 2003 09:57:48 +0200
From: crawford charles [mailto:biv0uac17 () hotmail com] Has GIAC changed? As I remember, the firewall exam required knowledge of Cisco IOS CLI -- that is, your answers had to be written explicitly in terms of Cisco ACLs, etc, and correct syntax was an exam criterion. This does not qualify as "vendor neutral" to my mind. Granted, it helps to speak the language of the industry gorilla, but it's a poor evaluation method for general concepts.
Not sure. First week of May I will take the GCFW exams. Are you referring to the practical or the MPC exams? The practical requires you to write a router configuration so your network can be connected to the Internet or another network. I happen to know IOS, but if one would not, one could use the cisco config maker, grab the router config guide from the NSA and without too much knowledge one could write up a nice config, which is pretty secure. If it's for the MPC exams, then I agree, they should not ask IOS questions, but rather focus on the way IP, TCP, UDP, ICMP and the rest work, and how a firewall can help in mitigating risks. All in all, on topic again, it depends on what you want to accomplish with a certification. I take them for fun (since my employer pays for it) and it never looks bad on a resume (when combined with some real world practice of course). Mea
C. From: MeaCulpa [mailto:meaculpa () punkass com] Sent: Saturday, April 12, 2003 2:13 PM To: 'Paris Stone'; 'Ravi K'; security-basics () securityfocus com Subject: RE: security cert >Hello- >I was wondering if there are any security certifications that are not >specific to any product/s. One that tests the general understanding of >the security concepts in general. Most of the certifications I have >heard of are more IT oriented. Any specifically for telecom?? For the general concepts four certifications come to my mind: CISSP / SSCP (by isc(2)) TICSA (by trusecure) Security+ (Comptia) CIW Security pro (by CIW) For in-depth technical certifications GIAC would be good. Of the mentioned certifications I think highly of GIAC given the practicals they have to make. It just gives that little edge over an MPC exam. CISSP is lotsa theory and only MPC exam. However, they cover an enormous amount of material, so it could be pretty ok. After I get two GIAC certifications I will attend the CISSP exam as well... Mea _________________________________________________________________
------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
Current thread:
- Re: security cert, (continued)
- Re: security cert Billy Woodhams (Apr 12)
- RE: security cert Michael Cunningham (Apr 12)
- Re: security cert Paris Stone (Apr 12)
- RE: security cert MeaCulpa (Apr 12)
- Log on the domain J.S (Apr 14)
- RES: Log on the domain André Mendes (Apr 15)
- Re: Log on the domain Lee Seidman (Apr 15)
- Re: Log on the domain Jo Chew (Apr 15)
- RE: Log on the domain David Gillett (Apr 15)
- RE: security cert MeaCulpa (Apr 12)
- Re: security cert crawford charles (Apr 14)
- RE: security cert MeaCulpa (Apr 14)