Re: Seeking views on importance of certification

["Steve" <securityfocus () delahunty com>]

I work with the Network Professional Association and this issue of the value
of certs often comes up.  I think their policy statement provides some good
insights.  I hope this helps.


The Network Professional Association (NPA) position statement on Training,
Education, and Certification.

The NPA is deeply involved with the ongoing continuous process of working
with education, media and vendor partners to define the discipline of
Network Computing and the Network Professional of the future. We believe
that there is value to many vendor certifications, especially if the
individual works in environments with the specific technologies that are
offering the certifications. But the NPA also believes strongly that there
are other areas of education and skill development that are important for
the Network Professional to be well-rounded and ready for the current and
future directions of the IT industry. One of the NPA's key initiatives is to
help define the different paths available to Network Professionals and the
recommended mix of undergraduate, graduate, technical and continuing
education; along with vendor specific and vendor-neutral certifications and
real world experience.

----- Original Message ----- 
From: "Ed Spencer" <espencer () usa net>
To: "'Chintan J. Shah'" <chintan () gnvfc com>;
<security-basics () securityfocus com>
Sent: Monday, February 16, 2004 2:17 PM
Subject: RE: Seeking views on importance of certification


With most certification you'll find a number of years pass before they are
recognized readily by the HR departments at most companies and it really
'catches on'.  I found this to be true of the A+ certification when it was
originally introduced in the early 90's.  It was 3-4 years before anyone
ever asked me if I had the certification at all.  Having already surpassed
the intial hurdle of getting a degree, certification is a good road to start
down to increase your chances of meeting  a 'hiring criteria checklist' used
by many HR departments.  With your desire to move into the security area I'd
start with Security+.  Even though it's a new certification and unlikely to
appear as a 'requirement' for a job, it will give you a good start on
security certification by providing an introduction to the types of
questions you'll experience on other tests.  From there I'd look at SSCP
(https://www.isc2.org/cgi/content.cgi?category=20), the CISSP's lesser
cousin also offered by ISC2.  If you don't have the requisite experience for
this certification I'd consider vendor specific certification like
Microsoft's MCSA:Security
(http://www.microsoft.com/learning/mcp/mcsa/security/windows2000.asp) as
well as other vendor-neutral certification like RSA's SCNP/SCNA
(http://www.securitycertified.net/) or GIAC's GSE (http://www.giac.org/).
Depending on the direction you want to head within the security field I'd
also consider persuing programming, operating system, forensic, or policy
experience/classes/certification.

Remember that most security positions have a broad experience requirement
and by exposing yourself to as much security related material as possible
(http://infosecuritymag.techtarget.com/articles/august01/columns_logoff.shtm
l).

Good luck in your persuit of a security career.

Ed Spencer
MCSE/MCT/MCP/CNA/A+/Network+/Security+
University of Alaska Fairbanks.

-----Original Message-----
From: Chintan J. Shah [mailto:chintan () gnvfc com]
Sent: Sunday, February 15, 2004 11:24 PM
To: security-basics () securityfocus com
Subject: Seeking views on importance of certification


Dear All,

Hi,

I'm having B.E. computer degree and also holding CCNA certification and
currently working in Netowrking as Network engineer. I'm having 2.5+
years of expereince.

Currently, I'm purusing for preparation of CompuTIA Security+
Certification as I want to make my career in Network Security. As I'm
not eligible for exam lik CISSP , I thought first take security+
Certification to enter in to market...

I'm seeking the you all views of Security+ Certification , especially in
Indian how much benefit i could get through this certification..
However, I'm having exposure on some security tool like Nmap, NFR and
also on Snort, IPtables firewalll etc.....

Looking forward to views of you all security guys....

Thanks in advance ,,,

--
With regards,

Chintan Shah





---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------