Security Basics mailing list archives
RE: CISSP Question
From: "April Carson" <ACarson () HNTB com>
Date: Thu, 10 May 2007 15:54:39 -0500
Ugghhh I tired packet Tracer 3.2 and 4.0 and found it annoying. I just went out and got my own Cisco router and am much happier. Of course I also get to play in works data center now and again. -----Original Message----- From: Craig Wright [mailto:Craig.Wright () bdo com au] Sent: Thursday, May 10, 2007 2:23 PM To: April Carson; david.a.harley () gmail com; Simmons, James; Yousef Syed Cc: security-basics () securityfocus com Subject: RE: CISSP Question Buying a router for home practice would lower your chances if I am in the Interview. First, we have the economics. A router simulator (such as Boson) is less expensive and offers just as much and also maps to Cisco (and other) exams and tutorials. Thus there is a manner of testing the skills. Thus you have not demonstrated a good financial knowledge and thus are less likely to make well informed project decisions. Next a home router is limited to the extreme. It is a single router, OSPF, VRRP etc are not generally feasible. There is no way to learn and understand on a simple home router. You are unlikely to wipe and start again as often. I could go on. A simulator does far more. So this would be the proverbial next the minute you decide to mention it. Regards, Craig Craig Wright Manager of Information Systems Direct +61 2 9286 5497 Craig.Wright () bdo com au +61 417 683 914 BDO Kendalls (NSW) Level 19, 2 Market Street Sydney NSW 2000 GPO BOX 2551 Sydney NSW 2001 Fax +61 2 9993 9497 www.bdo.com.au Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. The information in this email and any attachments is confidential. If you are not the named addressee you must not read, print, copy, distribute, or use in any way this transmission or any information it contains. If you have received this message in error, please notify the sender by return email, destroy all copies and delete it from your system. Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls. You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or Director of BDO Kendalls. It is your responsibility to scan this communication and any files attached for computer viruses and other defects. BDO Kendalls does not accept liability for any loss or damage however caused which may result from this communication or any files attached. A full version of the BDO Kendalls disclaimer, and our Privacy statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator () bdo com au. BDO Kendalls is a national association of separate partnerships and entities. ________________________________ From: listbounce () securityfocus com on behalf of April Carson Sent: Thu 10/05/2007 10:46 PM To: david.a.harley () gmail com; Simmons, James; Yousef Syed Cc: security-basics () securityfocus com Subject: RE: CISSP Question Good points. However if someone was going to invest money into their skills, I would be more impressed with someone who purchased a router and set one up at home. This shows initiative, drive and a willingness to learn. Just because I have a drivers license and drive fast does not mean I am a racecar driver. Someone who hammered through a boot camp to get the certification but never put his or her hands on the equipment may not be a skilled network administrator or security specialist. They might just be someone who can memorize a large amount of information. Ultimately, I believe you should find the job you want to have and research what THEY require. If they want a degree and you get a certification then perhaps you wasted your time. I do not believe there is a hard and fast answer to this discussion of degree vs. certification. However, the discussion was interesting and fun! As always, -April -----Original Message----- From: David Harley [mailto:david.a.harley () gmail com] Sent: Thursday, May 10, 2007 5:10 AM To: April Carson; 'Simmons, James'; 'Yousef Syed' Cc: security-basics () securityfocus com Subject: RE: CISSP Question
"I stand on the belief that you should not have to spend tons of money to prove your worth." PERFECT!!
Indeed. But it's an ideal, not real life. Forget the security Certs. Most of us are, in the job market and elsewhere, to some extent defined by our qualifications, from school level certifications to first and higher degrees, to all manner of vocational qualifications. And they nearly all cost money. Of course, we don't always spend our own money on them: I don't think I've ever spent my own money on a vocational qualification, or even . I realize that some people do (for instance, to break into an area where they aren't already working for someone who's prepared to help them with professional development) and I think it's unreasonable to suggest that they shouldn't commit money, time and effort into self-development. The point, though, is that most qualifications cost someone money, and some of them cost a lot more than CISSP, GIAC etc. But they're an attempt (however imperfect) to measure baseline ability by objective criteria. If you're saying that we should assess others purely by our own instincts and abandon all attempts to assess objectively, you must have more faith in the human race than I do. As for the cost issues, let's remember that it's not cheap to implement certs, supply training for them, design and implement testing, and so on. In other words, certifying bodies don't work for free, though not all are for-profit and keep costs down by using certified volunteers, for example. Mr Simmons, I don't use those letters after my name to "prove" that I'm "important next to others". I use them (sometimes) because some customers, publishers etc. find it reassuring that I've signed up to a baseline level of professional development and ethical standards in the field in which I work. It helps that unlike most of the vocational certs I've picked up over the years, they compress to an acronym that doesn't bloat my signature. Since I am not "validated" by an impressive job title or affiliation with a major corporation, they give a very, very slight indication of where I am in the foodchain. But they don't prove I'm not an idiot. :) -- David Harley CISSP, Small Blue-Green World Security Author/Editor/Consultant/Researcher AVIEN Guide to Malware: http://www.smallblue-greenworld.co.uk/pages/avienguide.html Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html This e-mail and any files transmitted with it are confidential and are intended solely for the use of the individual or entity to whom they are addressed. If you are NOT the intended recipient or the person responsible for delivering the e-mail to the intended recipient, be advised that you have received this e-mail in error and that any use, dissemination, forwarding, printing or copying this e-mail is strictly prohibited.
Current thread:
- RE: CISSP Question, (continued)
- RE: CISSP Question April Carson (May 10)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question April Carson (May 10)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question David Gillett (May 10)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question Eric Zatko (May 10)
- RE: CISSP Question Ruiz, Michael S. (Security) (May 10)
- RE: CISSP Question David Gillett (May 10)
- RE: CISSP Question Craig Wright (May 10)
- RE: CISSP Question April Carson (May 10)
- RE: CISSP Question Simmons, James (May 10)
- RE: CISSP Question David Harley (May 11)
- RE: CISSP Question Simmons, James (May 14)
- RE: CISSP Question David Harley (May 14)
- RE: CISSP Question Craig Wright (May 14)
- RE: CISSP Question Simmons, James (May 15)
- RE: CISSP Question David Harley (May 15)
- RE: CISSP Question Simmons, James (May 15)
- Re: CISSP Question Florian Rommel (May 15)
- RE: CISSP Question David Harley (May 16)