Full Disclosure mailing list archives
Re: [ok] Certifications
From: Scott Renna <srenna () vdbmusic com>
Date: Mon, 22 Nov 2004 09:47:59 -0500
I would agree with these statements as well. I'm carrying 2 GIACs(GCIA and GCIH) as well as CISSP. I feel that the CISSP is a very broad general overview of the concepts of security; however, there are far too many unqualified people attending boot camps and passing the examination. The CISSP definitely helped get me in the door for jobs, but if you want some really technical meaty stuff that requires study and talent, I would recommend pursuing the GIACs. Each one of them requires that the candidate write a paper and if that passes, you get to take the exams. This way of testing ensures that the student has not just spent time memorizing things like HIPAA enforcement. It's a rough journey, but you'll learn alot pursuing a GIAC.
Scott Renna CISSP, GCIA, GCIH, CCNA, CCDA Curt Purdy wrote:
Paul wrote:While I gotta agree that experience is what counts, what (if any) specialist certs should a tertiary student, with a special interest in security, use to underpin their prac?P.S. If I'm too ignorant to warrant a civil answer, like being told to go to the movies, my apologies in advance so no flame needed.Not everyone on this list are crude brainless kiddies Paul (though too many are ;) Having said that, let me address your main point. With a number of letters behind my name (will have to drop the CCDA to accommodate my upcoming GSNA), I feel qualified to answer your question. For some reason the CISSP is considered one of the most prestigious certs. I describe it as a river a mile wide and 6 inches deep. However, I found it relatively easy to obtain with no schooling required, as were all my other certs, except for the GSEC that required an 8x12-hour day intensive SANS class (in my case complemented with a co-ordinated national meeting of military IS people and keynote by Richard Clarke, who I respect very much). I tell people that you come out of that either scared to death or with a brain, two hat-sizes bigger. Most GIAC certs are very technical in nature. I describe them as being a quarter-mile wide and 20 feet deep. Although I passed the GSEC on first try, the test was much more difficult than the CISSP. That is why I decided to pursue my GSNA as opposed to a CISA. And in that one 6-day class, I shoe-horned enough stuff in my brain to keep me busy for months. Well worth the money. My .02 Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA Information Security Engineer DP Solutions ----------------------------------------If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity adviser Richard Clarke_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Certifications Paul (Nov 22)
- RE: [ok] Certifications Curt Purdy (Nov 22)
- Re: [ok] Certifications Scott Renna (Nov 22)
- RE: [ok] Certifications Clement Dupuis (Nov 22)
- Re: [ok] Certifications Anders Langworthy (Nov 22)
- Re: [ok] Certifications Scott Renna (Nov 22)
- Re: [ok] Certifications Valdis . Kletnieks (Nov 22)
- Re: [ok] Certifications Scott Renna (Nov 22)
- RE: [ok] Certifications Curt Purdy (Nov 22)
- RE: Certifications pingywon MCSE (Nov 22)
- Re: Certifications Scott Renna (Nov 22)
- RE: Certifications Clement Dupuis (Nov 22)
- RE: Certifications pingywon MCSE (Nov 22)
- RE: Certifications Ron DuFresne (Nov 22)
- Re: Certifications Scott Renna (Nov 22)
- <Possible follow-ups>
- Re: Certifications Scott Renna (Nov 22)