Re: To go to University - For the CISSP etc. - Good idea/Bad idea???

[Aarón Mizrachi <unmanarc () gmail com>]

On Viernes 07 Agosto 2009 07:43:39 Leandro Quibem Magnabosco escribió:
> Adriel T. Desautels wrote:
> > Bill gates doesn't have a degree.
> >
> > On Aug 6, 2009, at 3:11 PM, James Copeland wrote:
>
> Neither does the president of Brazil, for instance.
> But how many of those cases you know or heard of?
>
> They are exceptions, not a rule.
I'm not sure about that... I hold a P.E. Degree in Computer Science. But, I've 
seen a lot of undergraduate people working very well on infosec. Moreover, i 
worked on infosec years ago before my graduation date. wasn't a big deal. And 
moreover, time ago (undergrad also) i established a company on infosec.

I mean, Is not a rare exception. 

> IMO, the best choice for someone who's really starting is NOT to get
> certified on anything right away.
> First you have to decide what you love because (again, IMO) any tech job
> is about love.
> If you don't love security you WILL NOT be a good professional at it.
> Honestly, I don't know a single security Professional that don't love
> what they do and most of them are self taught because of that love.
Agree.

> Study hard, get graduated and only then decide to what direction you
> want to follow.
> I always thought I wanted to be a programmer and now I work with
> networking and security and love it
The first succeed factor on Infosec is: "be skilled and love infosec".

A degree is preferred on works because you will understand many things that 
you won't learn on certifications, by the nature of the certifications of 
course; If you study for a certification you won't learn how to code a program 
or script, and moreover, in a penetration test, is needed to code some 
processes to be succeed. 

And, also maths and statistics are required sometimes. Some of statistics 
could help you to determine if some attack will be reliable or not. Therefore 
you will save time and money...

With a degree you will going to understand many things clearly: from coding, 
to system information theory and also maths (important!). But a degree is not 
a white card. Many "non skilled on security" people get a degree those days. A 
degree does not say anything about your skills on infosec. A certification, 
training and experience actually does.

My conclusion:

1- Skills and love infosec are required. 
2- Experience and training is required. _climb_
3- Degree is preferred to be a good professional and understand well 
everything.
4- Certification will say to others that you have the knowledge in a certain 
area (not the skills). You may have the knowledge, but the certification will 
say it to others.

----------------

> *Leandro Quibem Magnabosco
> Consultor de TI
> (48) 3251-5323
> *leandro.magnabosco () fcdl-sc org br
> <mailto:leandro.magnabosco () fcdl-sc org br>
> www.fcdl-sc.org.br <http://www.fcdl-sc.org.br>
> Rua: Rafael Bandeira, 41
> CEP. 88015-450  Florianópolis - SC
>
> "Este é um e-mail oriundo da Federação das Câmaras de Dirigentes
> Lojistas de Santa Catarina, e seu conteúdo é confidencial e destinado
> exclusivamente a seu(s) destinatário(s), não podendo ser copiado ou
> repassado,no todo ou em parte, a terceiros. Se esta mensagem foi-lhe
> enviada por engano, pedimos o obséquio de entrar em contato conosco.
> This is an e-mail from the Federação das Câmaras de Dirigentes Lojistas
> de Santa Catarina and its contents are privileged and confidential to
> the ordinary user(s) of the e-mail address(es) to which it was
> addressed, and no one else may copy or forward all or any of it in any
> form. If this e-mail was sent to you in error, please contact us."
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs require a
> full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

-- 
Ing. Aaron G. Mizrachi P.    

http://www.unmanarc.com
Mobil 1: + 58 416-6143543
Mobil 2: + 58 424-2412503
BBPIN: 0x 247066C1

Attachment: signature.asc
Description: This is a digitally signed message part.