Security Basics mailing list archives
Re: Seeking views on importance of certification
From: Irwan Hadi <irwanhadi () phxby com>
Date: Mon, 16 Feb 2004 18:52:57 -0700
On Mon, Feb 16, 2004 at 10:17:29AM -0900, Ed Spencer wrote:
With most certification you'll find a number of years pass before they are recognized readily by the HR departments at most companies and it really 'catches on'. I found this to be true of the A+ certification when it was originally introduced in the early 90's. It was 3-4 years before anyone ever asked me if I had the certification at all. Having already surpassed the intial hurdle of getting a degree, certification is a good road to start down to increase your chances of meeting a 'hiring criteria checklist' used by many HR departments. With your desire to move into the security area I'd start with Security+. Even though it's a new certification and unlikely to appear as a 'requirement' for a job, it will give you a good start on security certification by providing an introduction to the types of questions you'll experience on other tests. From there I'd look at SSCP (https://www.isc2.org/cgi/content.cgi?category=20), the CISSP's lesser cousin also offered by ISC2. If you don't have the requisite experience for this certification I'd consider vendor specific certification like Microsoft's MCSA:Security (http://www.microsoft.com/learning/mcp/mcsa/security/windows2000.asp) as well as other vendor-neutral certification like RSA's SCNP/SCNA (http://www.securitycertified.net/) or GIAC's GSE (http://www.giac.org/).
SCNP is actually an interesting case... If you do a whois lookup for securitycertified.net, you get: Registrant: PETERSON, WARREN (SECURITYCERTIFIED2-DOM) Following the book, Very good, IL 31337 US Domain Name: SECURITYCERTIFIED.NET Administrative Contact: PETERSON, WARREN (WPL51) GoAway () YouDidALookup Net Following the book, Very good, IL 31337 US 123-453-1337 fax: 123 123 1234 Technical Contact: Network Solutions, Inc. (HOST-ORG) customerservice () networksolutions com 13200 Woodland Park Drive Herndon, VA 20171-3025 US 1-888-642-9675 fax: 571-434-4620 Record expires on 06-Oct-2007. Record created on 06-Oct-2000. Database last updated on 16-Feb-2004 20:48:42 EST. Domain servers in listed order: NS.APOLLOHOSTING.COM 216.147.43.193 NS2.APOLLOHOSTING.COM 216.147.1.144 [phxby@phxby tmp]$ now if you do a lookup for 'youdidalookup.net' [phxby@phxby tmp]$ whois youdidalookup.net Whois Server Version 1.3 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. No match for "YOUDIDALOOKUP.NET".
Last update of whois database: Mon, 16 Feb 2004 18:55:01 EST <<<
why it seems to me that it is very easy to hijack this securitycertified.net domain name since you can own the administrative address for this domain? Honestly, I wouldn't consider to take any certification from a vendor that looks silly like this, and the certification that this vendor offers is a 'security' certification?! --------------------------------------------------------------------------- Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection Protect your network with the comprehensive security solution that integrates six applications for ease of use and lower TCO. Firewall - Virus protection - Spam protection - URL blocking - VPN - Wireless security. Download 30-day evaluation at: http://www.astaro.com/php/contact/securityfocus.php ----------------------------------------------------------------------------
Current thread:
- Seeking views on importance of certification Chintan J. Shah (Feb 16)
- RE: Seeking views on importance of certification Ed Spencer (Feb 16)
- Re: Seeking views on importance of certification Steve (Feb 17)
- Re: Seeking views on importance of certification Irwan Hadi (Feb 17)
- RE: Seeking views on importance of certification Aditya, ALD [Aditya Lalit Deshmukh] (Feb 17)
- RE: Seeking views on importance of certification Ed Spencer (Feb 16)