Re: GIAC Dilution

["Michael Bartha" <mlbartha () cox net>]

All,
 First off let me say I have no certifications other than my military 
classifications, NECs in Navy speak.  I am an Information Systems Technician 
and my sub-specialties are LAN Administration and Network Security and 
Vulnerabilities Technician.  I have never pursued a cert because I felt it 
was chasing paper (MS certs).  I have 23 years experience in all facets of 
computer operation, programmer and software engineering, hardware, networks, 
LANs and WANs, crypto., information security..... you get the idea.  I also 
have earned a BS in Computer Science and will completed my MS in Networking 
and Communications this year, all on active duty.  My duty stations include 
Aircraft Carriers, Amphibious Assault ship, forward deployed command and 
control ships, large staffs, training and implementation, and an exchange 
billet with the Belgian Navy teaching people to hunt mines.
 Enough of my CV..... I have read many of your papers and they are quite 
good.  I have also meet Dr Cole and I am a true believer in SANS.  All I can 
say about the GIAC cert is have faith in the process.  Even if the process 
changes, nothing is being taken away from you all.  You have published 
papers and that is something to proud of.  Keep publishing and posting to 
SANS no matter the cert process.  As far as the perceived dilution, I don't 
see it.  You still must master the presented material and prove this in some 
way.  I also present this, I have to write at least two 20 page projects and 
make several smaller presentations every term.  My dissertation is expected 
to be no less than 70 pages of my work and will more than likely be about 
100.  The only thing is a grade.  To prove I am not comparing apples to 
oranges, look and the Mary Washington University Grad Certificate in 
Information Assurance.  The classes are SANS online courses and each one is 
one class.
 Have a little faith in the process, and think of this as shift to get more 
people involved.  I believe our mission as professionals is to make our 
networks as secure as possible and the more people onboard the easier it is 
for all of us.  I feel that no matter what SANS does, the process will be 
credible and challenging enough to keep out the quick easy dollar braindump 
wannabee newbies and will remain a professional technical certification. 
After my MS is complete, I will continue to pursue GIAC certification and to 
keep myself as sharp and informed as possible,  my users deserve nothing 
less.
 These are my personal thoughts and opinions submitted respectfully for 
your consideration.  Thank you.

V/r

Mike Bartha
Chief Petty Officer, United States Navy
Va Beach

----- Original Message ----- 
From: "Daniel Miessler" <daniel () dmiessler com>
To: "Aman Raheja" <araheja () techquotes com>
Cc: <security-basics () securityfocus com>
Sent: Saturday, March 26, 2005 5:01 AM
Subject: Re: GIAC Dilution


> On Mar 24, 2005, at 9:39 AM, Aman Raheja wrote:
>
> > GIAC will probably becaome equivalent to the Security+.
>
> Not a chance, guy. Despite the dropping of the practical (which I'm not a 
> fan of), the technical tests (plural) for the GSEC were still *very* 
> difficult compared to CISSP, Security+, MCSE, or any other test I have 
> taken. The stuff was quite technical and those without a strong background 
> will not do well on the tests as they exist today.
>
> >  I am not sure how they match up on content or level of knowledge 
> > required.
>
> It's fairly stout stuff. Think CISSP, but technical.
>
> I think SANS will keep a decent degree of respect in the certification 
> arena, just not as much as when they had the practical requirement. That's 
> my hope anyway...
>
> --
> Daniel Miessler, CISSP, GSEC
> Email: daniel () dmiessler com
> Web: http://dmiessler.com
> GPG Key ID: 316BC712