RE: Certification (was Re:Vulnerability Response)

["R. DuFresne" <dufresne () sysinfo com>]

On Sat, 12 Jun 2004, Laura Taylor wrote:

> Certification is only a qualifier of technical skills. 


This depends upon the certification, a CISSP is a management
certification, and reflectys little on the technical skills of the person
possessing.  They are far more common these days and of minimal use to the
technicall7y oriented except in getting aresume past HR/recruiters that
lack the ability yo actually determine and define skills in the technical
realm.  Not to mention that certifications is a sub-industry of the field
in and of itself and driven by pretty much stricktly monetary modifiers.

> From my experience,
> there is always an obvious solution for the technical problems. The people
> problems are much more difficult to solve, and only years of experience
> polishes up a person's people skills. 

This was once the case, buut, these days the market is blinded by the
whole certification sub-industry.  Try and get a resume lacking the three
letter syndrome past HR/recruiters these days and see how well you flly.

Useless anancronyms<sp?> mean more then experience r skills.  Course the
questions also remains, how far do recuriters and HR folks go in verifying
certification?  How about re-certification?  <as though these mean much
either>

> Typically what separates junior level
> folks from senior level, or executive level, folks is more often not their
> technical skills, but their people skills -- at least in my opinion.

Yes, the more junior the tech, the closer they tend to be to the enduser
level, and they tend to have better people skills, mgt and level 1 support
often has forgotten what they once knew and used as a skill.

Thanks,

Ron DuFresne


> -----Original Message-----
> From: firewall-wizards-admin () honor icsalabs com
> [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of
> Gwendolynn ferch Elydyr
> Sent: Friday, June 04, 2004 4:24 PM
> To: Margles Singleton
> Cc: firewall-wizards () honor icsalabs com
> Subject: Certification (was Re:[fw-wiz] Vulnerability Response)
>
>
> On Thu, 3 Jun 2004, Margles Singleton wrote:
> > Something I noticed, however:  the SANS conferences draw a large crowd -
> but
> > a very small percentage of those attending ever certify.  I think this
> > demonstrates that old saw:  "You can lead a horse to water, but you can't
> > make him think...."
>
> I disagree.  There's a difference between learning and certification. It's
> disingenious [although lucrative] to confused the two.
>
> Looking at the costs involved in certification, before addressing the
> question of the value of certification:
>
>       Trolling through the SANS web pages, it looks like the course
>       fees vary from ~$600 per tutorial, up to ~$900, if you register
>       late.
>
>       The GIAC certification is a mere $250 -per certification- with
>       the SANS training - $450 -per cert-  without SANS training [all in
>       USD, of course].  Recertification [which is required every two years]
>       is $120 [but will cover all the exams that you take].
>
>       The CISSP exam appears to be $450 USD - review courses all appear
>       to be in the $2000+ USD range [~$2500 USD on average].
>
> This is before you factor in travel, lodgings, and meals.
>
> If you can persuade your company that training you is valuable, and not
> likely to lead to your immediate departure for greener fields, that's
> definitely a bonus.
>
> Otherwise, you're looking at significant out-of-pocket costs unless you
> elect to challenge the exams [and even then you're looking at $450+ per
> exam] - not to mention time away from work, and travel costs if you
> don't live in a major metropolitan area.
>
> Moving on to the merits of certification, there's also the question of
> whether a certification actually says anything at all about your retained
> knowledge and ability, rather than your ability to cram and regurgitate
> enough information to pass an exam.
>
> I rather suspect that most of us succeeded in passing exams in high
> school and college/university that we'd be hard pressed to fathom today.
>
> That said, those letters are a quick way to get through the HR filters.
>
> cheers!
> ==========================================================================
> "A cat spends her life conflicted between a deep, passionate and profound
> desire for fish and an equally deep, passionate and profound desire to
> avoid getting wet.  This is the defining metaphor of my life right now."
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards () honor icsalabs com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior security consultant:  sysinfo.com
                        http://sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards