Firewall Wizards mailing list archives
RE: Certification (was Re:Vulnerability Response)
From: Yinal Ozkan <Yinal.Ozkan () Integralis Com>
Date: Wed, 16 Jun 2004 01:03:49 -0400
Not the certification but the technical tests are very useful to determine what people "don't" know. I strongly believe in the tests, where the test takers answers are visible to the evaluators. Instead of a pass/fail score, individual answers for specific questions will clearly show the technical expertise of the test taker. The idea is same as the technical interviews. But tests are closer to real life since a- Time is limited b- Open book c- Options are visible d- results are quantifiable Implementing regular tests for the technical stuff will increase the quality (as well as the tension). Again, tests are very good to find out what people don't know. (which is a kind of knowledge level). But they do not measure the upper limits.. Certifications on the other hand show one thing clearly. The person with the certification has some sort of dedication. Either time or money, something was spent on that title. A certification is a proof that the holder has eager to go further. cheers, - yinal ozkan -----Original Message----- From: Don Parker [mailto:dparker () rigelksecurity com] Sent: Monday, June 14, 2004 12:24 PM To: Laura Taylor; 'Gwendolynn ferch Elydyr'; 'Margles Singleton' Cc: firewall-wizards () honor icsalabs com Subject: RE: Certification (was Re:[fw-wiz] Vulnerability Response) The problem with certification is that many times that is the only thing that HR pesonnel have to go by. So and so cert must mean that a person knows what they are talking about. While this is sometimes true it is not a hard and fast rule. Laura is also quite correct in that people skills are also very much important. Too often people with computer skills are a little too arrogant for their own good. Not a good plan is making management feeling like dummies. In an ideal world there would only be technical interviews and no need of certs, however that is not the case. Cheers, Don ------------------------------------------- Don Parker, GCIA Intrusion Detection Specialist Rigel Kent Security & Advisory Services Inc www.rigelksecurity.com ph :613.233.HACK fax:613.233.1788 toll: 1-877-777-H8CK -------------------------------------------- On Jun 12, "Laura Taylor" <ltaylor () relevanttechnologies com> wrote: Certification is only a qualifier of technical skills. From my experience, there is always an obvious solution for the technical problems. The people problems are much more difficult to solve, and only years of experience polishes up a person's people skills. Typically what separates junior level folks from senior level, or executive level, folks is more often not their technical skills, but their people skills -- at least in my opinion. Laura Taylor Relevant Technologies, Inc. www.relevanttechnologies.com -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Gwendolynn ferch Elydyr Sent: Friday, June 04, 2004 4:24 PM To: Margles Singleton Cc: firewall-wizards () honor icsalabs com Subject: Certification (was Re:[fw-wiz] Vulnerability Response) On Thu, 3 Jun 2004, Margles Singleton wrote:
Something I noticed, however: the SANS conferences draw a large crowd -
but
a very small percentage of those attending ever certify. I think this demonstrates that old saw: "You can lead a horse to water, but you can't make him think...."
I disagree. There's a difference between learning and certification. It's disingenious [although lucrative] to confused the two. Looking at the costs involved in certification, before addressing the question of the value of certification: Trolling through the SANS web pages, it looks like the course fees vary from ~$600 per tutorial, up to ~$900, if you register late. The GIAC certification is a mere $250 -per certification- with the SANS training - $450 -per cert- without SANS training [all in USD, of course]. Recertification [which is required every two years] is $120 [but will cover all the exams that you take]. The CISSP exam appears to be $450 USD - review courses all appear to be in the $2000+ USD range [~$2500 USD on average]. This is before you factor in travel, lodgings, and meals. If you can persuade your company that training you is valuable, and not likely to lead to your immediate departure for greener fields, that's definitely a bonus. Otherwise, you're looking at significant out-of-pocket costs unless you elect to challenge the exams [and even then you're looking at $450+ per exam] - not to mention time away from work, and travel costs if you don't live in a major metropolitan area. Moving on to the merits of certification, there's also the question of whether a certification actually says anything at all about your retained knowledge and ability, rather than your ability to cram and regurgitate enough information to pass an exam. I rather suspect that most of us succeeded in passing exams in high school and college/university that we'd be hard pressed to fathom today. That said, those letters are a quick way to get through the HR filters. cheers! ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com <a href='http://honor.icsalabs.com/mailman/listinfo/firewall- wizards'>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards</a> _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com <a href='http://honor.icsalabs.com/mailman/listinfo/firewall- wizards'>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards</a> _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards Please note that: 1. This e-mail may constitute privileged information. If you are not the intended recipient, you have received this confidential email and any attachments transmitted with it in error and you must not disclose, copy, circulate or in any other way use or rely on this information. 2. E-mails to and from the company are monitored for operational reasons and in accordance with lawful business practices. 3. The contents of this email are those of the individual and do not necessarily represent the views of the company. 4. The company does not conclude contracts by email and all negotiations are subject to contract. 5. The company accepts no responsibility once an e-mail and any attachments is sent. http://www.integralis.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Certification (was Re:Vulnerability Response) Don Parker (Jun 14)
- <Possible follow-ups>
- RE: Certification (was Re:Vulnerability Response) Crissup, John (MBNP is) (Jun 16)
- RE: Certification (was Re:Vulnerability Response) Yinal Ozkan (Jun 16)
- Re: Certification (was Re:Vulnerability Response) Devdas Bhagat (Jun 17)
- RE: Certification (was Re:Vulnerability Response) DRISCOLL, ROBERT (Jun 18)