Full Disclosure mailing list archives
Re: Certifications
From: Scott Renna <srenna () vdbmusic com>
Date: Mon, 22 Nov 2004 14:49:06 -0500
Most recruiters don't even know what GIAC is. The ones that do are the ones I talk to.
Clement Dupuis wrote:
One of the big problems is the marketing behind some of the certification and the way people interpret what they are. A certification like the CISSP is NOT an in depth certification. Let's face it, you need to have 3 years experience plus a degree in one or more of the 10 domains of expertise and this does not have to be continuous experience. If you do not have a degree, you then need 4 years. This means that someone who has been doing strictly doing physical security for 4 years is allowed and entitled to sit for the exam. If he studies adequately and prepare himself, there are good chances that he can axe the exam with 6 months of thorough studies. Does this makes him a security expert: NO Does this improve his general knowledge of security and make him more aware that there is more than physical security to contribute to the overall security of his company: YES. A few letters behind your name will not get you those HIGH paying jobs that unscrupulous people often promise. Experience and a proven track record in the field will. I think there should be a certification about understanding certifications given to head hunters and recruiters out there. They would understand that you do not have to ask for a CISSP to manage your firewall. They would understand that an MCSE is not required to do Linux Security. Something it is hilarious to see their job posting and what they are asking for. Clement -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Scott Renna Sent: Monday, November 22, 2004 12:37 PM To: pingywon MCSE Cc: 'Paul'; full-disclosure () lists netsys com Subject: Re: [Full-disclosure] CertificationsI try to be considerate and leave our industry open to all, but bootcampers I have met....sheeesh, you may as well just had over the keys to the castle. In many cases, they think they know what they are doing and weaken the security overall of the network. i deal with this daily with my "higher-ups"Honestly, it kind of makes me sad that I have a CISSP as I've recently met several supposed Security Experts that have those 5 letters attached to their name and know NOTHING.That's why I recommend GIACs. GIACs actually demonstrate you know what you are talking aboutpingywon MCSE wrote:Well this is one area I have dealt with too many times. For anyone who has spent anytime on the MS cert new groups you all know what im talkingabout.People who are already employed in IT with out any certs are the firstsonesto say how worthless they are and how everyone who has them "justmemorized"a bunch of questions.People who have some certs - and might only be in the position they are intoday due largely to some certs would tend to disagree.I have also worked for one of these "boot camp" schools (for a total of about 3 months-shame on me) The inherent problem is that while the "boot camps" do serve their purpose to people who need brushing up to gain some certs - people that alreadyhavea solid base to build upon - those aren't the people that go to boot camps.It doesn't matter if it is a 2 week boot camp or a 6 month one. The people that go to these boot camps are roofers and constructionworkerswho want a way out of their current employment situation. While that isallwell and good these people do not make the best candidates for IT work(withno background knowledge) and the boot camps don't care (no matter if itsMSer cisco boot camps) They just want their $$ ......like cattle I suppose. Has this brought down the "bar" on what a cert means? ...it sure has Does it mean everyone with certs doesn't know anything? Not at all Most employers take certs for granted..And now they are EXPECTED - before the cert use to be a distinguishing mark, now it is given ~pingywon MCSE http://www.pingywon.com -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Paul Sent: Monday, November 22, 2004 02:57 To: full-disclosure () lists netsys com Subject: [Full-disclosure] Certifications While I gotta agree that experience is what counts, what (if any) specialist certs should a tertiary student, with a special interest in security, use to underpin their prac? P.S. If I'm too ignorant to warrant a civil answer, like being told to go to the movies, my apologies in advance so no flame needed. ===== one step at a time... Find local movie times and trailers on Yahoo! Movies. http://au.movies.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.797 / Virus Database: 541 - Release Date: 11/15/2004 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.797 / Virus Database: 541 - Release Date: 11/15/2004 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: [ok] Certifications, (continued)
- Re: [ok] Certifications Scott Renna (Nov 22)
- RE: [ok] Certifications Clement Dupuis (Nov 22)
- Re: [ok] Certifications Anders Langworthy (Nov 22)
- Re: [ok] Certifications Scott Renna (Nov 22)
- Re: [ok] Certifications Valdis . Kletnieks (Nov 22)
- Re: [ok] Certifications Scott Renna (Nov 22)
- RE: Certifications pingywon MCSE (Nov 22)
- Re: Certifications Scott Renna (Nov 22)
- RE: Certifications Clement Dupuis (Nov 22)
- RE: Certifications pingywon MCSE (Nov 22)
- RE: Certifications Ron DuFresne (Nov 22)
- Re: Certifications Scott Renna (Nov 22)