Re: University plan

[Dan Crowley <dcrowley () coresecurity com>]

What I chose to do when pursuing an infosec career was to pick a broad
degree that would provide me a baseline level of knowledge about a range
of different technologies. My alma mater, Wentworth Institute of
Technology, provides a "Computer Network and Information Systems" degree
path (to which they recently added a "Security" concentration) which is
fairly broad.

Not that I necessarily recommend Wentworth, when I was there I could
count on them making some form of clerical error at least once a
semester which I was mantled with resolving. Then again, most
universities are disorganized, so it may be the case wherever you go...

Back from my tangent, I think you need to understand a system before you
can subvert it, so an understanding of a broad range of different
systems has been very valuable to me in my infosec career.

Cheers,
--
Daniel Crowley, CICP, GCIH
Technical Specialist
Core Security Technologies
Direct: +1 (617) 695-1151
Fax: +1 (617) 399-6987

"All the forces in the world are not so powerful as an idea whose time
has come." - Victor Hugo


On 10/19/2010 7:51 AM, Charlton, Ceri (CSS) wrote:
> Hi Kalgecin,
>
> Further to Andrew's comments below, as a graduate of Glamorgan's
> Computer Security MSc program, I can confirm that the quality of
> teaching and choice of subject matter there is excellent. The courses
> are structured to give you breadth of subjects early on, so you get a
> working knowledge of most facets of security and then allow further
> specialization once you've worked out what you're particularly
> interested in. The teaching does involve practical exercises with
> real-world tools. As someone now working in the industry, I use what I
> learnt at Glamorgan on a daily basis. 
>
> Wherever you choose to go, ensure that they have good links with
> industry and that focus their syllabus around what employers are asking
> for. I have seen people entering the marketplace who have huge gaps in
> their skillsets, due to this lack of dialogue between academia (at
> certain institutes) and the business world.
>
> Regards,
>
> Ceri
>
>
> --------------------------------------
>
> The real answer to the question is "and what do you want as a career in
> the information security space ?". if you are interested in penetration
> testing then I would suggest that you look at the University of
> Glamorgan and the BSc/MSc in Computer System Security and if you are
> interested in Computer Forensics then I would suggest that you look at
> the BSc/MSc in Computer Forensics at the University of Glamorgan.
>
> Sent from my iPad
>
> On 18 Sep 2010, at 04:09, "Alexander Chayka" <a.s.chayka () gmail com>
> wrote:
>
> > My recommendation:
> >
> > Find a good 4 year undergraduate school, they'll drill you harder.
> > You'll want to go for Computer Science or similar which should be in
> > the engineering field. Make sure it is ABET a credited. Make sure they
> > have a *nix lab for the CS students and they use it for homeworks and
> > projects in CS courses.
> >
> > My school was the above and did not teach Security at an undergraduate
> > level. You had to go for your Masters to do that. I'm sure a good
> > amount if not all schools are like that. My school did have one or two
> > undergrad classes in security, but I never got the chance.
> >
> > I would keep away from the for-profit schools that advertise (eg
> > DeVry, U of Phoenix, anything online). I've talked to some upcoming
> > graduates from DeVrys Bachelor program and they don't seem anyplace
> > near par on their understanding. But I'm probably biased on this (a
> > google search may help here)
> >
> > Once you understand the basic and fundamental theories (some people
> > may label some of these as "the boring stuff"), then the practical
> > stuff in any situation can be mastered and the more advanced ("fun")
> > stuff will come easier.
> >
> >
> > On Fri, Sep 17, 2010 at 11:32 AM, kalgecin <kalgecin () gmail com> wrote:
> > > hey guys,
> > > I'm in my final year of high school and I'm planning to go to
> > > university. As all people, I have trouble finding the right one ( or
> a
> > > good one ). So I'm asking you people to recommend any nice
> > > universities that teach good computer security, that is more
> practical
> > > than theoretical. Please also tell me to which university you
> attended
> > > and how was it? and any other general advice
> > >
> > > --
> > > Kalgecin
> > > http://code.google.com/p/kalgecin
> > > http://kalgecin.110mb.com
> > > http://kalgecin.110mb.com/forums
> > > http://kalgecin.blogspot.com
> ------------------------------------------------------------------------
> > > This list is sponsored by: Information Assurance Certification Review
> Board
> > > Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs require
> a full practical examination in order to become certified.
> > > http://www.iacertification.org
> ------------------------------------------------------------------------
> > >
> ------------------------------------------------------------------------
> > This list is sponsored by: Information Assurance Certification Review
> Board
> > Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs require
> a full practical examination in order to become certified. 
> > http://www.iacertification.org
> ------------------------------------------------------------------------
> >
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review
> Board
>
> Prove to peers and potential employers without a doubt that you can
> actually do a proper penetration test. IACRB CPT and CEPT certs require
> a full practical examination in order to become certified. 
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
>
> This email has been scanned for all viruses by the MessageLabs SkyScan
> service.
>
> This email and any attachment to it are confidential.  Unless you are the intended recipient, you may not use, copy 
> or disclose either the message or any information contained in the message. If you are not the intended recipient, 
> you should delete this email and notify the sender immediately.
>
> Any views or opinions expressed in this email are those of the sender only, unless otherwise stated.  All copyright 
> in any Capita material in this email is reserved.
>
> All emails, incoming and outgoing, may be recorded by Capita and monitored for legitimate business purposes. 
>
> Capita exclude all liability for any loss or damage arising or resulting from the receipt, use or transmission of 
> this email to the fullest extent permitted by law.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified. 
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------