mailing list archives
Re: Re: The Value of GIAC/GSEC Certification
From: hannawi () gmail com
Date: 20 Mar 2007 10:33:09 -0000
I wanted to add a clarification on Florian's comment about cissp vs giac..
I think the comparison is all wrong.. CISSP is for people who need a framework and in the field of information
security, it does indeed provide a a high level understanding in my opinion.
The reason I say that is the following:
I am an IT aduitor with a big four, basically I audit computer controls on general level, and sometime will dig deep in
specific areas. So anyho, when i applied for the CISSP, I studied for 3 days, and only read the first 4 of 10 chapters,
a combined effort of no more then 15 hours, and I passed with grace :).. ON the Other hand, I know for a fact I cannot
and will not pass any GIAC certification. GIAC is for people who have been or want to be specialized in a specific
areas, i.e. unix security... OR ETC... whereas cissp is for the general practicioner, its knowldge is easy to pick up
through common sense and practice.. whereas with GIAC you have to be dedicated to the specifc area ..
Furthermore florian, if the students attending the course were weak, it does not necessarily mean they passed :-)