Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: [ok] Certifications
From: "Curt Purdy" <purdy () tecman com>
Date: Mon, 22 Nov 2004 06:37:47 -0600

Paul wrote:
While I gotta agree that experience is what counts, what (if 
any) specialist certs should a tertiary student, with a 
special interest in security, use to underpin their prac?

P.S. If I'm too ignorant to warrant a civil answer, like 
being told to go to the movies, my apologies in advance so no 
flame needed.

Not everyone on this list are crude brainless kiddies Paul (though too many
are ;) Having said that, let me address your main point.  With a number of
letters behind my name (will have to drop the CCDA to accommodate my
upcoming GSNA), I feel qualified to answer your question.

For some reason the CISSP is considered one of the most prestigious certs.
I describe it as a river a mile wide and 6 inches deep.  However, I found it
relatively easy to obtain with no schooling required, as were all my other
certs, except for the GSEC that required an 8x12-hour day intensive SANS
class (in my case complemented with a co-ordinated national meeting of
military IS people and keynote by Richard Clarke, who I respect very much).
I tell people that you come out of that either scared to death or with a
brain, two hat-sizes bigger.

Most GIAC certs are very technical in nature. I describe them as being a
quarter-mile wide and 20 feet deep. Although I passed the GSEC on first try,
the test was much more difficult than the CISSP. That is why I decided to
pursue my GSNA as opposed to a CISA.  And in that one 6-day class, I
shoe-horned enough stuff in my brain to keep me busy for months.  Well worth
the money.

My .02

Information Security Engineer
DP Solutions


If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke 

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]