RE: advice

[Joey Peloquin <jpelo1 () jcpenney com>]

->Experience and Certification needs work together in my mind.

I agree with this 100 percent.  Heck, I had five years of experience working
with NT4 before I got my MCSE, but few employers took me "seriously", or
were "beating down my door", so to speak, until I had those four letters
after my name.

I also agree that 80% is definitely exaggerrated, but you have to admit,
there are a ton of MCSEs out there that don't have a clue.

My wife was bitten with the "I'm going to become an MCSE and make lots of
money" bug.  She paid $8500.00 for a course, passed all the tests, and she
is _still_ an executive admin assistant.  She correctly made the decision
that although she holds an MCSE, she doesn't know the first thing about
supporting or securing a Windows network.

[Note:] Copied to security-basics due to relevance.

Joey Peloquin

->-----Original Message-----
->From: Sérgio Dias [mailto:stdiasp () uol com br]
->Sent: Tuesday, January 06, 2004 4:12 PM
->To: 'Joey Peloquin'
->Subject: RE: advice
->
->
->Joe,
->
->In Brazil we Have problems with this too, but 80% or more??
->
->Sorry, I think it's very wrong.
->
->The point is not only the certification, but also the
->knowledge n technologies. I'm a Proxy Server 2.0 Certified,
->but I don't remember the last time I work with this product.
->If I have problems and delay to solve problems with this
->product, I'm a bad Certified Professional. But if the problem
->is with ISA Sever, the solution maybe came quickly, because
->all info is fresh.
->
->Experience and Certification needs work together in my mind.
->
->Sérgio Dias
->MCSE: Security; MCSA: Security
->-----Original Message-----
->From: Joey Peloquin [mailto:jpelo1 () jcpenney com]
->Sent: terça-feira, 6 de janeiro de 2004 14:37
->To: Nat.Hague () omigroup com; JMclaughlin () springsgov com;
->ikampa () enst fr; security-basics () securityfocus com
->Subject: RE: advice
->
->->In my opinion; if you have acheived an MCSE alone it is a
->->foundation certificate to prove you can learn and have
->->learnt. Once this is coupled with practical experienced, and
->
->All due respect, Nat...
->
->IMO, the MCSE has not been a credible certification
->demonstrating anything other than a person can memorize
->questions and answers since the formation of cramsession.com, et al.
->
->Certainly there are people that actually _learn_ the
->material, but I'll be d*mned if I ever get to work with them.
-> 80% or more of the MCSEs I have known couldn't resolve an
->incident if their life depended on it.
->
->List archives are full of trivial questions from these MCSEs,
->who could have found their own answers, if they knew how to
->utilize the wealth of resources on the 'net for anything
->other than finding the latest and greatest braindump.
->
->Joey Peloquin
->
->->-----Original Message-----
->->From: Nat.Hague () omigroup com [mailto:Nat.Hague () omigroup com]
->->Sent: Tuesday, January 06, 2004 4:39 AM
->->To: JMclaughlin () springsgov com; ikampa () enst fr;
->->security-basics () securityfocus com
->->Subject: RE: advice
->->
->->
->->In my opinion; if you have acheived an MCSE alone it is a
->->foundation certificate to prove you can learn and have
->->learnt. Once this is coupled with practical experienced, and
->->another certification it shows a good understanding of your
->->trade. The same could be said for any single certification.
->->As you do not expand on why you do not like MCSE It is
->->difficult to argue a case, however; as the MCSE is so widely
->->accepted, and successful, and as you seem to have a great
->->belief that you know it all, I would say do it. From my
->->personal experience I would say, if you are doing the job and
->->can 'apply learning' the exams are purely a formality. Couple
->->with any other certification, I would say it is a 'must'
->->unless you are a Linux guru and are marketing yourself
->->towards that platform.
->->
->->regards
->->
->->Nat
->->
->->-----Original Message-----
->->From: Jeff McLaughlin [mailto:JMclaughlin () springsgov com]
->->Sent: Friday, January 02, 2004 10:13 PM
->->To: 'John Kampanellis'; security-basics () securityfocus com
->->Subject: RE: advice
->->
->->
->->IMHO,
->->
->->Network Security will rely on your ability to be proficient
->->in many disciplines. To secure your network it is very
->->helpful to understand what is running on it and how it runs
->->on it.  Network security crosses all boundaries and being
->->effective means you have a working knowledge of networks and
->->the apps/OS that run on them.  You need breadth as well as depth.
->->
->->Understand that although helpful, it is not a good idea to
->->learn the material with the goal of just passing a test.
->->Your goal should be a through knowledge of the subject which
->->should allow you to then pass the test.
->->
->->
->->A certification process you could follow could be.
->->
->->To demonstrate you understand the network environment.
->->CCNA (Network), MCP-Windows 2000 Server & Networks (OS),
->->Linux+ or other linux cert(OS), Security+ (or other basic
->->type security cert)
->->
->->To demonstrate you have depth.
->->CCNP or CCSP, MCSE or MCSP, CISSP (or other mid-level
->security cert),
->->
->->To be an  "expert"
->->
->->CCIE, RHSE, multiple certs in apps database, programming.
->->
->->HTH,
->->Jeff McLaughlin
->->MCSE,MCNE,CCNP,CSS,MCDBA,MCSD,Linux+,Infosec
->->
->->P.S.  I think I have a very good knowledge of networks
->->because of my MCSE certification.
->->
->->-----Original Message-----
->->From: John Kampanellis [mailto:ikampa () enst fr]
->->Sent: Friday, January 02, 2004 12:49 AM
->->To: security-basics () securityfocus com
->->Subject: advice
->->
->->Hi!
->->
->->I know my question has already been asked, but I think that
->->answers do not follow the rule one size fit all. What I would
->->like, is the chance to get as much as I can from the maturity
->->and experience of the people joinning this list.
->->
->->I come from Greece. I a holder of a diploma in Electrical and
->->Computer Engineering and I am about to finish my MSc in
->->System and Network Security, pursued in France. Considering,
->->that I am about to finish my internship, I have to thing what
->->to do next. I decided that a first step before entering the
->->market, could be to get a certificate. But which one?
->->
->->I am pationned with security and and I am very intersted in
->->networks. My opinion is that  being successful in the
->->security domain, requires from someone to have a very good
->->knowedge of networks and systems.So my questions are  the following:
->->
->->1)Should I get a certificate in networks , i.e. CCNA?
->->Since I have an MSc in security may be being certified in
->->networking is better. I believe that I know 70% of what CCNA
->->covers. However, may a certificate may help me at the
->->beginning of my carreer.
->->
->->2)Should I get a ceritificate in security and in that case
->->which one? I know some of you would recommend me certificates
->->such as:GIAC, CISSP, CSSP. However, the problem is that I
->->don't thing there are centers in Greece where I can get the
->->exams. The only one for which I have found a exam center is
->->"Security Certified Program (SCP)". What is your opinion about?
->->
->->3)My third option (which I don't like so much) is a Microsoft
->->Certificate such as MSSE. I am asking you, even though I
->->don't like this option so much. I don't thing that people in
->->Microsoft have real good knowledge about networking or security.
->->
->->Thanks in advance,
->->John
->->
->->
->->
->->--------------------------------------------------------------
->->-------------
->->--------------------------------------------------------------
->->--------------
->->
->->--------------------------------------------------------------
->->-------------
->->--------------------------------------------------------------
->->--------------
->->
->->______________________________________________________________
->->__________
->->This email has been scanned for all viruses by the
->->MessageLabs Email Security System. For more information on a
->->proactive email security service working around the clock,
->->around the globe, visit http://www.messagelabs.com
->->______________________________________________________________
->->__________
->->
->->--------------------------------------------------------------
->->-------------
->->Ethical Hacking at InfoSec Institute. Mention this ad and get
->->$720 off any
->->course! All of our class sizes are guaranteed to be 10
->->students or less.
->->We provide Ethical Hacking, Advanced Ethical Hacking,
->->Intrusion Prevention,
->->and many other technical hands on courses.
->->Visit us at http://www.infosecinstitute.com/securityfocus to
->->get $720 off
->->any course!
->->--------------------------------------------------------------
->->--------------
->->
->
->

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material.  If the reader of this message is not the intended recipient,
you are hereby notified that your access is unauthorized, and any review,
dissemination, distribution or copying of this message including any
attachments is strictly prohibited.   If you are not the intended
recipient, please contact the sender and delete the material from any
computer.

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------