[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ok] [Full-Disclosure] Certifications

To: "'Paul'" <onestepto@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [ok] [Full-Disclosure] Certifications
From: "Curt Purdy" <purdy@xxxxxxxxxx>
Date: Mon, 22 Nov 2004 06:37:47 -0600

Paul wrote:
> While I gotta agree that experience is what counts, what (if 
> any) specialist certs should a tertiary student, with a 
> special interest in security, use to underpin their prac?
> 
> P.S. If I'm too ignorant to warrant a civil answer, like 
> being told to go to the movies, my apologies in advance so no 
> flame needed.

Not everyone on this list are crude brainless kiddies Paul (though too many
are ;) Having said that, let me address your main point.  With a number of
letters behind my name (will have to drop the CCDA to accommodate my
upcoming GSNA), I feel qualified to answer your question.

For some reason the CISSP is considered one of the most prestigious certs.
I describe it as a river a mile wide and 6 inches deep.  However, I found it
relatively easy to obtain with no schooling required, as were all my other
certs, except for the GSEC that required an 8x12-hour day intensive SANS
class (in my case complemented with a co-ordinated national meeting of
military IS people and keynote by Richard Clarke, who I respect very much).
I tell people that you come out of that either scared to death or with a
brain, two hat-sizes bigger.

Most GIAC certs are very technical in nature. I describe them as being a
quarter-mile wide and 20 feet deep. Although I passed the GSEC on first try,
the test was much more difficult than the CISSP. That is why I decided to
pursue my GSNA as opposed to a CISA.  And in that one 6-day class, I
shoe-horned enough stuff in my brain to keep me busy for months.  Well worth
the money.

My .02

Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA
Information Security Engineer
DP Solutions

----------------------------------------

If you spend more on coffee than on IT security, you will be hacked. 
What's more, you deserve to be hacked.
-- former White House cybersecurity adviser Richard Clarke 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [ok] [Full-Disclosure] Certifications
  - From: Scott Renna

References:
- [Full-Disclosure] Certifications
  - From: Paul

Prev by Date: Re: [Full-Disclosure] Time Expiry Alogorithm??
Next by Date: [Full-Disclosure] security hole in german Telekom T-Sinus 111
Previous by thread: [Full-Disclosure] Certifications
Next by thread: Re: [ok] [Full-Disclosure] Certifications
Index(es):
- Date
- Thread