Re: [Full-disclosure] Path to IT Security

[bk <chort0@xxxxxxxxx>]

On Jan 18, 2011, at 8:10 AM, Emmanuel Apreko wrote:

> After researching i found out that the most prestigious security 
> certification is the CISSP and it seems like a very long journey to it since 
> i have no experience in it at all but need to get my foot in.

Any certificate that is a based on a multiple-choice test is basically testing 
your ability to memorize and recall, not your actual competence in a field.

> Could anyone please advise me on the best path to being a security 
> professional? ie from beginner to pro? 
> 
> All advise will be well appreciated.

Go to conferences (small local ones, not the big expensive ones), start 
following InfoSec people on Twitter, read InfoSec blogs.  You'll learn more 
doing those than from all the certificates combine.

Once you have a knowledge, then study for a cert if you think you need it to 
get a job.  It should be pretty easy, since you'll be familiar with most of the 
ideas already.

I got a certificate to get past HR and because it looks pretentious on a 
business card.  It wasn't worth the hassle of submitting paperwork and paying 
dues to continue having it, so I let it lapse.  I haven't had any problem 
getting a job since then.

--
bk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/