[<prev] [next>] [day] [month] [year] [list]
Message-ID: <41A242B2.4000909@vdbmusic.com>
From: srenna at vdbmusic.com (Scott Renna)
Subject: Certifications
Most recruiters don't even know what GIAC is. The ones that do are the
ones I talk to.
Clement Dupuis wrote:
> One of the big problems is the marketing behind some of the certification
> and the way people interpret what they are.
>
> A certification like the CISSP is NOT an in depth certification. Let's face
> it, you need to have 3 years experience plus a degree in one or more of the
> 10 domains of expertise and this does not have to be continuous experience.
> If you do not have a degree, you then need 4 years.
>
> This means that someone who has been doing strictly doing physical security
> for 4 years is allowed and entitled to sit for the exam. If he studies
> adequately and prepare himself, there are good chances that he can axe the
> exam with 6 months of thorough studies. Does this makes him a security
> expert: NO Does this improve his general knowledge of security and make him
> more aware that there is more than physical security to contribute to the
> overall security of his company: YES.
>
> A few letters behind your name will not get you those HIGH paying jobs that
> unscrupulous people often promise. Experience and a proven track record in
> the field will.
>
> I think there should be a certification about understanding certifications
> given to head hunters and recruiters out there. They would understand that
> you do not have to ask for a CISSP to manage your firewall. They would
> understand that an MCSE is not required to do Linux Security. Something it
> is hilarious to see their job posting and what they are asking for.
>
> Clement
>
>
>
>
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Scott Renna
> Sent: Monday, November 22, 2004 12:37 PM
> To: pingywon MCSE
> Cc: 'Paul'; full-disclosure@...ts.netsys.com
> Subject: Re: [Full-Disclosure] Certifications
>
> I try to be considerate and leave our industry open to all, but
> bootcampers I have met....sheeesh, you may as well just had over the
> keys to the castle. In many cases, they think they know what they are
> doing and weaken the security overall of the network. i deal with this
> daily with my "higher-ups"
>
> Honestly, it kind of makes me sad that I have a CISSP as I've recently
> met several supposed Security Experts that have those 5 letters attached
> to their name and know NOTHING.
>
> That's why I recommend GIACs. GIACs actually demonstrate you know what
> you are talking about
>
> pingywon MCSE wrote:
>
>>Well this is one area I have dealt with too many times. For anyone who has
>>spent anytime on the MS cert new groups you all know what im talking
>
> about.
>
>>People who are already employed in IT with out any certs are the firsts
>
> ones
>
>>to say how worthless they are and how everyone who has them "just
>
> memorized"
>
>>a bunch of questions.
>>
>>People who have some certs - and might only be in the position they are in
>>today due largely to some certs would tend to disagree.
>>
>>I have also worked for one of these "boot camp" schools (for a total of
>>about 3 months-shame on me)
>>
>>The inherent problem is that while the "boot camps" do serve their purpose
>>to people who need brushing up to gain some certs - people that already
>
> have
>
>>a solid base to build upon - those aren't the people that go to boot camps
>
> .
>
>>It doesn't matter if it is a 2 week boot camp or a 6 month one.
>>The people that go to these boot camps are roofers and construction
>
> workers
>
>>who want a way out of their current employment situation. While that is
>
> all
>
>>well and good these people do not make the best candidates for IT work
>
> (with
>
>>no background knowledge) and the boot camps don't care (no matter if its
>
> MS
>
>>er cisco boot camps) They just want their $$ ......like cattle I suppose.
>>
>>
>>Has this brought down the "bar" on what a cert means? ...it sure has
>>Does it mean everyone with certs doesn't know anything? Not at all
>>
>>Most employers take certs for granted..And now they are EXPECTED - before
>>the cert use to be a distinguishing mark, now it is given
>>
>>~pingywon MCSE
>>
>>http://www.pingywon.com
>>-----Original Message-----
>>From: full-disclosure-admin@...ts.netsys.com
>>[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Paul
>>Sent: Monday, November 22, 2004 02:57
>>To: full-disclosure@...ts.netsys.com
>>Subject: [Full-Disclosure] Certifications
>>
>>While I gotta agree that experience is what
>>counts, what (if any) specialist certs should a
>>tertiary student, with a special interest in
>>security, use to underpin their prac?
>>
>>P.S. If I'm too ignorant to warrant a civil
>>answer, like being told to go to the movies, my
>>apologies in advance so no flame needed.
>>
>>=====
>>
>>one step at a time...
>>
>>
>>
>>Find local movie times and trailers on Yahoo! Movies.
>>http://au.movies.yahoo.com
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>>
>>---
>>Incoming mail is certified Virus Free.
>>Checked by AVG anti-virus system (http://www.grisoft.com).
>>Version: 6.0.797 / Virus Database: 541 - Release Date: 11/15/2004
>>
>>
>>---
>>Outgoing mail is certified Virus Free.
>>Checked by AVG anti-virus system (http://www.grisoft.com).
>>Version: 6.0.797 / Virus Database: 541 - Release Date: 11/15/2004
>>
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
Powered by blists - more mailing lists