Re: [fw-wiz] Certification ?
From: Paul D. Robertson (paul_at_compuwar.net)
To: Don Parker <firstname.lastname@example.org> Date: Fri, 18 Jun 2004 18:25:15 -0400 (EDT)
On Thu, 17 Jun 2004, Don Parker wrote:
> All certs are not created equal. Have you yourself attempted a GIAC cert? I assure you it
While they're all not created equal, there's lots of memorization, even
for "practical" tests.
> is no easy task, and it is most definitely not simply rote memorization. You are making
> blanket statements just like the other much debated Ethical Hacking training thread. Some
> are good and some are bad. It is as simple as that. Bottom line is go for a cert that has
> a practical portion to it, vice simply a multiple choice exam.
I've been trying to stay out of this- as my views haven't changed since
the last sixteen million times we discussed this, but let's get this
straight- bottom line is that we've still got way more cluefull
non-certified people running around than make sense if certifications are
supposed to mean anything. We also have way too many idiots with
certifications running around- regardless of which certification it is.
I know lots of people with GIAC and CISSP certifications who I don't
consider to be anything but junior folks. Most of them, I wouldn't let
secure my home network. Lots and lots of people go through the GIAC mill-
many of them are disappointed by the entire process (I've heard quite a
bit of complaining in the last 6 months that it's too easy and not at all
rewarding a process, especially as a "take the training then test" thing.)
Now, I've helped to create a purposefully junior certification, and I
_know_ the process isn't easy- but from what I've seen of every
certification process I've looked at in the last decade, only the original
CCIE looked hard- I'm not sure how it is since they've split it up though.
I still think we're mostly in a "if you need the cert, it's because you
haven't done the deeds" mode- and as much as the certification folks try
to address that, we're at a point where it just doesn't seem to be well
Paul D. Robertson "My statements in this message are personal opinions
email@example.com which may have no basis whatsoever in fact."
firstname.lastname@example.org Director of Risk Assessment TruSecure Corporation
firewall-wizards mailing list