RE: [Full-Disclosure] Security Certifications

From: rrm (rrm@phrick.net)
Date: 03/09/03

  • Next message: Daniel Ahlberg: "[Full-Disclosure] GLSA: netscape-flash (200303-9)" 
    From: "rrm" <rrm@phrick.net>
To: "'Leo Security'" <security@fastmail.fm>, "'Rizwan Ali Khan'" <rizwanalikhan74@yahoo.com>, <full-disclosure@lists.netsys.com>, <security-basics@securityfocus.com>
Date: Sat, 8 Mar 2003 19:45:52 -0500

    We could really do with less certified idiots.

    -----Original Message-----
    From: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of Leo Security
    Sent: Saturday, March 08, 2003 7:19 PM
    To: Rizwan Ali Khan; full-disclosure@lists.netsys.com;
    security-basics@securityfocus.com
    Cc: certification@securityfocus.com
    Subject: Re: [Full-Disclosure] Security Certifications

    I have checked the content and syllabi of most of the subjects offered
    for these certs and was disappointed. They are a waste of time. My
    advice will be to use your time for the deep study of operating systems.
    That would make you a better security analyst. Most employers have had
    it with certs and do not give much importance to it any more.
    Certifications were hot untill 2000. There value is going downhill since
    then.

    I would only go for certs if my employer requires it and pays me for it.
    I will never like to spend my own money on certs.

    Thats my opinion.

    regards
    Leo

    hellNbak wrote:
    > Be sure when filling out the questionaire from ISC2 that you lie if you
    > have been a part of any "hacking" groups or have used a nym. Honesty *IS
    > NOT* the best policy in this case.
    >
    > I have a friend in Tokyo who took the lead auditor course and passed the
    > test, he said it was horrible and not worth the time or money
    >
    > On Fri, 7 Mar 2003, Ron DuFresne wrote:
    >
    >
    >>Date: Fri, 7 Mar 2003 09:08:21 -0600 (CST)
    >>From: Ron DuFresne <dufresne@winternet.com>
    >>To: Rizwan Ali Khan <rizwanalikhan74@yahoo.com>
    >>Cc: full-disclosure@lists.netsys.com, security-basics@securityfocus.com,
    >> certification@securityfocus.com
    >>Subject: Re: [Full-Disclosure] Security Certifications
    >>
    >>
    >>
    >>Your quickest bet here is to do a google search on cisa and then on cissp.
    >>You'll gt pointers to the governing bodies and such, pointers to lists of
    >>pretesting help, local affiliations as well as testing sites in the near
    >>future and much more in the first 10-20 links google returns.
    >>
    >>Thanks,
    >>
    >>Ron DuFresne
    >>
    >>On Thu, 6 Mar 2003, Rizwan Ali Khan wrote:
    >>
    >>
    >>>I have heard of CISA and CISSP as Security
    >>>Certifications, but could someone shed some light and
    >>>give information about the governing bodies of the
    >>>following Certifications, and where to get their
    >>>suggested training material/ books etc.
    >>>
    >>>And if it is possible to give their exams from
    >>>Pakistan?
    >>>
    >>>
    >>>BS7799/ISO7799 lead auditor
    >>>Prince 2
    >>>SSCP
    >>>CISM
    >>>CISMP
    >>>TCSEC
    >>>SCP
    >>>
    >>>
    >>>
    >>>
    >>>
    >>>__________________________________________________
    >>>Do you Yahoo!?
    >>>Yahoo! Tax Center - forms, calculators, tips, more
    >>>http://taxes.yahoo.com/
    >>>_______________________________________________
    >>>Full-Disclosure - We believe in it.
    >>>Charter: http://lists.netsys.com/full-disclosure-charter.html
    >>>
    >>
    >>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    >>"Cutting the space budget really restores my faith in humanity. It
    >>eliminates dreams, goals, and ideals and lets us get straight to the
    >>business of hate, debauchery, and self-annihilation." -- Johnny Hart
    >> ***testing, only testing, and damn good at it too!***
    >>
    >>OK, so you're a Ph.D. Just don't touch anything.
    >>
    >>_______________________________________________
    >>Full-Disclosure - We believe in it.
    >>Charter: http://lists.netsys.com/full-disclosure-charter.html
    >>
    >
    >

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Daniel Ahlberg: "[Full-Disclosure] GLSA: netscape-flash (200303-9)"

    Relevant Pages

    • Re: [Full-Disclosure] Security Certifications
      ... Subject: [Full-Disclosure] Security Certifications ... > it with certs and do not give much importance to it any more. ...
      (Full-Disclosure)
    • RE: Value of certifications
      ... Like a bar exam though, ... This increases the cost, but you do not just memorise the questions. ... SANS Gold still makes you do this and as such I have far more respect for the Gold than Silver certs. ... Subject: Value of certifications ...
      (Security-Basics)
    • RE: Verification of Certifications
      ... I still have no degree and no certifications. ... To have the knowledge and the certs is ideal. ... has worked for one and a half years on Cisco equipment in a high pressure ... > tortura é sempre instrumento do estado, dos pais, dos professores.. ...
      (Security-Basics)
    • Re: [fw-wiz] Certification ?
      ... The thing about certifications is that on the vendor end, certs serve as ... substitute for having a true passion. ... It's like cosmetics for resumes. ...
      (Firewall-Wizards)
    • Re: To go to University - For the CISSP etc. - Good idea/Bad idea???
      ... great deal of age discrimination against young IT workers. ... The main reasons I made this decision are; ... certifications; ... IACRB CPT and CEPT certs require a full practical examination in order to become certified. ...
      (Pen-Test)
    • Quantcast