Re: Again on certification

From: Johannes B. Ullrich (jullrich@sans.org)
Date: 04/22/02


Date: Mon, 22 Apr 2002 11:55:16 -0400 (EDT)
From: "Johannes B. Ullrich" <jullrich@sans.org>
To: "Angelo Perniola" <ASBB11@netscape.net>


I think with respect to Information/Computer Security, there
are two places to look at:

- SANS (www.sans.org) GIAC certifications. A number of different
  tracks.

- ISC2 (www.isc2.org) CISSP certification.

A quick comparison (disclaimer: I work for SANS):

The SANS GIAC certifications are available in a number of different
subject areas and at different 'levels'. The 'Security Essentials'
is the all-around introduction to information security. Other
certifications like the Firewall or Unix Certs. provide ask for
a more detailed 'hands on' knowledge.

CISSP on the other hand covers a very broad range of information
security knowledge. It goes way beyond computer security (e.g.
phsyical security, fire prevention). In my opion, CISSP is targeting
more management folks than hands techies.

There are a number of vendor specific certifications as well (Cisco,
Microsoft, Novell, Checkpoint...). However, they don't do you much
good unless you are working with that specific equipment. They are
a good thing to ask for once you have a job and your employer is
using this particular equipment. For now, you are most likely better
of with a non-vendor specific certification.

-- 
-------
jullrich@sans.org                    Join http://www.DShield.org
                          Distributed Intrusion Detection System



Relevant Pages

  • RE: Advice on security certifications (CPTS yes or no)
    ... The most prestigious are the SANS GIAC GSE's. ... CPTS Certified Pen Testing Specialist and then CPTE Certified Pen ... Advice on security certifications ... Are there any certifications that are better than CPTS? ...
    (Security-Basics)
  • Re: To go to University - For the CISSP etc. - Good idea/Bad idea???
    ... I'd be majoring in Security of course... ... I studied IT - Networking at Technical College, ... But yes, I do have all those certifications, the 3 Cisco ones I did at ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
    (Pen-Test)
  • Re: CEH program and Sybex Study Guide
    ... CEH program and Sybex Study Guide ... I am now focusing on security as my carrer. ... various certifications and the likes to plan out what I may consider ...
    (Security-Basics)
  • Re: To go to University - For the CISSP etc. - Good idea/Bad idea???
    ... I'd be majoring in Security of course... ... I studied IT - Networking at Technical College, ... But yes, I do have all those certifications, the 3 Cisco ones I did at ... The main reasons I made this decision are; ...
    (Security-Basics)
  • Re: CISSP
    ... I really don't use Linux" from people that do security ... SecPros out there that use/code in Windows - most of the people that can ... certs REALLY helped me professionally, ... There are certifications and there are certifications. ...
    (Pen-Test)