RE: advice

From: SÚrgio Dias (stdiasp_at_uol.com.br)
Date: 01/05/04

  • Next message: J. Yoon: "XP password and encryption"
    To: <security-basics@securityfocus.com>
    Date: Mon, 5 Jan 2004 17:12:38 -0300
    
    

    Sorry Jeff, But in my opnion CISSP is not a mid-level security
    Certification. It's the best Certification in use actually. The Mid-level
    can be GIAC, CSSP...But never CISSP.

    I think like you. Know all about Routers and TCP/IP. Know all Concepts about
    SO. Good Practices for sec, like Sec+. And finally take the CISSP exam.

    If you want work with Forensics, then you need another certification focused
    only in this Subject.

    Sorry for my bad English. I'm talk from Brazil.

    Tks,

    SÚrgio Dias
    MCSE: Security

    -----Original Message-----
    From: Jeff McLaughlin [mailto:JMclaughlin@springsgov.com]
    Sent: sexta-feira, 2 de janeiro de 2004 19:13
    To: 'John Kampanellis'; security-basics@securityfocus.com
    Subject: RE: advice

    IMHO,

    Network Security will rely on your ability to be proficient in many
    disciplines. To secure your network it is very helpful to understand what is
    running on it and how it runs on it. Network security crosses all
    boundaries and being effective means you have a working knowledge of
    networks and the apps/OS that run on them. You need breadth as well as
    depth.

    Understand that although helpful, it is not a good idea to learn the
    material with the goal of just passing a test. Your goal should be a
    through knowledge of the subject which should allow you to then pass the
    test.

    A certification process you could follow could be.

    To demonstrate you understand the network environment.
    CCNA (Network), MCP-Windows 2000 Server & Networks (OS), Linux+ or other
    linux cert(OS), Security+ (or other basic type security cert)

    To demonstrate you have depth.
    CCNP or CCSP, MCSE or MCSP, CISSP (or other mid-level security cert),

    To be an "expert"

    CCIE, RHSE, multiple certs in apps database, programming.

    HTH,
    Jeff McLaughlin
    MCSE,MCNE,CCNP,CSS,MCDBA,MCSD,Linux+,Infosec

    P.S. I think I have a very good knowledge of networks because of my MCSE
    certification.

    -----Original Message-----
    From: John Kampanellis [mailto:ikampa@enst.fr]
    Sent: Friday, January 02, 2004 12:49 AM
    To: security-basics@securityfocus.com
    Subject: advice

    Hi!

    I know my question has already been asked, but I think that answers do
    not follow the rule one size fit all.
    What I would like, is the chance to get as much as I can from the
    maturity and experience of the people joinning this list.

    I come from Greece. I a holder of a diploma in Electrical and Computer
    Engineering and I am about to finish my MSc in System and Network
    Security, pursued in France. Considering, that I am about to finish my
    internship, I have to thing what to do next. I decided that a first step
    before entering the market, could be to get a certificate. But which
    one?

    I am pationned with security and and I am very intersted in networks. My
    opinion is that being successful in the security domain, requires from
    someone to have a very good knowedge of networks and systems.So my
    questions are the following:

    1)Should I get a certificate in networks , i.e. CCNA?
    Since I have an MSc in security may be being certified in networking is
    better.
    I believe that I know 70% of what CCNA covers. However, may a
    certificate may help me at the beginning of my carreer.

    2)Should I get a ceritificate in security and in that case which one?
    I know some of you would recommend me certificates such as:GIAC, CISSP,
    CSSP.
    However, the problem is that I don't thing there are centers in Greece
    where I can get the exams.
    The only one for which I have found a exam center is "Security Certified
    Program (SCP)".
    What is your opinion about?

    3)My third option (which I don't like so much) is a Microsoft
    Certificate such as MSSE.
    I am asking you, even though I don't like this option so much. I don't
    thing that people in Microsoft have real good knowledge about networking
    or security.

    Thanks in advance,
    John

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
    course! All of our class sizes are guaranteed to be 10 students or less.
    We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
    and many other technical hands on courses.
    Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
    any course!
    ----------------------------------------------------------------------------


  • Next message: J. Yoon: "XP password and encryption"