Re: certification
From: Todd H. (comphelp_at_toddh.net)
Date: 08/19/05
- Previous message: Todd H.: "Re: issue related to viruses"
- In reply to: a_j_moran_at_yahoo.co.uk: "Re: certification"
- Next in thread: Matthew X. Economou: "Re: certification"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 19 Aug 2005 10:09:00 -0500
a_j_moran@yahoo.co.uk writes:
> Hi Matt,
>
> > If you are looking to build technical skills, I recommend looking into
> > the SANS information security certifications. There used to be both
> > testing and practical components to their certifications, and I think
> > that hands-on experience with peer review is both a better way to
> > learn and a better way to certify. I'd follow up the SANS security
> > certifications with the CISSP at some later date, if only because the
> > CISSP is well known.
>
> Thanks for the SANS tip - I did look at this. The sample tests looked
> easier than CISSP (at least the technical *NIX stuff was
> straightforward for me). It would be interesting to hear what others
> think of SANS vs. CISSP though.
>
> Does the CISSP cover more general principles or go into platform
> specifics ?
SANS is a training/cert organization:
http://www.sans.org/aboutsans.php
They are closely associated with GIAC certifications, of which there
are many flavors:
http://www.giac.org/certified_professionals/
I believe SANS does also offer CISSP prep training, which confuses
things a little. I work with a number of CISSP and GIAC certified
folks, and am purusing CISSP at this point.
CISSP is widely deemed as FAR easier to obtain than any of the GIAC
certifications. The main reason is that GIAC certifications used to
all require practicals:
http://www.giac.org/practicals/
....while CISSP requires only that you pass a test. For instance, one
manager in our security organization obtained his CISSP after spending
a couple days with CISSP for dummies and sitting for the test. That's
not to say CISSP is a creampuff cert by any stretch, but just one
datapoint that indicates that it can be pretty easy to get for an
experienced person.
Caveat: It seems that GIAC has changed this practical stance:
http://www.giac.org/practicals/termination.php
> Good point. Workwise I get a lot of technical exposure and some
> (though never enough) fun time to try out new kit (e.g., HSMs) or APIs.
> My own "lab" (such as it is) is a couple of *BSD/Linux cohosted
> installs and I use it mostly to do my own crypto and programming.
Sounds like yer off to a fine start.
Best Regards,
-- Todd H. http://www.toddh.net/
- Previous message: Todd H.: "Re: issue related to viruses"
- In reply to: a_j_moran_at_yahoo.co.uk: "Re: certification"
- Next in thread: Matthew X. Economou: "Re: certification"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
