Paul wrote: > While I gotta agree that experience is what counts, what (if > any) specialist certs should a tertiary student, with a > special interest in security, use to underpin their prac? > > P.S. If I'm too ignorant to warrant a civil answer, like > being told to go to the movies, my apologies in advance so no > flame needed.
Not everyone on this list are crude brainless kiddies Paul (though too many are ;) Having said that, let me address your main point. With a number of letters behind my name (will have to drop the CCDA to accommodate my upcoming GSNA), I feel qualified to answer your question. For some reason the CISSP is considered one of the most prestigious certs. I describe it as a river a mile wide and 6 inches deep. However, I found it relatively easy to obtain with no schooling required, as were all my other certs, except for the GSEC that required an 8x12-hour day intensive SANS class (in my case complemented with a co-ordinated national meeting of military IS people and keynote by Richard Clarke, who I respect very much). I tell people that you come out of that either scared to death or with a brain, two hat-sizes bigger. Most GIAC certs are very technical in nature. I describe them as being a quarter-mile wide and 20 feet deep. Although I passed the GSEC on first try, the test was much more difficult than the CISSP. That is why I decided to pursue my GSNA as opposed to a CISA. And in that one 6-day class, I shoe-horned enough stuff in my brain to keep me busy for months. Well worth the money. My .02 Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA Information Security Engineer DP Solutions ---------------------------------------- If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked. -- former White House cybersecurity adviser Richard Clarke _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html