Well as someone who hires security staff, I look for hands-on real world experience. The CISSP and the rest are all too conceptual based, I've had students with these certs who do not know how to do fragmented port scans.
>From my experience a pratical security certification such as the ESA from www.securityassociate.org really puts into practise text-book knowledge. We have around 20 ESA's at BT and are happy with the skills of the engineers. But nothing beats real world experience and no cert can give you this. Peter Baxter British Telecommunications PLC Head of Information Security - Europe and Asia Tel: +44 (0)20 450 5000 ext. 4456 [Email is spam protected] -----Original Message----- From: Jarrod Loidl [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 13, 2003 1:57 AM To: [EMAIL PROTECTED] Subject: Distinctions in Certification Whats the difference between the different security certifications? ie. GIAC cert vs. CISSP? Whats the different in the eyes of the industry, as well as prospective employers (if you are wanting to draw a distinction between the two). -- Jarrod Loidl Network Abuse Engineer Earthlink, Inc. ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------