Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: University Degree or CISSP

from [Dave Aronson (SecBasics)] Network Security [Permanent Link]
Subject: Re: University Degree or CISSP
Date: Tue, 30 Aug 2005 15:02:55 +0000 
soumyadipta_das@yahoo.com writes:


Is it better (in terms of technology and industry acceptablity) to get a
university degree on information security than certifications such as 
ccna/ccsp, ceh (or security+) and cissp?


It depends on a number of things.

First, what do you want to DO?  Are you intending to be a security analyst, a 
writer of security-related software, a pen tester, or what?  The attitudes 
towards degrees and certs vary widely between these fields.  The closer the job 
gets to black-hattedness, the less important BOTH of them become, but degrees 
more so.

Second, do you have a degree already, of any kind?  I don't know about 
elsewhere, but here in the USA, that is an absolute requirement for most 
regular corporate technical jobs.  Some also demand it be in an area directly 
relevant to the job; for security engineers, this could be specifically 
computer security, or possibly computer science, information systems, software 
engineering, etc.  However, the *added* employability from having *higher* 
degrees is generally small, except in the federal government, or sometimes 
their contractors looking to put you in contract slots that require specific 
degrees.

Third, it depends what you've done with the knowledge that the degree or cert 
claims you have.  If the paper is fresh, people might think it's still fresh in 
your mind and give the paper more weight.  If it's been quite a while, though, 
they're going to look more at what you've done, which will thus be reinforced 
in your mind, and assume that you've forgotten pretty much everything else.

Fourth, it depends what other experience you've got, that is at least 
tangentially relevant.  For instance, if you want to write security software, 
it would help to have a good background in programming, or at least using 
popular pieces of security software.

Last, it depends on the person you're asking to evaluate you.  Some view certs 
as a good thing, some as neutral, and some even as *negative*, especially MS 
certs.

Long story short, there are no hard and fast rules.  You can probably get the 
certs much more quickly and cheaply, possibly with just self-study and a day or 
two off to take exams, so in my position (CompSci-degreed, in the US, with 
about 20 years experience), I'd go for that first.  YMMV.  Either way, try to 
get an employer to pay for it!  :-)

-Dave
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: University Degree or CISSP, Brunner, Mark
Next by Date:  RE: University Degree or CISSP, Nidschelm, Robert
Previous by Thread:  RE: University Degree or CISSP, Brunner, Mark
Next by Thread:  RE: University Degree or CISSP, Nidschelm, Robert
Indexes:  [Date] [Thread] [Top] [All Lists]