Sign in or 
Share this
Showing 9 posts
|
commondork |
Two For One
Mar 25 2008, 11:12 PM EDT
I have two show ideas. My first idea regards industry certifications. What are your guys' opinions on these certifications and whom do you believe should be attaining these certifications? Which certification would be appropriate for what type of work/career? Outline some of the certs (vender and vender neutral), why certify or why not, certification process, pros and cons, etc. My second idea is about the industry and how someone may become involved. Where should someone who is interested in networking/security begin their path to eventually working (I would call it playing) in the field? What entry-level jobs they should pursue and what qualifications should they possess (not necessarily to mean certs)? What opportunities exist in these fields (government, corporate, non-profit, etc.)? I realize that both of my ideas are geared towards people less or not as experienced in networking/security and I'm not sure if that is an audience you're attempting to appeal to but I thought I would share those with you guys. I know I would be interested in those shows, especially the latter. Look forward to the next podcast! CD Do you find this valuable?
Keyword tags:
None
|
robboyd |
1. RE: Two For One
Mar 30 2008, 6:34 PM EDT
If we are just talking security certifications, I think you first decide how technical of a route are you wanting to go. CISSP is somewhat of a mainstay for anyone interested in management and is difficult to make it respectable...but it also a mile wide and an inch deep. For general security technical knowledge I am big fan of SANS. They have top notch instructors and strive to be reasonably vendor neutral and relevant. Beyond certs, I think you can distinguish yourself through writing and speaking. Volunteer to lead projects, have a well thought out opinion etc.
Do you find this valuable?
|
JimmyRay10acn |
2. RE: Two For One
Apr 2 2008, 10:03 AM EDT
Hey Commondork,This is certainly an interesting topic to me. Truthfully, I have mixed feelings about certs. I certainly believe we need a creditable method to narrow the field down from posers to folks with the drive to take the test. Now the REAL trick is out of that group determine who is the real deal and who is a paper tiger. There are few non vendor certs out there worth there salt today. Manly, because unlike academia we have no accreditation body to make sure they meet a certain standard of excellence. So now vendor certs enter the arena. There value is determined mainly by the channel/reseller that gets a bonus/higher selling level for certified team members. I do like this idea, because it allows customers the power to choose the reseller that has the best certified folks which in turn means the reseller invests in training for their staff to keep the business alive and kicking. As networkers, we win! Personally, I have a major problem with any vendor that calls a certified person an engineer. If you did not get a degree in engineering and/or pass the state licensing exam then you are no more an engineer then Paris Hilton is a talent. That is just false marketing in my opinion of course. I wrote a paper on bmighty.com about breaking into the security business last month. Here is how you know you are ready for a career in security: - Ever punch multiple buttons on a Coke machine trying to get a free one? - Do you know the places/times you can speed and not get a ticket? - Do you ever wonder how a keystroke turns into hex on the wire? If you answered yes to two or more, you just might have the mind set to be a security auditor.. Jimmy ray Do you find this valuable? |
|
robboyd |
3. RE: Two For One
Apr 2 2008, 11:49 AM EDT
Jimmy Ray - can you put in a link to your bMighty paper?Do you find this valuable? |
|
JimmyRay10acn |
4. RE: Two For One
Apr 2 2008, 12:28 PM EDT
Sure thing! Check it out at:http://www.bmighty.com/columns/showAuthor.jhtml?authorID=purser It is the paper titled: I want to be a hacker Keep on fishin! Jimmy Ray Do you find this valuable? |
77SSC |
5. RE: Two For One
Apr 3 2008, 12:14 AM EDT
CD:On the topic of show ideas - I'd guess the existing listener base is certified but your idea could be compelling if the topic was expanded to include Cisco's plans for changes in future cert paths, new exams, etc. So the front-end would tackle the importance of certs and where they fit into the big picture then the back-end would talk about where we are going with certs in Networking, Content DIstribution, Security, Call Manager, etc. Another viewpoint on certs - IMHO if you're vendor-bound in the networking industry and want to have credibility - a Cisco cert is tablestakes. What it shows the customer is you can absorb info and regurgitate it under duress ;-) As for getting one - look into joining a Cisco Study Group in your hometown. These groups are usually self-led by a local certified SE or vendor to help people get certified. If you're client-bound, vendor certs aren't as necessary unless you're into the Ops side and need to put your hands into the infrastructure. (BTW - you can't really work with TAC without a cert since that's question #1 when you call for help.) Just my 2 cents - and agree with JRP an engineer has a BS-EE or similar degree. Architects go to school for 2 additional years to get that title - so we call our clueful network pro's Data Network Consultants and Technical Consultants. (it avoids the sheepskin debate). Do you find this valuable? |
|
robboyd |
6. RE: Two For One
Apr 3 2008, 1:14 AM EDT
We are starting to standardize a short segment on each show to include someone from 'Learning at Cisco' that represents the cert and training options for a given technology. We have a quick CCVP conversation coming from VoiceCon on the May 1 show and should have one for our next Data Center show airing on May 29.
Do you find this valuable?
|
|
commondork |
7. RE: Two For One
Apr 3 2008, 9:57 AM EDT
I was just tossing around some possible show ideas. I'm in favor of both vender sponsored and vender neutral certifications. I think as a starting point for many of the personnel involved with IT and other critical business functions, vender neutral certs like CompTIA's Network+ and Security+ are desirable. Granted they won't allow you to jump to the next paygrade but they do set a minimum standard. With basic knowledge from simple certs such as those even for non-IT people (certified or not), the risk of the ever-increasing social engineering attack lessens as well. Certs like Network+ and Security+ don't cost much either. The means by which an employee or someone would become certified is the hard part (i.e. self-study, intranet course, a meeting a few times a month, etc.). Comes back to the training aspect, which is always fun. On the other hand, if you're going to deploy a Server 2003 infrastructure then I think it is in your best interest to have MCSE (etc.) certified personnel. The same can be said for ___ product to have ___-related certification. I'm in agreement with Jimmy about the "engineer" name as well. I'm a computer engineering student at the University of Wisconsin at Milwaukee and it's somewhat depressing to know that if I passed a few Microsoft exams I could become a "Systems Engineer" (in Microsoft's defense, they have made it more difficult to obtain the higher level certifications). I recall Jimmy mentioning courses he took and enjoyed. What about tying the certifications idea in with an overview of courses available (for example BackTrack or GIAC)? Maybe select a few different tracks one could take in networking/security and provide some example certs and courses that could lead people in that direction or they could use to further their career (such as future certs as 77SSC mentioned). Just kicking the bucket again! Adam Do you find this valuable? |
|
JimmyRay10acn |
8. RE: Two For One
Apr 3 2008, 10:12 AM EDT
Good stuff! Robb and I will be adding more and more training content over time. We both know the value in being certified and having certified team mates. Truthfully, the absolute best security classes I have taken have been at Blackhat for data stuff and HOPE for just general hacking (candy machines, cameras, printers, embedded systems). Foundstone has some great hacker classes they teach. I thought the Hacking Expert class sucked mega, but the other especailly the secure coding classes rocked the house.I also recommend the book Pen Testing by Andres Andreu. Excellent book. This is one of the few books I promoted to reference guide in my geek library Jimmy ray Do you find this valuable? |
