Penetration Testing mailing list archives
RE: To go to University - For the CISSP etc. - Good idea/Bad idea???
From: "Bob Bell (rtbell)" <rtbell () cisco com>
Date: Fri, 7 Aug 2009 14:11:39 -0700
Adriel, et al - While I agree with your assertion that the information gained in pursuing a degree is dated from almost the outset, having the college degree card is A major requirement to even get into the door. I know from my own experience that the lack of same is a major handicap. So, yes, pursue the degree in an engineering or CS or Network environment, but also study and learn on the job. Having a couple of certifications (CCNA security, CSSLP, CISSP, whatever) will allow you to standout in the crowd, but not having the degree basically sinks both of your feet into a concrete block. Bob
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Adriel T. Desautels Sent: Friday, 07 August, 2009 07:19 To: Adam K Cc: James Copeland; Hy Zaret; pen-test () securityfocus com Subject: Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? 1-) Fact, technology evolves so quickly that "new" technology is considered "old" within the course of one year. 2-) Fact, security is one of the most rapidly evolving areas of technology. 3-) Fact, most degrees take at least 4 years to attain. If you are interested in becoming a security professional, what you learn in school will be out-dated by the time you graduate. The only thing that you will have that will be of any real value will be your experience in performing research or in delivering security services, or maybe in the creation of security technologies. A degree can not, and will not make you a security expert... only hands on experience and bleeding edge exposure can do that. You get that exposure by doing and universities don't "do" all that well. When I was in college I was also working full time making the salary of a senior software engineer. In doing that I quickly realized that college was useless for me as it wasn't teaching me anything that I needed to know. I found that I was learning about the real and current technology world while at work, and learning about the old and dusty technology world while at school. Most of the skills that they were teaching us at school, especially with respect to security, were dated or becoming dated. The only thing that I found useful was C, C+ +, and the other programming languages that I learned. Mind you, I wasn't taught by anyone, I was given a book and told to study it. I don't need to pay $45,000/year to be told to read a book, I can do that on my own. If you feel that you need to pay that much to read a book then give me a call, I've got a lot of good reading material for you. With regards to technology, most of the time the only thing that a degree will satisfy is the emotional and political requirement of the old school mindset. The truth is that some of the best talent doesn't come with a degree. Naturally, degrees are required for doctors, lawyers, etc. I'm not suggesting that they don't have a place. I am saying that specific to security they are nearly useless when compared to real world experience. On Aug 6, 2009, at 9:22 PM, Adam K wrote:Right, Gates doesn't have a degree, but his career path is an exception. I liken him to a baseball player... Ball players that get drafted early (standout players with skills and sometimes luck)usually don'tget to finish their degree. Those drafted later (not standout players) have time to finish their degree. I have never met an individual that regrets their time spent in college or their work toward a degree. I know countless people that regret not getting a degree. Not too mention you typicallymake socialconnections that will last a lifetime. On Thu, Aug 6, 2009 at 5:32 PM, Adriel T. Desautels <ad_lists () netragard comwrote:Bill gates doesn't have a degree. On Aug 6, 2009, at 3:11 PM, James Copeland wrote: What I have found is that school is the way to go. Peoplewill lookat you with your certifications but without the college degree to "back them up" that is all that they will do. Another goodreason forcollege is that some employers will bump that pay up forjust having adegree, no matter even if it is underwater basket weaving.Good luck.Jimmy On Thu, Aug 6, 2009 at 03:26, Hy Zaret<hyzaret () gmail com> wrote: Greetings & Salutations to all! I've been training myself for a while, and have recentlycame to theconclusion that University would be my best choice. The main reasons I made this decision are; . Social reasons . Educational advantages . Takes years off the experienceneeded to takethe CISSP I'm writing on these mailing-lists for two reasons; . Tofind out whatyou think of my choice (not locked in yet!!!) . For advice on which course to go for (Sydney, NSW, Australia) I am wishing sometime in the future to begin a career in ITSecurity.Although being under 18, I have still found time to achieve various certifications; including CompTIA's Security+, three Cisco certifications & a Microsoft accreditation. Also, for the last 4 months I've been working full-time on the 1st Level of an IT Helpdesk. Am very open to ideas, so would be interested in reading &answeringyour replies! Thank you for reading this, Hy Zaret------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org------------------------------------------------------------------------------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org------------------------------------------------------------------------ Adriel T. Desautels ad_lists () netragard com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org------------------------------------------------------------------------Adriel T. Desautels ad_lists () netragard com -------------------------------------- Subscribe to our blog http://snosoft.blogspot.com -------------------------------------------------------------- ---------- This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org -------------------------------------------------------------- ----------
Attachment:
smime.p7s
Description:
Current thread:
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea???, (continued)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Derek Fountain (Aug 07)
- RE: To go to University - For the CISSP etc. - Good idea/Bad idea??? Lamar Stewart (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Jeremy Brown (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Adriel T. Desautels (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? R. DuFresne (Aug 07)
- Message not available
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Adriel T. Desautels (Aug 07)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Brad Bendily (Aug 09)
- RE: To go to University - For the CISSP etc. - Good idea/Bad idea??? Craig S. Wright (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Adriel T. Desautels (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Adriel T. Desautels (Aug 09)
- RE: To go to University - For the CISSP etc. - Good idea/Bad idea??? Bob Bell (rtbell) (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? R. DuFresne (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Adriel T. Desautels (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Derek Fountain (Aug 15)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Robin Wood (Aug 15)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Jay Dyson (Aug 07)
- RE: To go to University - For the CISSP etc. - Good idea/Bad idea??? Gorgon Beast (Aug 09)
- Re: To go to University - For the CISSP etc. - Good idea/Bad idea??? Webmaster (Aug 09)