Re: How to Become a CCIE v2

From: A.G. Ananth Sarma (GMail) (ananth.sarma@gmail.com)
Date: Tue May 06 2008 - 14:05:20 ART

• Next message: A.G. Ananth Sarma (GMail): "Re: How to Become a CCIE v2"
• Previous message: Carlos Trujillo: "Re: Help on Random detect command"
• Maybe in reply to: nrf: "Re: How to Become a CCIE v2"
• Next in thread: A.G. Ananth Sarma (GMail): "Re: How to Become a CCIE v2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Colin,

Your opinion is real worth and impartial from the fact that you are a CCIE
yourself.
As you have well said, CISSP gives bigger picture though at surface level.

Any exam has its merits in its own right.

One cannot just disqualify it since he is not in to it or because his boss
has done it.(May be, that is why the boss is at his seat.)

I have done my CISA and some questions were so practical that we technical
people will never even think such things exists.
Yet, there you need to look at IT/Security wearing an IT Auditor's cap.

My 2c.

Regards,

Ananth

On Tue, May 6, 2008 at 7:31 PM, Colin McNamara <Colin@2cups.com> wrote:

> While the security CCIE is an outstanding certification, by design it is
> focused on configuring devices to secure assets and mitigate network based
> attacks.
> This is a critical piece of a companies security strategy, but by itself
> it is only one piece of an effective security program.
>
> For example, you firewall can be rock solid, you IDS's tuned perfectly,
> your NOC staffed with Security CCIE's. But if you don't have the right
> processes and controls in place, your janitor could walk out with your
> backup tapes. Or, your documented controls may not be up to snuff and you
> may get hit on an audit, pushing out a critical b2b integration. These type
> of issues are outside of the scope of the Security CCIE, but well within the
> scope of the CISSP.
>
> And, one thing to keep in mind. Check the latest salary surveys. Last time
> I checked the CISSP was worth about a 10k bump in salary. That doesn't sound
> worthless to me.
>
> --
> Colin McNamara
> (858)208-8105
> CCIE #18233,RHCE,GCIH http://www.colinmcnamara.com
> http://www.linkedin.com/in/colinmcnamara
>
> "The difficult we do immediately, the impossible just takes a little
> longer"
>
>
>
> Cisco Nuts wrote:
>
> > CISSP is a worthless certification !!!
> >
> > It is nothing but a theory exam that tests if you have "memorized" the
> > answers !!
> >
> > No practical real world usage for it !!
> >
> > It is only for folks who have tried the CCIE/CCSP and failed !!
> >
> > Yes, that is the fact...!!
> >
> >
> > My Boss who is a CISSP cannot differentiate b/w a FW/IDS or a VPN - talk
> > about it !!
> >
> > CCIE-Security is one true cert for Security.....
> >
> >
> >
> >
> > > Date: Tue, 6 May 2008 08:59:29 -0700
> > > From: Colin@2cups.com
> > > To: joe@affirmedsystems.com
> > > CC: dale.shaw@gmail.com; ccielab@groupstudy.com
> > > Subject: Re: How to Become a CCIE v2
> > >
> > > I second Joseph here. I work with some AMAZING security professionals,
> > > that just HAPPEN to have their CISSP certification.
> > > I also have met people that have absolutely no practical security
> > > (attack mitigation, incident response, forensics) knowledge at all,
> > who
> > > maintain their CISSP.
> > >
> > > The CISSP in itself is very high level and theoretical. This maps into
> > > the core process and compliance issues that many security
> > professionals
> > > have to deal with today.
> > > What it is not is an exam based around skills, like GIAC series or
> > CEH.
> > >
> > > --
> > > Colin McNamara
> > > (858)208-8105
> > > CCIE #18233,RHCE,GCIH
> > > http://www.colinmcnamara.com
> > > http://www.linkedin.com/in/colinmcnamara
> > >
> > > "The difficult we do immediately, the impossible just takes a little
> > longer"
> > >
> > >
> > > Joseph Brunner wrote:
> > > >> Perhaps Cisco could consider a system like CISSP
> > > >>
> > > >
> > > > Um, no thanks...
> > > > I work with several CISSP's. They have almost ZERO practical
> > security
> > > > knowledge...
> > > >
> > > > Just last Friday I had to teach one of these endorsed
> > "professionals"
> > > > The pix, subnetting, writing ACL's, etc, why we do nonat's, etc.
> > > >
> > > > What good is a certification if does not give you any
> > training/knowledge
> > > > that allows you to do anything in the real world?
> > > >
> > > > The CISSP has become so devalued because it's a life raft for
> > non-technical
> > > > people who want to work in IT.
> > > >
> > > > Anyone who has a good working relationship with their boss can be
> > > > endorsed... My old boss would have endorsed me robbing a liquor
> > store if I
> > > > promised him an ecstasy tab and a night with my girlfriend... does
> > this make
> > > > his endorsement valuable?
> > > >
> > > > -Joe
> > > > (Back on dagobah/rtp in July for a REAL security test ;)
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> > Of Dale
> > > > Shaw
> > > > Sent: Tuesday, May 06, 2008 1:27 AM
> > > > To: ccielab@groupstudy.com
> > > > Subject: Re: How to Become a CCIE v2
> > > >
> > > > Irrespective of how hard or not the CCIE lab is, I agree with one
> > key
> > > > point that the original poster made:
> > > >
> > > > Just like every other vendor certification, there is no way for a
> > > > prospective employer, or anyone for that matter, to differentiate
> > > > between someone who has years and years of practical experience and
> > > > blitzed the lab first go, and someone with relatively limited
> > > > experience but who brute-forced their way through.
> > > >
> > > > The end result is "CCIE", not "CCIE (passed first go)" or "CCIE
> > > > (passed on the 5th attempt)". In my opinion, despite the practical
> > > > nature of the lab, it is still possible to be a "paper CCIE".
> > > >
> > > > To use the fruit comparison analogy in a different way: comparing
> > > > CCIEs can indeed be like comparing apples and oranges! -- some are
> > > > good, some are bad.
> > > >
> > > > Perhaps Cisco could consider a system like CISSP, whereby you have
> > to
> > > > be endorsed by someone who is already certified, and/or you have to
> > > > meet other pre-requisites, like number of years of relevant work
> > > > experience.
> > > >
> > > > cheers,
> > > > Dale
> > > >
> > > >
> > > >
> > _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > > >
> > > >
> > > >
> > _______________________________________________________________________
> > > > Subscription information may be found at:
> > > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > >
> > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > >
> > >
> >
> > ------------------------------------------------------------------------
> > With Windows Live for mobile, your contacts travel with you. Connect on
> > the go. <
> > http://www.windowslive.com/mobile/overview.html?ocid=TXT_TAGLM_WL_Refresh_mobile_052008
> > >
> >
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: A.G. Ananth Sarma (GMail): "Re: How to Become a CCIE v2"
• Previous message: Carlos Trujillo: "Re: Help on Random detect command"
• Maybe in reply to: nrf: "Re: How to Become a CCIE v2"
• Next in thread: A.G. Ananth Sarma (GMail): "Re: How to Become a CCIE v2"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:16 ART