[aklug] Re: IT certifications

Dan,

Well put. Totally agree that a college education is a good thing to have.
You still need to learn how to use things like Cisco or NetApp. Unless your
college degree included training in these areas. That's where the vendor
certs come in. I don't like the fact that they only last 3 years. I also
don't like the fact that they are expensive. Unfortunately it's all we have
at the moment.

On Wed, Sep 7, 2016 at 1:34 PM, Dan Wolf <dan-wolf@gci.net> wrote:

> Hi Damien,
>
>
>
> My apologies for not communicating my thoughts as clearly
> and as fully as I should have, initially. First let me say that I don’t
> necessarily disagree with many of the points you have brought up. However
> being a retired (45+yrs) IT professional with Military, Corporate,
> Government, LE, and small business experience I believe my observations
> have stood the test of time. This is particularly ironic since I dropped
> out of high school in my senior year (1970) with the goal of becoming a
> machine-gunner on a patrol boat in the Mekong Delta. While the Navy
> recruiter didn’t feel I was a “suitable candidate” for the US Navy, USMC
> Gunnery Sgt. D.L. Mooney thought the Marine Corps had just the right spot
> for me…. J…… Several weeks later during the general education testing in
> basic, it was discovered that I knew the difference between a “D” cell
> battery and a Crescent Wrench and any hopes I had of manning a .50 Cal
> Browning and mowing down the enemies of our country were crushed and
> replaced with the many months of basic electronics study that followed. In
> addition to having to complete a GED. Somehow I ended up in the top three
> of my class and wound up with an assignment to advanced training in data
> systems and cryptography. Keep in mind that there was no Internet back
> then. Data transmission was done over encrypted HF SSB for pre internet
> Command and Control Comm. So rather than configuring OSPF we calculated
> things like what the days MUF was and when we troubleshot problems it was
> down to the component level rather than card or board. And we had to walk
> uphill doing it…..
>
>
>
> Too make a long story short, my experience in I.T. both as
> an employee, part of an interview team, and as a hiring manager, I always
> looked for the most direct and current experience first whether from a
> school or self-acquired. Next was their core education and quite frankly I
> would place a simple CS, or EE far above an MIS. That is simply because
> most of the folks I know, or have known work on their advanced infosec
> degrees after they are active practioners in infosec.
>
>
>
> While I sympathize with you regarding a company’s decision
> to change vendors and the ramifications to a companies in-place staff
> requirements, I would also point out that change in the field is inevitable
> and for any organization or business to remain competitive it’s support
> staff must evolve , one way or another. Optimally the organization should
> understand and recognize the value of employee longevity and should have
> appropriate training so as to improve and retain the institutional
> knowledge. Organizations that simply make a decision to switch out their
> infrastructure without a support continuity plan are almost guaranteed to
> face issues in both deployment and day 2 support. On the other side of the
> coin those organizations which actively consider ongoing training and
> provide career considerations for their employees IMO enjoy a higher
> success rating during a technology revamp.
>
>
>
> Lastly before everyone snores off…… I would point out that
> since those halcyon days when Information security meant locking your
> papers up in the safe at the close of business, today the field is
> comprised of a multiple array of specializations so when one says they want
> to make it in the world of information security what exactly do they mean;
>
>
>
> Defensive or offensive
>
> Network or System security
>
> Traffic Analysis
>
> Forensics
>
> Compliance
>
> Legal issues
>
> Etc, etc, etc…..
>
>
>
> At the end of the day…….. I am still convinced that a
> solid 2 or 4 yr CS or EE degree overall has the edge over any cert. Unlike
> certs, degrees last a lifetime rather than the finite lifetime of a
> particular outfits certs. and assuming you actually paid attention in class
> will have gained a set of fundamental knowledge’s that can be applied to a
> wide range of “Information Security” challenges once you get your foot in
> the door. Hopefully that door leads to an organization which understands
> the long view and will see it in its best interest to keep the lifecycle of
> its IT staff in mind as well as the organizations bottom line. But even if
> the organization has a plan and can manage some training there will always
> be the need for one to make the extra effort to improve ones mastery………..
> not always cheap but there are more and more low cost or free avenues to
> obtain the knowledge’s that will allow you to be more and more effective
> and efficient than simply getting a cert…… What good is knowing how to
> configure something if that something isn’t the most appropriate for
> maintaining the Confidentiality, Integrity, and Availability of the data
> one is charged to protect……..hence the original YMMV……
>
>
>
> Regards,
>
> Dan…….. former USMC 0311/2500/5971/72/78, A+, Linux +, CCNA, VMWare,
> NetApp NDA, BF4 Lvl140…… and current chicken farmer.
>
>
>
>
>
>
>
> *From:* Damien Hull [mailto:dhull@section9.us]
> *Sent:* Wednesday, September 07, 2016 9:03 AM
> *To:* Dan Wolf <dan-wolf@gci.net>
> *Cc:* Christopher Howard <ch.howard@zoho.com>; AKLUG <aklug@aklug.org>
> *Subject:* Re: [aklug] Re: IT certifications
>
>
>
> Dan,
>
>
>
> I have a Masters degree in Information Security. I hate to tell you this
> but that's not enough. Vendor certs like CCNA and CCNP tell you how to work
> with the product. How do you get OSPF configured? How do you get spanning
> tree configured? College degrees help a lot for the big picture. They may
> not give you the commands you need to configure OSPF on a Cisco router.
>
>
>
> I used to work for GCI setting up Cisco and Juniper routers for Internet
> access. The only reason I survived is because I was CCNP certified. Without
> that I wouldn't have been able to make it. Then they said, surprise, we're
> going to Juniper. The networking concepts are the same, but the commands
> are different. My college education didn't tell me how to configure OSPF
> and MPLS on a Juniper router. And no, we didn't get enough on the job
> training to figure it out before we were dropped into the hot seat. I
> managed to survive for a bit but it was rough.
>
>
>
> Vendor certs will always be there. They may not be perfect but they're
> better than nothing. I also think that people who look down on certs
> haven't looked into them. The CCNP is three tests. One of which is
> "switching". Can you configure HSRP in a minute or two? That was on the
> test. Took me three tries to pass that test.
>
>
>
> I'm trying to make it in the world of Information Security. The SANS
> organization has become my training of choice. Expensive but worth it.
> Topics they cover are things most people don't even know exist. How do I
> learn this stuff if I can't find anyone who knows it even exists? Training
> and certs are the only thing I can think of.
>
>
>
> Point is, I've learned a lot from college and IT training /
> certifications. Wouldn't be able to do my job without them. And as someone
> else pointed out, you may not get past HR without them.
>
>
>
> I think this is also the downside to IT. It is so expensive to keep up. If
> anyone has a cheaper solution I'm all for it.
>
>
>
>
>
> On Tue, Sep 6, 2016 at 12:57 PM, Dan Wolf <dan-wolf@gci.net> wrote:
>
> IMO..... Some of the basic certs A+, CCNA have value in providing
> employers with a comparative baseline for entry level positions, but after
> that certs tend to lose their value...... In the end.....stay in school or
> go back and get a 2 or 4 yr degree and you will have a piece of paper that
> lasts a lifetime rather than 2-3 yrs....... Then you leverage that paper to
> get in the door to an org that can provide the additional training you seek
> As always YMMV.....:-)
>
>
> -----Original Message-----
> From: aklug-bounce@aklug.org [mailto:aklug-bounce@aklug.org] On Behalf Of
> Christopher Howard
> Sent: Monday, September 05, 2016 2:03 PM
> To: AKLUG <aklug@aklug.org>
> Subject: [aklug] IT certifications
>
> Hello list. I was wondering... has anybody heard of any programs (e.g.,
> nonprofit, workforce development) that help people with the financial part
> of getting IT certifications? There are a number of additional certs I'd
> like to get (e.g., Security+) but there isn't much room in my budget, and I
> don't think I could convince my current employer to pitch in. (As
> additional certs would only help me to get a better job elsewhere.)
>
> --
> https://qlfiles.net
> My PGP public key ID is 0x340EA95A (pgp.mit.edu).
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org> with
> 'unsubscribe' in the message body.
>
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>
>

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Sep 7 14:57:35 2016