Truth is GIAC hasn't been around long enough to really establish its value in the industry. It takes awhile for certifications to get known. From what I hear the GIAC courses have good content and are well taught. The only negative I've heard is the cost.
As far as certification goes, well that's another topic. If I took these courses at a university and passed the exams, I'd get a grade and a degree. If I take these courses from SANS (or Microsoft or Novell) and pass the exams, I get a certification. What's the difference? None really, it just demonstrates that I've learn a sufficient number of facts to pass the exam. It does not demonstrate that I am a competent practitioner.
Certification is suppose to guarantee something as meeting a standard (that's the meaning of the word). The assumption is that the standard mentioned here is the INDUSTRY standard and not the testing standard of the course designer or institution. Industry standards are set by the industry's professionals through job delineation studies, academic requirements and surveys. Industry standards are maintained by standards bodies and practitioners are measured against that standard to become certified professionals. The motive is to provide competent practitioners that can protect their organizations and the public.
Vendor based certifications like the CNE, MCSE and GIAC are based on arbitrary standards set by the course designer or vendor. They are certifying themselves! The driving motive behind vendor certifications is profit, not competence. What doesn't mean that the courses and exams do not have value. They do have a great deal of value from a professional development standpoint. From a certification standpoint, I think they're bogus. They remind me of the ad, "Doctor how long have you been doing brain surgery? Well, actually I'm not a doctor, but I did stay at a Holiday Inn Express last night!"
If you are interested in getting a certification based on industry standards consider the SSCP or CISSP from (ISC)2. www.isc2.org
-- Bill Stackpole, CISSP
| Todd <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 10/31/00 07:15 AM
|
To: Andrew Thomas <[EMAIL PROTECTED]> cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> Subject: Re: Slightly off topic - Value of SANS GIAC certification |
andrew, all,
actually, i have the same question, so maybe replies to the list would be
appropriate. otherwise, andrew: could you summarize the replies you get?
thanks,
todd underwood
[EMAIL PROTECTED]
On Tue, 31 Oct 2000, Andrew Thomas wrote:
> Date: Tue, 31 Oct 2000 12:48:25 +0200
> From: Andrew Thomas <[EMAIL PROTECTED]>
> To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
> Subject: Slightly off topic - Value of SANS GIAC certification
>
> Hi,
>
> I'd really appreciate it if people were willing to share their experiences
> with the SANS GIAC certifications, as well as give their views of the value
> of these in the market.
>
> Replies to private email please.
>
> Take care,
> Andrew
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
=========================================================
Todd Underwood, [EMAIL PROTECTED]
criticaltv.com
news, analysis and criticism. about tv.
and other stuff.
=========================================================
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
