Disclaimer: I am a college professor, teaching networking and security so I have some biases, but not what you might think.
I strongly suggest that you not let the lure of "practical experience" tempt you to go that route *instead of* academic training. However, you are absolutely right to try to *supplement* your academic training. As an educator and a sometime practitioner, I know that it is extraordinarily difficult to stay current oneself, much less sufficiently current to train others. This is not intended as a slight to your teachers; it is just a fact that class prepration, grading, drumming up research funding, chasing tenure, etc. get in the way. So while you shouldn't bail from academia at all (it teaches valuable skills), you will really differentiate yourself by studying for additional certifications, searching for ways to get practical experience (work for free if you have to; just keep your grades up). I am continually appalled at the percentage of my students who use Windows as their almost-only operating system. (Windows is a very fine, and pretty darned secure OS these days, and you better know it as a sysadmin, but some days a nancy boy has to man up, if ya know what I mean!). My best students use multiple OSs interchangeably. One of my best ones somehow got addicted to building his own *nix kernel, bless his heart, and only used Windows for staying in touch with the other half. Guess who had the internship at the National Salvation Army this summer? (At least that's what he said the three letter agency was.) Do what you love. Find people that love it too, and hang out with them. You're going a long way being on this list; I recommend the podcast to my students all the time (though not through official channels; there are some "not safe for class" things occasionally). Ask questions; people love to help. If you get out of college with a degree, plus a cert or two, and some real live practical experience, you will have given yourself a real advantage. SANS classes are a great way to addict yourself too - if there is a conference in your area there are ways to do it on the cheap Good luck! Ray On Sep 24, 2010, at 11:36 PM, Brandon McGinty wrote: > List, > I am currently a sophomore in college. > I have been studying firewalls, Intrusion Detection Systems (IDS), > systems hardening, Cisco security (though I do not yet have equipment to > test this), and general network, server, and workstation security. > I am wondering what your collective thoughts are, in regards to > university experience, verses practical experience in the security field. > While university courses certainly give one a more broad understanding > of the world, there is a good deal of preparation before one can take > any security classes. > I'm wondering if there are other possibilities that would help me gain > employment, or at least a foot in the door. > I am in a position where it would be possible to study, and become > certified in several of the current programs, Security+, > CISA, GIAC, and CISSP, to name a few. > I have also considered trying to find some security professionals to act > as mentors, but I am not sure where to start, or if that would be > beneficial. > What are your thoughts? > > Thanks, > Brandon McGinty > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com -- G W Ray Davidson, PhD CISSP, CEH, GSLC, GSEC, GCFW, GCFA, GCIH, GCIA http://www.linkedin.com/in/raydavidson : [email protected] AOL: gwraydavidson3 Twitter: RayDavidson PGP Key ID 0xD3528EF5 http://www.sans.org/info/30893
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
