Which InfoSec Certs are fluff?

Friends,

I have been in the business of IT Education for more than 10 years but require the feedback from professionals like you!

Do any of you feel that the certification you have recently completed was all "theory" and no "applied knowledge"? Do you feel any of the Certs are all "marketing" and will provide no "real-world" value and if so, which one(s)?

And inversely, which Certs do you feel provide the greatest "real-world" value?

I would especially like to hear from the pro's that may hold certifications such as CISSP or C/EH for example?

Best, Brad

Find more posts tagged with

Comments

LarryDaMan

I get the feeling we are being used for a survey.

Do we atleast get a prize?

Can you pretend to be our friend for a few days first?

I feel used.

Paul Boz

All of the people I know with the CISSP claim it has helped their career immensely. I think that is because ISC2 goes through such a lengthy verification process to ensure that people who hold the CISSP are knowledgeable and experienced security engineers. As far as I know, no other security certifications offer that level of guarantee.

The cisco security offerings are also very well reputed but they're extremely specific to Cisco so unless you work in implementation with cisco devices your time is probably better pent elsewhere.

ITEducationPro

Paul,

Thanks for your feedback.

The reason for my inquiry was because I recently have shared quite a few conversations from pros looking to "bridge the gap" on the theoretical with a greater focus on the applied knowledge. Coincidentally, many hold the certifications you are speaking of.

Thanks again! Brad

shednik

Paul Boz wrote:

All of the people I know with the CISSP claim it has helped their career immensely. I think that is because ISC2 goes through such a lengthy verification process to ensure that people who hold the CISSP are knowledgeable and experienced security engineers. As far as I know, no other security certifications offer that level of guarantee.

The cisco security offerings are also very well reputed but they're extremely specific to Cisco so unless you work in implementation with cisco devices your time is probably better pent elsewhere.

In addition to Paul's comments I'd like to add one more certification the GSE from SANS which makes you go through a quite intense hands on lab exam for the cert...

http://www.giac.org/certifications/gse.php

dynamik

shednik wrote:

Paul Boz wrote:

All of the people I know with the CISSP claim it has helped their career immensely. I think that is because ISC2 goes through such a lengthy verification process to ensure that people who hold the CISSP are knowledgeable and experienced security engineers. As far as I know, no other security certifications offer that level of guarantee.

The cisco security offerings are also very well reputed but they're extremely specific to Cisco so unless you work in implementation with cisco devices your time is probably better pent elsewhere.

In addition to Paul's comments I'd like to add one more certification the GSE from SANS which makes you go through a quite intense hands on lab exam for the cert...

http://www.giac.org/certifications/gse.php

Oh yea, for sure!

Regarding the OP, I kind of think the EC Council certs are more fun than anything. Not that I'm not going to go for them or anything

susanj

shednik wrote:

Paul Boz wrote:

All of the people I know with the CISSP claim it has helped their career immensely. I think that is because ISC2 goes through such a lengthy verification process to ensure that people who hold the CISSP are knowledgeable and experienced security engineers. As far as I know, no other security certifications offer that level of guarantee.

The cisco security offerings are also very well reputed but they're extremely specific to Cisco so unless you work in implementation with cisco devices your time is probably better pent elsewhere.

In addition to Paul's comments I'd like to add one more certification the GSE from SANS which makes you go through a quite intense hands on lab exam for the cert...

http://www.giac.org/certifications/gse.php

I passed ISMCP at http://www.infinidox.com but you have to propose a proctor and they will verify your proctor references. There is no mandatory experience required but the exam itself is difficult enough.

lacto17

Hi
Can you please explain in deatail about INFINIDOX Certifications ? Like How critical the questions were ? Are there any simulation kond of questions ? Any other views..

Thanks & Regards
Karthik.

GAngel

CISSP.
But its good for your resume. Very well marketed fluff i suppose. CEH was a waste of time for me as well but so were a dozen other certs I hold. The only staff I hire based on certs are cisco related and a few giac certs. Those are the only ones i trust to show the candidate actually has exactly what i'm looking for.