More changes to the WGU MSISA program?
colemic
EC Council #1 fanMember Posts: 1,568 ■■■■■■■□□□
Had a (previous) coworker who is also in the MSISA program say that new changes will be in effect tomorrow... from his email:
'EWB moves to having to take before program so doesn't show up on the full thing.
Drops 2nd CCNA course (2 credits). Drops the EC-Council DR course (3 credits), but adds a Risk Management (2) course...so performance assessment instead of objective. Total is now 32 credits (33 including the EWB) instead of 36.'
He sent me the new MSISA course overview PDF which confirms the changes (but is not on the site yet.) Has anyone else heard anything about this, or am I just not in the kool club?
Edit - now the updated pdf shows up for me. I seem to be a bit behind today.
'EWB moves to having to take before program so doesn't show up on the full thing.
Drops 2nd CCNA course (2 credits). Drops the EC-Council DR course (3 credits), but adds a Risk Management (2) course...so performance assessment instead of objective. Total is now 32 credits (33 including the EWB) instead of 36.'
He sent me the new MSISA course overview PDF which confirms the changes (but is not on the site yet.) Has anyone else heard anything about this, or am I just not in the kool club?
Edit - now the updated pdf shows up for me. I seem to be a bit behind today.
Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
Comments
Yes, from the complaints, many students feel that they're being tested against a chance they'll forget about some obscure tool on test day, and there are even some reports of questions being blatantly broken, as one guy said, if 3/50 questions are broken, you're already down 6 points, so you're 1/5 the way to failing already ... it seems kind of bogus, actually. Why not ask sound questions about the material? If you want me to think about it, require an essay. I'm studying for C|EH right now, and it does not feel difficult in the least. It just feels like I'll be memorizing a lot of material that is beyond scope of knowing "how it works" or "what it means". Of course, anything in the callouts that mentions "you better remember this" then of course I make notes for those things, but it does feel kind of bogus
Of course, I'm not going to take it lightly, though.
There was a post on the DR test, and one student read what looked to be about 1,500 pages, plus studying everything she could find. She passed, though, and it only took three weeks, so you can't knock what works
LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
In progress: CLEP US GOV,
Next up: MATH 211, ECON 352, ICS 340
WGU MS IT Management: done ... double woot :cheers:
Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
In progress: CLEP US GOV,
Next up: MATH 211, ECON 352, ICS 340
I would prefer more labs than certs to be honest. Actual labs using the software where you have to prove you can use it.
I just checked again and my degree plan is not updated yet.
I'm told you have to request to be enrolled in the new program, and only at the last month of your term.
I noticed the change two weeks ago and talked to my mentor about it, but alas I'm nearly done with the MS IA degree so I decided to just grind it out.
my question to all of you is what certs/classes whould you want in this degree
personally id love to see it like this
C|eh - its a fair foundation and explanation of the tools
ITIL - most of the work in this field needs alot of documentation and project management
Linux+ - most all the pen testing/hacking tools are in linux not windows so linux+ would give you a fair foundation in linux
oscp - a real lab test environment for all the things one should learn with this degree
CASP - for the other end after oscp it covers alot of the Biz end of things
some could be swapped out for giac and a few papers/programs tossed in one on shell scripting could work as well
WGU MS IT Management: done ... double woot :cheers:
I would definitely, positively add a project management course, if not several. I would like to see the CAP incorporated as well, to show a true proficiency in knowledge of federal regulations, to understand the process of accreditation and the NIST guidelines.
Furbie I understand your position on wanting technical certs, but I want the MSISA to be more of a policy/framework/project management/CTO perspective, since I plan to utiilize my degree to obtain a position similar to that, versus a Master's degree in the technical aspects of security.
if they make cissp or any of the tests that have to be taken at a vendor spec. site then wgu would have to cover travel costs and test cost which would make the degree cost more.
i would like to see a prep class for cissp but no the cissp being the test at the end for it
WGU MS IT Management: done ... double woot :cheers:
Although I could see the benefit of a prep course, but then what gets dropped to make room? And would current CISSP holders be exempt from that course?
You need 5 years of experience to become a full CISSP, but there is nothing wrong with being an associate for a while if you don't have the required experience. If you are in a master's program for information security, I think it's a relatively safe bet that you have some experience in the field.
Good point, but you would still have to pay maintenance fees. I am guess there are quite a few people that would go into a Master's in Security to get into the field though. I am guessing it won't be long and there will be no certs in the Master's program. Similar to their upcoming Master's in Networking that will have no certs either.
I don't mind certs in the program, I just want them to be appropriate for a master's program. I don't feel that CCNA is, and especially the Network+ that was required before. I would rather the focus be on a C-level since that is absolutely where I want to be in a few years, and I want to leverage that in a few years.
However I have issues with the CEH, CHFI and EDRP, all from EC-Council. They're nitty picky for and too time consuming. I'm forced to study and memorize tons of stuffs just to pass them, but in my day to day job as an IT Manager I don't use most those (outdated) tools.
OTOH the GIAC course FYV2 (Security Policies and Standards - Compliance and Certification) and ISO-27001/27002 materials are hidden gems. Slow going at first, but the materials have really grown on me and are useful at work.
I personally would like to see the PMP exam on WGU MS ISA program --- I know the PMI requires of experience and whatnot, but the degree + PMP is quite a potent combo.
Overall, though, I see C|EH as a poor choice. It doesn't seem to teach or prove real skill or knowledge, and it doesn't see altogether that highly regarded by security professionals, technical or managerial.
Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
In progress: CLEP US GOV,
Next up: MATH 211, ECON 352, ICS 340
I got the CISSP two years before enrolling in the MS ISA program, so I can say that the exposure and experience helped me move quickly through the performance assessment courses, but in no way that I would recommend the school giving people credits based on this certification alone. I did not have to write any paper to earn the cert but thru the school I have written over 200 pages + numerous PPTs this term. The papers forced me to think very hard about the whole mile-wide-inch-deep nature of the beast. Now if someone looked down on the my CISSP, I'd give them my stack of papers and tell them have a good read!
It's the nature of the beast...a business oriented degree could be MBA or MS IT, and a more technical one could be MS Computer Science. So I wouldn't try to get the MS ISA and expect it to mirror any one of those other degrees. Thoughts?
I have no problem with WGU degrees, even the Master's, revolving around certifications. I do have a problem if those certifications are more about the use of specific tools than about fundamental understanding. For example, while the MCTS and MCITP certifications do involve a certain amount of MS-specific GUI knowledge and syntax knowledge, but the largely focus on a strong understanding of how the operating system and its features work. C|EH is simply a measurement of how well you remember [x] switch for [y] command to test [z]. GIAC certs measure actual understanding of technology, as do Cisco, MS, and Comptia. CISSP, along with some GIAC certs, measure more of a theoretical, managerial, high-level understanding. Either way, both groups are valuable, depending on ones' goals. C|EH isn't valuable outside of very specific job roles.
Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
In progress: CLEP US GOV,
Next up: MATH 211, ECON 352, ICS 340
To me, part of securing information requires having a knowledge of how things get from one point to another, and how it's vulnerable in its various transition states.
Now, with regards to the program, it is still in its infancy, and overall, the curriculum is very strong. I remember going through "series" of classes that had issues for my bachelor's, and I just took it because it meant a degree at the end.
Now, would it be nice if there was a way to get in a few electives? Yes, indeed, it would be. However, we don't have that available to us yet. Still, we can advocate for those who come after us. Having multiple paths will help.
I find it a bit odd that the Master's in Networking wouldn't have a single cert in it. I rather dislike these Performance Assessments as it is! They're not easy, and in my case, it takes me more time to write three or four papers (each often 15-20 pages even though the instructions say 7-8 is enough) for a single class, than it does to study for and pass a single test.
Obviously, I need to work on my writing more, as I'm addicted to runon sentences; that is, I don't know how to quit when I'm ahead, and just keep piling more and more on.
Hah, did it again.
Have a nice day!
LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
I think what you're referring to is an institution's growing pain. It has to find and serve a particular niche while still teaching those interested a broad and comprehensive curriculum. WGU is young by any academic standard, so while I'm disheartened at having to memorize a gazillion+1 hacking tools and their syntax under my program requirements at the moment, at least the program developers are evolving it ... that's likely the key to its success now and in the future. Other MS ISA programs are more rigid, partly out of the size and partly out of adherence (or laziness) to the "Godfather" NSA CAE. I cannot imagine many schools would dramatically change their curriculum and lose the coveted CAE status if that's what they use to market their programs.
Traditionally graduate degrees have either a thesis or capstone. I don't think the CISSP/CISM cut it, mostly because neither is academic by nature, also too broad and shallow. By the end of a graduate program, one is supposed to demonstrate some sort of subject mastery, and traditionally people are required to do a thesis or capstone to demonstrate either real world or theoretical application of given knowledge. The certs fail that requirement, and because they are not/cannot be granted life-time status (another marker of academic degrees), they have no place in the final stage of an academic degree.
That said, I have no problem with mapping a graduate degree to the CISSP. It's quite useful to earn a graduate degree based on real world best practices and applications. MS ISA is not a pursuit of knowledge just for the sake of doing so, but a degree created out of urgent necessity and demand for the information age. If the Neanderthal had an equivalent degree the, it'd be called MS RSA (Master of Science, Rock Security Assurance) hhahahaa.
I would be ok with giving credit for something like intro to network security, or a similar course. And I would love for them to develop a technical and managerial track.
Id like it Sec + was put in there, though.
MS Information Security and Assurance 2013 WGU
Please let us know how you like the JIT2 Risk Management course. IMHO RM is one of the most difficult concepts because it's too much like gibberish floating on wet sand.