Welcome Guest! To enable all features please Login or Register.

Notification

Icon
Error

Information Security

Information security can mean protecting information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction. This goes beyond just computers and networks. Risks and threats can come from individuals, acts of nature, and new technology.

This topic affects everyone in the federal workforce - top to bottom. Thus, it is also the responsibility of everyone in the federal workforce to protect the information from threats.

Share your experience with securing information.

7 Pages<1234>»
Options
Go to last post Go to first unread
davidm68  
#21 Posted : Friday, July 8, 2011 7:34:21 AM(UTC)

Rank: Newbie

Groups: Registered
Joined: 7/7/2011(UTC)
Posts: 22

Definitely, and not just because you said that programming wasn't a strength.IMO, an all or mostly online degree is pretty worthless, especially in the technical fields. Sure, some people can become very proficient by self-learning(which is what online courses are for the most part). but it is rare.

I do not have any certifications yet, but in my experience, the cert doesn't mean they are competent. I have seen this observation prove true, even with some of the better certifications such as CISSP, but is especially true with the easier ones like A+ and SCJP.I would advise working on improving your programming skills and knowledge of how it interacts with hardware. Even though you can go through an entire security career without writing code, it will give you a deeper understanding of the security issues and make you more valuable. Any legitimate BS in CS will get you there.

davidm682011-07-10 21:04:05
R&#111;n WIls&#111;n  
#22 Posted : Saturday, July 9, 2011 10:19:32 AM(UTC)
pavers

Rank: Groupie

Groups: Registered
Joined: 3/6/2010(UTC)
Posts: 79

The degree mainly gets you your first job, and establish a certain modicum of respect from others.

Do you HAVE to have the degree to be successful?  No.  I know a GS-14 step 8 who does not have a degree, but does have 25 years of experience.  That said, it's easier to get where you want to go WITH the degree than it is to work your way up through blood, sweat, and tears without the degree.  
Given my first statement above though about it just getting you your first job, I'd say that as far as govt goes it doesn't matter if your BS is from an online school or from Columbia University.  It's what ***YOU**** bring to the table that will differentiate you as the years and decades roll by.




totj  
#23 Posted : Tuesday, July 12, 2011 1:36:20 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 12/29/2010(UTC)
Posts: 285

WGU is a crap school.

Get real people. If they are teaching CCENT and CCNA at the Masters level, your education program is a complete and utter joke.

truotsuko  
#24 Posted : Tuesday, July 12, 2011 4:53:49 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)

totj wrote:
WGU is a crap school.

Get real people. If they are teaching CCENT and CCNA at the Masters level, your education program is a complete and utter joke.

That is a very narrow view of the facts, I mean the Master’s program you referred to is sanctioned by the NSA and also includes certs like

·  EC-Council Disaster Recovery Professional Exam (312-76)

·  EC-Council Ethical Hacking and Countermeasures (EC0-350)

·  EC-Council Computer Hacking Forensic Investigator (EC0-349)

·  GIAC G2700 (Standards and Policies)

Also the 10 domains that are covered in CISSP, now I will give you that CCENT and CCNA are not Masters level certifications, but I would counter that the programs approach is not to make you a networking expert as much as it is to have you thinking of Security as a manager, I appreciate a manager who has knowledge of the basics as they do not need to be learning at the CCNP or CCIE level.

 My two cents, besides where else can you get a nationaly accredited Masters degree for less than $10,000 a year?

totj  
#25 Posted : Wednesday, July 13, 2011 1:35:27 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 12/29/2010(UTC)
Posts: 285


truotsuko wrote:

totj wrote:
WGU is a crap school.

Get real people. If they are teaching CCENT and CCNA at the Masters level, your education program is a complete and utter joke.

That is a very narrow view of the facts, I mean the Master’s program you referred to is sanctioned by the NSA and also includes certs like

·  EC-Council Disaster Recovery Professional Exam (312-76)

·  EC-Council Ethical Hacking and Countermeasures (EC0-350)

·  EC-Council Computer Hacking Forensic Investigator (EC0-349)

·  GIAC G2700 (Standards and Policies)

Also the 10 domains that are covered in CISSP, now I will give you that CCENT and CCNA are not Masters level certifications, but I would counter that the programs approach is not to make you a networking expert as much as it is to have you thinking of Security as a manager, I appreciate a manager who has knowledge of the basics as they do not need to be learning at the CCNP or CCIE level.

 My two cents, besides where else can you get a nationaly accredited Masters degree for less than $10,000 a year?



National Accreditation doesnt mean a thing. Regional Accreditations are what matter.\

Its not a narrow view of the facts. Its an accurate view of the facts. Bull***** Universities like that are whats diluting the value of education.
totj2011-07-13 09:40:52
hustonj  
#26 Posted : Wednesday, July 13, 2011 4:12:01 AM(UTC)
hustonj

Rank: Senior Member

Groups: Registered
Joined: 5/17/2011(UTC)
Posts: 2,270

Thanks: 8 times
Was thanked: 322 time(s) in 259 post(s)
totj wrote:
Bull***** Universities like that are whats diluting the value of education.
 
I disagree.
 
People who think that receiving a diploma is the only way to get an education are diluting "the value of an education" far more than opportunistic schools CAN.
 
After all, a diploma from such a school has only as much relevance as the marketplace (potential employers) give it.  Right?
 
The school is not and can not be responsible for the hiring process taking ANY piece of paper seriously.
totj  
#27 Posted : Wednesday, July 13, 2011 5:37:17 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 12/29/2010(UTC)
Posts: 285


Unfortunately thats not the way it works.

Schools are in fact held accountable for the quality of education that they provide.

This is why rules exist within government that allow schools to receive federal funding. Paraphrasing one of those rules - if the percentage of default on federal education loans from students who graduated from an institution receiving federal loan*****s a certain number, that school loses ability to receive federal funding because that school is not providing an education that allows its graduate to obtain employment gainful enough to repay loans incurred. Its protecting taxpayer burden of failed (or failing) programs.

The school must, and does, take responsibility for the quality of its education. Its federal funding and accreditation depends on it.

You are correct. Going to school is not the only way to get an education.

Unfortunately it is in fact the only way to receive a validated education.

A schools diploma has as much relevance as the school has relevance in whatever given industry. It has nothing to do with job availability. If your university is well known and respected for chemical engineering in that industry, your inability to gain employment doesnt devalue the institutions reputation nor speak to the quality of its program.

The job crisis now isnt degrading the value of MIT, Harvard, Michigan, UVA, etc. The bull***** for-profit universities with terribly low academic standards and rigor are devaluing what it means to have a degree.

For-profit schools have a much higher student loan default rate than anyone else.

totj2011-07-13 13:46:39
truotsuko  
#28 Posted : Wednesday, July 13, 2011 6:31:29 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)
Listen Totj, in order to be called nationally accredited the school has ALL regional accreditations, say what you will about the school but please research it before you do. At a Masters degree level especially on in Information Assurance you do not need to be a networking expert. I am not comparing the school to MIT or the likes; the university is a not for profit school it is a school designed for working professionals.
The school values certifications along with traditional courses, take it with a grain of salt if you like but it is a decent school and as I said the program (Information Assurance that is) is also accredited by the National Security Agency, all I am saying is for those who cannot afford MIT, or Harvard it is a good option.
Rich  
#29 Posted : Wednesday, July 13, 2011 11:06:55 AM(UTC)
Nizzle

Rank: Newbie

Groups: Registered
Joined: 1/21/2011(UTC)
Posts: 6


truotsuko wrote:
Listen Totj, in order to be called nationally accredited the school has ALL regional accreditations, say what you will about the school but please research it before you do. At a Masters degree level especially on in Information Assurance you do not need to be a networking expert. I am not comparing the school to MIT or the likes; the university is a not for profit school it is a school designed for working professionals.
The school values certifications along with traditional courses, take it with a grain of salt if you like but it is a decent school and as I said the program (Information Assurance that is) is also accredited by the National Security Agency, all I am saying is for those who cannot afford MIT, or Harvard it is a good option.

That's not true. Many for-profit schools established the national accreditation because they didn't qualify for regional accreditation. Other national accreditation associations were created for "non traditional" schools. A simple google can explain. http://lmgtfy.com/?q=national+accreditation+college
truotsuko  
#30 Posted : Wednesday, July 13, 2011 11:18:22 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)

That's not true. Many for-profit schools established the national accreditation because they didn't qualify for regional accreditation. Other national accreditation associations were created for "non traditional" schools. A simple google can explain. http://lmgtfy.com/?q=national+accreditation+college
 
OK I take that point but my larger point still stands WGU is both Nationally and Regionally accredited visit the links for verification http://www.wgu.edu/about_WGU/accreditation
lest you say that I am simply taking the schools word on it, here is one from Department of Education http://ope.ed.gov/accreditation/Index.aspx you will have to search for Western Governors University in Salt Lake City Utah.
Not in anyway trying to compare this to MIT or Harvard, that would be akin to saying that a bike can race the space shuttle; all I am saying to simply write something off prior to researching its merits or lack thereof is taking a very narrow view on things.
truotsuko  
#31 Posted : Wednesday, July 13, 2011 11:33:25 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)

Not to belabor the point but the particular degree I was referring to the Masters of Science in Information Security and Assurance is also accredited by the National Security Agency I do not want you to take my word on that either here is the link http://www.nsa.gov/ia/academic_outreach/iace_program/iace_certified_institutions.shtml#ut

I once again was addressing the comment by Totj that the Masters Degree program was a total joke...

 

totj  
#32 Posted : Wednesday, July 13, 2011 10:50:32 PM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 12/29/2010(UTC)
Posts: 285

truotsuko wrote:
Listen Totj, in order to be called nationally accredited the school has ALL regional accreditations,


Please stop posting. You have no clue what you are talking about. This isnt how it works, at all.
truotsuko  
#33 Posted : Wednesday, July 13, 2011 11:14:13 PM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)
That is fine as you are entitled to your opinion but not your own facts, I have given links to show the school is regionally accredited and also Nationally accredited even the specific program you are rallying against is accredited by the NSA. I do not know what more you can require at all, but this is only a forum and I am simply attempting to inform folks.
M700lefty  
#34 Posted : Thursday, July 14, 2011 2:16:29 AM(UTC)

Rank: Rookie

Groups: Registered
Joined: 6/28/2011(UTC)
Posts: 41

Ok...I am going to jump into the fray...

I completed all of my MS Information Technology courses from RIT...but never completed my thesis. So I have experience with online course. According to the chairperson of the graduate program at RIT both content of the class are the same in distance learning and in class room. Just a different delivery method.

For the person stating you can get a Masters degree by getting a certification, this may be so. But a TRUE masters program accrediated by their region or state WILL make you work harder than a certification study program. I mean...who the hell wants to write 3 term papers a week for 10 weeks...that is what I did. With a true graduate program you think "outside the box" and really do read,read,read, write,write,write.

I am not sure of the legitimacy of a Nationally Accreditated school but my understanding is the state and the region where it is accrediates the program. A Nationally Accreditation body cannot possibly "police" its school like a regional accreditation organization can...this I think the requirements may be minimal. Take note...I do not know this for a fact but that may be the case. I know of a school that lost its accrediation and the accrediating body revoked their accrediation until they got their program "up to par".

As far as NSA endorsing the IS or Security thing at WGU...that is just that...endorsing. Has nothing to do with the whole WGU thing. While I was at RIT...Kodiak endorsed/funded the Optical/Imaging graduate PHD program and because they funded partially or all of the program, they were allow to direct the program etc. This happens often in industry where a business funds and then directs/sets up a program to provide a steady pool of graduates that may want to work for the company or something like that.

The fact that NSA endorses this program at WGU is great...and it is just that NSA is in the IA/Security business and are only interested in that program.

Anyone who who has went to a true graduate school will/know that it takes much more work to get a true masters degree than studying for a CISSP or something. I almost laughed at the thought of getting a masters by becoming certified...this is truly a disgrace to many of those who worked their butts off for a masters degree the hard way.

Curious...OPM has a list of accrediation schools or DOE. I think I saw it somewhere. If you want to find out whether WGU is an accrediation school in good standing with the GOV...check whether DOE endorses WGU.

By the way...I have seen time and time...a person with 20 certification and very little work in the area of any certification is worth VERY little to an employer. Certification DOES not make a person's career...it is work experience. In fact....working on the appropriate field and studing for the certification si the best way. You all who hold 20 certs are impressive...but in my Federal contracting field...those who are well regarded and highly paid are those who have 2 or 3 certs and have ample experience.

Off the soap box now   
M700lefty  
#35 Posted : Friday, July 15, 2011 2:56:58 AM(UTC)

Rank: Rookie

Groups: Registered
Joined: 6/28/2011(UTC)
Posts: 41

Guys,


For what it is worth...I did check otu the list that NSA populates on their website. It appears legitimate in that they certify schools who offers IA training. Remember NSA is concerned with Security/IA...nothing else.

From the list of schools on NSA's website I see Penn State. Yeah...I had thought of going to PSU's Workd program to get my masters at one time. If you notice from the Homeland Security Professional Masters degree as listed on PSU's website...they provide masters degree but do not mention that a student will get their certifications through this masters degree.

Do your homework if you are wanting to get a masters degree and will be awared a vendor certificate...to me this is just that a run of the mill school making promises of getting a masters with a vendor certificate. It is possible that WGU is a good program...I am not physically in the program so cannot comment...however I have been in a Masters Program at RIT and I worked my azz off.

I never did check with DOE or DOD or OPM whether they endorse WGU for their education credentials but hey I am too lazy to do this. I however checked PSU since its been a while since I did and found them to make promises of a masters degree without stating you will "gain" a certification. Same with James Madison University...taking their masters program...guess what...for an IA curriculum...you will take alot of programming...Lord help those Certs get this masters program.
truotsuko  
#36 Posted : Saturday, July 16, 2011 9:28:46 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)
Well great that you at least checked out the NSA link, there is nothing easy about the program that WGU offers, I have never and will never try to compare the quality of its program to any other school as I do not know or cannot speak to that. But the only I originally stated and continue to state is, the program of IA is accredited by the NSA. The last poster said it is a crap school because at a Masters level they teach CCNA but CCNA is a good base for a Masters candidate in IA, you need not be CCIE at a Masters level, and that has always been my point.
truotsuko  
#37 Posted : Saturday, July 16, 2011 11:34:47 PM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)
http://www.nwccu.org/Dir...Alpha%20Cluster/w_z.html

That is WGU accrediting body, they are accredited in all four regions because they have an online curriculum, but The Northwest
Commission is considered WGU’s “home” accrediting body because the university’s
main offices are located in Utah, which falls under the review of the commission.
WGU still continues to be an institution with a broad focus and a mission to expand
access to higher education. The university serves students in all 50 states and
military installations abroad.

totj  
#38 Posted : Monday, July 18, 2011 2:21:51 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 12/29/2010(UTC)
Posts: 285

truotsuko wrote:
Well great that you at least checked out the NSA link, there is nothing easy about the program that WGU offers, I have never and will never try to compare the quality of its program to any other school as I do not know or cannot speak to that. But the only I originally stated and continue to state is, the program of IA is accredited by the NSA. The last poster said it is a crap school because at a Masters level they teach CCNA but CCNA is a good base for a Masters candidate in IA, you need not be CCIE at a Masters level, and that has always been my point.



Hi.

I have a CCNA, CCDA, Sec+, and am working on my CCNP. I also have a BS in IS from UNC, and am in a Masters in Telecommunications and Network Management at Syracuse University. I spent 3 years at Cisco as a network engineer. I have also worked for UNC, Lockheed Martin as a senior network analyst and task lead, as well as my job now as a project manager for the USAF.

People do CCENT and CCNA in their undergrad. In fact, at East Carolina University, their undergrad is composed of the CCNA and CCNP curriculums - this is common in most undergrad programs.

You say you need not be a CCIE at the masters level. Why not? Do you not understand what a Masters degree is, or is supposed to be? A Masters program is in fact adequate with a CCIE level of study, especially when CCNP is covered in the bachelors program.

If youre doing CCNA material at the Masters level Im going to laugh your degree program right into the trash can. I may not disqualify you as a candidate because you very well may have qualities Im looking for, but trying to substantiate a Masters degree program with a CCNA is laughable at best.

Schools like WGU dilute what it actually means to have a Masters degree, and lowers the standards and expectations while doing so.

And a CCNA really has little to do with IA - most of this is reinforcing best practice, risk management, system lifecycle, etc. Being accredited by the NSA doesnt mean a whole lot in terms of a Masters degree program, which is exactly what youre flaunting. Its the basis of lefty's post.

If youre simply looking for a technical credential to do IA or Security work then an NSA accredited/endorsed/supported program is certainly adequate.


truotsuko  
#39 Posted : Monday, July 18, 2011 3:49:12 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 7/6/2008(UTC)
Posts: 346

Thanks: 1 times
Was thanked: 7 time(s) in 5 post(s)






Normal
0




false
false
false

EN-US
X-NONE
X-NONE






































































































































































/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}


Now at least we are having an adult discussion, I am very
happy for you that you have done well for yourself you are extremely qualified
to hold a position as a network engineer. Let’s be candid though you would not
be heavily considered for a position in IA over someone who may only have his
CCNA (on the networking side) but also has a certification as  Disaster
Recovery Professional, Ethical Hacking, Computer Hacking Forensic Investigator,
and understands the Standards and policies that surround IT security practices.
I have been in IT for the better part of 15 years, and was once a CCNA; you are
right it is a very entry level certification for a network engineer, but right
now in my position as an Information Assurance Manager certs like CISSP, CISM, CISA, OSCP, CEH, to mention but a few are what are valued.

So my whole point is if there is a candidate for an IA position that has
security based certs (forensic investigator and the like), I will appreciate
the fact that he also has entry level certs that give him all that is required
to have a basic understanding of networking and the associated protocols. There
is absolutely no reason why a security guy would taut a CCNA or S+ certification unless he were junior and just entered the IA field.

You ask if I understand what a Master’s program is, no I do not yet have my
Masters and was considering the program offered by WGU not because I want to be
a network Engineer, but because I want to be a Security Manager and delve
deeper into the auditing side of IA, Forensic Investigator caught my eye as
well as covering of the 10 CISSP domains (got tired and got that on my own for
work). So please understand, I am not trying to belittle your
accomplishments, far from it, but to expect a Masters IA program to go as deep as
CCIE when it’s central focus should be purely on the security side is not
something that makes sense. You have to bear in mind that when it comes to IA,
we are not solely focused on the networking aspect, but software development,
disaster recover, business continuity planning, and server hardening (both
hardware and software). The NSA accreditation was for IA not networking, IA
covers all facets of communication those we think about and those that are
often overlooked, there will be simply too much data if an IA program delved as
deep as the CCIE level on all aspects of IA, now if it were solely a Network security engineer then hey you get no argument from me.



totj  
#40 Posted : Monday, July 18, 2011 7:00:31 AM(UTC)

Rank: Senior Member

Groups: Registered
Joined: 12/29/2010(UTC)
Posts: 285


truotsuko wrote:






Normal
0




false
false
false

EN-US
X-NONE
X-NONE






































































































































































/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:10.0pt;
mso-para-margin-left:0in;
line-height:115%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:"Times New Roman";
mso-bidi-theme-font:minor-bidi;}


Now at least we are having an adult discussion, I am very
happy for you that you have done well for yourself you are extremely qualified
to hold a position as a network engineer. Let’s be candid though you would not
be heavily considered for a position in IA over someone who may only have his
CCNA (on the networking side) but also has a certification as  Disaster
Recovery Professional, Ethical Hacking, Computer Hacking Forensic Investigator,
and understands the Standards and policies that surround IT security practices.
I have been in IT for the better part of 15 years, and was once a CCNA; you are
right it is a very entry level certification for a network engineer, but right
now in my position as an Information Assurance Manager certs like CISSP, CISM, CISA, OSCP, CEH, to mention but a few are what are valued.

So my whole point is if there is a candidate for an IA position that has
security based certs (forensic investigator and the like), I will appreciate
the fact that he also has entry level certs that give him all that is required
to have a basic understanding of networking and the associated protocols. There
is absolutely no reason why a security guy would taut a CCNA or S+ certification unless he were junior and just entered the IA field.

You ask if I understand what a Master’s program is, no I do not yet have my
Masters and was considering the program offered by WGU not because I want to be
a network Engineer, but because I want to be a Security Manager and delve
deeper into the auditing side of IA, Forensic Investigator caught my eye as
well as covering of the 10 CISSP domains (got tired and got that on my own for
work). So please understand, I am not trying to belittle your
accomplishments, far from it, but to expect a Masters IA program to go as deep as
CCIE when it’s central focus should be purely on the security side is not
something that makes sense. You have to bear in mind that when it comes to IA,
we are not solely focused on the networking aspect, but software development,
disaster recover, business continuity planning, and server hardening (both
hardware and software). The NSA accreditation was for IA not networking, IA
covers all facets of communication those we think about and those that are
often overlooked, there will be simply too much data if an IA program delved as
deep as the CCIE level on all aspects of IA, now if it were solely a Network security engineer then hey you get no argument from me.





Hi again.

I also happen to be the Base Alternate Information Assurance Manager and Base Alternate Emissions Security Manager. I can also transition to the CISSP at any time I so choose. Me not actually having the certification doesnt mean I dont know the content, or havent worked with the content therein. At one time I was studying for my CCIE Service Provider, but I decided to forgo that and finish my bachelors degree instead. 

Your whole certification and degree predisposition is batting 0 for 2 today. Dont make too many assumptions here.

CISSP is a general catch-all. A CEH isnt going to much for you within IA either. CEH's are reserved for security engineers and is only associated with IA by virtue of being in the "security" umbrella. Dont take the DOD 8570 as the ultimate guide to what certs align with specific security roles. The 8570 is quite ambiguous.

CEH's also align with OSCP's in the network defense/cyber warfare arena which has next to nothing to do with information assurance.

The CISM is the only real relevant certification to being an IA Manager aside from the generic security+ and possibly CISSP.

Most of IA simply comprises getting systems compliant and standardized on a baseline vetted security postures and implementing policies and controls which keep them there once mitigations are discovered. They implement and audit such information systems for baseline compliance and consistency. They review the policies written by the CISSP's that ultimately establish the IA framework, and review this in a regular system development lifecycle to constantly refine and implement further controls on a needed basis. 

If you want to know what a real masters degree in information security is, take a look at Carnegie Mellon or Syracuse University. Carnegie Mellon has the best program in the country.

I think I know a little about IA, and I too have been in this game for quite some time.
Rss Feed  Atom Feed
Users browsing this topic
Guest
7 Pages<1234>»
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.

Powered by YAF 2.1.1 | YAF © 2003-2021, Yet Another Forum.NET
This page was generated in 1.094 seconds.