Friday, May 04, 2007


It is pretty enjoyable when reading the articles that written by Don Parker. I just came across this article that written by him lately and I think people who want to be network security analyst should read it.

Don has pointed that passing the exam and writing practical paper by doing the real work are two things, that's definitely true as exam itself won't actually test the full set of skills that required to be efficient network security analyst. I have met a lot of people who getting a lot of certifications for the sake of employment and better pay. They forget the real meat to live in security industry should be the passionate, curiosity and continuously pursue the necessary knowledge. Remember security evolves over time.

I myself don't hold any GIAC certification thus I really have not much comments on that, what I would like to emphasize here should be the knowledge that must be acquired by network security analyst instead. To be a decent network security analyst(I still learn to be one), you must understand network protocols very well especially those widely used such as tcp, udp, icmp and such. Other than that, you must arm with at least one or two scripting languages to simplify your tasks as well as dealing with tricky incidents. Understanding the technologies such as firewall, intrusion detection/prevention system are important too but you may notice that if you don't have strong networking knowledge, you will have hard time understanding those technologies.

I won't be discussing further about all the necessary knowledges that are needed to be network security analyst, those will be written in my book in network security analyst: roadmap section so hopefully my knowledge sharing would help those wannabe.

So what you speak? I guess I speak hex most of the time.

Enjoy ;]

No comments: