A cert does not equal experience.
I have been security testing for 4-5 years for proper ethical security companies and met a number of people with these so called "degrees" and "courses" under their belt. It becomes apparent very quickly that in fact they have no idea and believe its a tools paradise when it is not.
This kid however is aware that he has no experience and instead of applying to Brum uni for IT work should be applying to pen-test companies to build experience.
Crest and Check is the way forward.
A company should be employing a security company with experience.
M @ MRS Sec