You might want to double-check the requirements for a CISSP certification. Several years of experience were/are necessary. The "basic" requirements for qualifying to sit for the exam will change at the first of the year (from what I remember from the web site).

IMO...Obtain a basic, entry-level cert or two that covers networking basics before you tackle the more advanced certs. Network+ and INet+ (from CompTia) are excellent entry-level certs that demonstrate you have mastery of network basics (Network+) and have an understanding of the Internet core components (INet+). Hold off on the MCSE and CCNA and others until you get your feet wet in a particular industry. Why pay for these certs when you could get your employer to? Oh yeah...CompTia will offer a Security+ cert in 2003.