Re: [Full-disclosure] Hacking Boot camps!: certifications
From: Marco Ermini (markoer_at_markoer.org)
Date: 11/25/05
- Previous message: Thierry Carrez: "[Full-disclosure] [ GLSA 200511-21 ] Macromedia Flash Player: Remote arbitrary code execution"
- In reply to: InfoSecBOFH: "Re: [Full-disclosure] Hacking Boot camps!: certifications"
- Next in thread: Exibar: "RE: [inbox] RE: [Full-disclosure] Hacking Boot camps!: certifications"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Nov 2005 13:15:42 +0100 To: InfoSecBOFH <infosecbofh@gmail.com>
The instructor in my CISSP CBK review camp - very useful and
informative, FOR MY MILEAGE; it was from The Training Camp in UK -
said that they introduced the limit of having some years of experience
in obtaining the CISSP, after a 12 y.o. passed the exam - he was the
son of a software programmer somewhat knowledgeable about security...
And I have to add: guys from USA, which are addicted into
one-out-of-four multiple choice exams because, for instance, they also
did that at school, driver license exams, etc. have a great advantage
over European-style educated persons like me, which for instance
rarely did University exams on paper: in the 90% of the University
exams, we are questioned "live" by the professor and we have to
demonstrate real knowledgeably of the argument through arguing and
speaking - we can't simply guess the multiple choices... this has
actually a drawback on this kind of tests: we may know a topic,
extensively talk about it, have real working experience on it, but
being not very good in doing multiple choice exams - while someone who
has more practice on this kind of exam could overcome our results even
if he/she knows HALF about the topic than me - I feel this unfair
(anyway, I passed the exam ;-)).
Back on the employers and DICE search... I don't think you can simply
compare different certifications in this way... they are very
different, and so employer requirements... and who knows, maybe the
116 GIAC positions are way better than the 677 CISSP positions... just
look at how many employers look at a simple and stupid CCNA
certification... you are not going to become rich because there are
10,000 open positions for CCNA certificated - they are simple "SHOW
LOG" guys :-) - or MCSE or MCSD Visual Basic developer..., etc.
Cheers
On 11/24/05, InfoSecBOFH <infosecbofh@gmail.com> wrote:
> But my dear friends... one can lie and still get his CISSP. I know of
> at least 3 different people who are NEW to infosec but faked some
> experience for their CISSP. Hell, I lied on my application and got my
> CISSP yet I still ./ my way around the interweb.
[...]
-- Marco Ermini Dubium sapientiae initium. (Descartes) root@human # mount -t life -o ro /dev/dna /genetic/research (This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original.) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: Thierry Carrez: "[Full-disclosure] [ GLSA 200511-21 ] Macromedia Flash Player: Remote arbitrary code execution"
- In reply to: InfoSecBOFH: "Re: [Full-disclosure] Hacking Boot camps!: certifications"
- Next in thread: Exibar: "RE: [inbox] RE: [Full-disclosure] Hacking Boot camps!: certifications"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
