Re: CISSP



All,

I keep hearing and reading the same old obtuse and ridiculous
arguments regarding certifications. A while back I provided my opinion,
which I will share again.

2. Knowledge is one thing whilst experience is another. What peeves me
off is the body of so called professionals who believe they know everything.
I have seen all this before over the past 30 years. It is a combination of
knowledge, experience and diplomacy which succeeds in this industry.
Certification is necessary as is experience. Certification at least
indicates a certain level of capability, knowledge and education (or
training). Experience does not necessarily indicate continued education in
the field as information security changes on a daily basis. What I say to
all the so called "nay sayers" of certification is "get a life and get over
it".

3. Whilst I find it difficult to believe that an eleven year child can
attain the certificate, it is always possible. Any why not as there are
many well educated and smart children in India. One should get all the
facts first before one opens one's mouth.

4. Remember, CISSP is not an in-depth technical certification. If you
want to specialise, then carry out specialist certifications/exams (there
are numerous).


Regards
Michael

InfoSec Solutions Pty Ltd

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of dfullerton@xxxxxxxxxx
Sent: Tuesday, 5 December 2006 6:11 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Re: Re: CISSP

Then I wonder if this certification should really have this kind of
notoriety. Looks like it's not technical and if an 11 years old boy can
complete this cert ...it's not about security management experience either.

Anyone can give me some good reason to acquire CISSP while not being related
to money and the wannabe marketing-made notoriety?

Personally I done GCIH and GHTQ, the latest is harder and really related to
penetration testing. I would like some GOOD reason for someone in the
security field for a while and having others, more in deep, technical
certification to go on with CISSP.

Should we glorify such things? Tell me more about the exam, the topics are
quite general and may not be totally in line with the exam and the real
knowledge being certified.

Danny Fullerton
---------------
IT Security Specialist, GCIH GHTQ
http://www.mantor.org/~northox
Mantor Organization

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------