Re: CISSP



I think it's a worthwhile qualification to have if only from the point of view of structured learning. Unless you've already done a CS or equivalent degree, it's unlikely that you'll have covered some of the architectural or formal methodologies, practices, standards etc that you must know to take the CISSP exam. On-the-job learning is an excellent (I'm biased) way to learn all things security but you only tend to learn the technologies etc around the environments you're working with.

I found the learning process, while covering some out-of-date material that I'm unlikely to use in future, did cover some additional areas which I've since applied to projects to my / my employer's benefit.

So; in summary, I would recommend it if you're looking for a broader certification/career path/etc focusing on security. The breadth (not really the depth) of the body of knowledge has provided me with a way to cement together everything I've learned through working on or personal research. YMMV :)


--
Nick Besant (lists@xxxxxx)



dfullerton@xxxxxxxxxx wrote:
Then I wonder if this certification should really have this kind of notoriety. Looks like it's not technical and if an 11 years old boy can complete this cert ...it's not about security management experience either.

Anyone can give me some good reason to acquire CISSP while not being related to money and the wannabe marketing-made notoriety?

Personally I done GCIH and GHTQ, the latest is harder and really related to penetration testing. I would like some GOOD reason for someone in the security field for a while and having others, more in deep, technical certification to go on with CISSP.

Should we glorify such things? Tell me more about the exam, the topics are quite general and may not be totally in line with the exam and the real knowledge being certified.

Danny Fullerton
---------------
IT Security Specialist, GCIH GHTQ
http://www.mantor.org/~northox
Mantor Organization

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



Relevant Pages

  • RE: Informing Companies about security vulnerabilities...
    ... websites for the purpose of learning about security vulnerabilities? ... Cenzic Hailstorm finds vulnerabilities fast. ...
    (Pen-Test)
  • Re: Aaron Slomans "The Irrelevance of Turing Machines to AI" article
    ... >> of that (and of course other machine learning algorithms at idsia.ch) ... >needed to use to write the exam successfully. ... Journal of Experimental Psychology General; ... regardless of their intensions, does not affect the truth value (truth ...
    (sci.cognitive)
  • Re: For Nother & Others
    ... included countless schools - Bell Labs ran a long term experiment. ... yet most expensive learning tools. ... Exam of the day. ... These two data points otta tell us something about what our schools should ...
    (rec.outdoors.rv-travel)
  • RE: death of the security community
    ... More and more and more people are learning about security. ... customizations including Emergency Management, Business Continuity Planning, ... Computer Emergency Response Teams, and Digital Investigations. ...
    (Security-Basics)
  • Re: IDS vs Application Proxy Firewal
    ... /blacklisting from the point of view of whom, the vendor of the security ... In the case of anomaly detection systems, from the point of view of the ... activity is not present for whatever learning time frame you want. ...
    (Focus-IDS)