Re: Re: OSCP



I would take the two of them. As stated by others, they are two different certifications aimed at different objectives. The CISSP is more oriented to the general knowledge in the 10 domains covered; the OSCP is more a technical certification that, in my opinion, and base solely in what I read about it here and there, will give you an insight of the many techniches used by the network attackers nowadays.
I think that the CISSP certification is for someone that's aiming to be more in a management work, and the OSCP is for someone aiming to a technical job. That doesn't mean that an OSCP can't be a good manager, or that a CISSP can't be a good pentesters, it all depends in every person.
Personally, I have a CISSP certification, and I am very interested lately in the OSCP, making the C|EH aside for now after reading some info on the two of them. I have found the messages written by Mr. Oquendo about the OSCP very informative, but with all due respect, I am not agree with that the CISSP relies solely in what you memorize from a book. When you take the real CISSP exam, not the simulation tests available everywhere, you will find that some questions do rely in what's in the books, but many of them make you use your gray matter, because they are related to not only one domain in the CBK but in two, three... or all of them, and your experience in the field; that's why you have to have the required years of experience.
When I took the CISSP exam, I thought "this is going to be easy", but then, I used 5 hours and 50 minutes of the 6 hours allowed to complete it, and ended mentally exhausted.
All said, I wouldn't take a CISSP certified person so lightly.

My two cents.

Pablo Diez, CISSP.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------



Relevant Pages

  • Re: My Frustrations
    ... A customer being faked will not probably be reading this ... ourselves by requiring licensing. ... Security Trends Report from Cenzic ...
    (Pen-Test)
  • Re: My Frustrations
    ... A customer being faked will not probably be reading this ... ourselves by requiring licensing. ... Security Trends Report from Cenzic ...
    (Pen-Test)
  • Re: My Frustrations
    ... Not sure if that argument is sufficient to justify licensing but figured I'd at least clarify the distinction. ... does create a negative reputation for the profession as a whole. ... Security Trends Report from Cenzic ...
    (Pen-Test)
  • RE: My Frustrations
    ... profession too ... I don't think licensure is the answer. ... Security Trends Report from Cenzic ...
    (Pen-Test)
  • Re: reporting a web site breach
    ... details i.e. name, address, phone numbers, the credit card details are ... masked but just viewed source and the credit card details are cleartext ... Security Trends Report from Cenzic ...
    (Pen-Test)