From: claudel (claudel_at_bolt.sonic.net)
Date: Thu, 18 Aug 2005 16:31:28 GMT
In article <email@example.com>,
>> In article <firstname.lastname@example.org>, email@example.com says...
>> > OTOH, if you do *not* have the professional exposure and feel the need
>> > to attend a "boot camp" or cram course of some sort than it can be
>> > quite expensive. In this case you also may not have the practical
>> > experience to maximize the benefit of the certification...
>Yeah I know what you mean. for me its half about doing something to
>motivate me to learn about other stuff (crypto, protocols, pki etc are
>all my daily bread but stuff in some of the other domains doesn't
>really fall into my remit) and partly to shore up my cv. I'm really
>not sure it matters that much if you really have the experience - that
>said I have seen it cited as a requirement for some jobs.
>I guess I would rather learn it myself than attend courses..
The CISSP is fairly broad and general. I was in a similar situation
where about 3/4 of the material was stuff I had daily exposure to,
but several of the domains were completely out of my orbit.
I was a bit shocked when I started on my first review before
the exam by how much I actually *did* know. It probably would be
more difficult for somebody without a technical background to
absorb some of the material in the more technically oriented domains
than it is to learn the formalities of some of the business oriented
stuff in the non-technical domains. That, for me, was mostly a matter
of learning the enough of the language and the terminology that applies
to what is mostly common-sense processes to understand the exam questions.