Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [CISSP-D] Security Clearence

from [Kevin Stevens] Network Security [Permanent Link]
Subject: Re: [CISSP-D] Security Clearence
Date: Thu, 10 Feb 2005 11:38:10 -0800 (PST) 




On Wed, 9 Feb 2005, itpro_pa wrote:


I see this forum talk a lot about the well treasured (as they should be)
certifications. Having a decade of experience in the field of IT, but as
a newbie to this sector, I was wondering about the added factor of a
security clearance and the marketability of the credentials. Can ANYONE
in this forum tell of their experience or the path one might take in
getting even the most minimal clearance possible? I am currently
scheduled to sit for the CISSP on March 12th in Baltimore. I am really
interested in gaining security clearance but heard (and read) it is
quite costly unless you have a corporate sponsor. Is this true? Can one
gain a minimal security clearance on his own?


AFAIK there is no such thing as a "personal" clearance.  This comes
straight from the need-to-know/least privilege philosophy.  Generally the
subcontractor company or goverment agency directly, as the data owner,
determines the level of clearance you need to perform your job, and
sponsors your application for it.  The clearance only exists for the time
you require that access -  you don't take it with you when you change
employers or even contracts.

All you can have/demonstrate as an individual is that you are *capable* of
being approved for a certain clearance.  For example, I have a "secret"
level clearance sponsored by my employer for my current work on a DoD
contract.  If I'm applying for a job with a different company, I can
demonstrate that I'm currently capable of being issued a secret clearance,
and that may be an important factor in whether they hire me or not.  But
my current clearance wouldn't go with me; the hiring company would have to
sponsor a new one for me based on my new job requirements.  When you see
in a job ad "must have x clearance", that's really shorthand for the
above.

I'm sure there are exceptions, but I'd imagine they'd fall into the
category where the individual is also the data owner or is
self-incorporated as a subcontracting company, something like that.

Hope this helps!

KeS






 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [CISSP-D] Security Clearence, itpro_pa
Next by Date:  [CISSP-D] Perhaps of interest to those in the DC Metro area, Bill Quire
Previous by Thread:  [CISSP-D] Security Clearence, itpro_pa
Next by Thread:  Re: [CISSP-D] Security Clearence, Don Goldstein
Indexes:  [Date] [Thread] [Top] [All Lists]