Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Re: CISSP

from [Clement Dupuis] Network Security [Permanent Link]
Subject: RE: Re: CISSP
Date: Tue, 5 Dec 2006 18:09:38 -0500 
http://www.securityfocus.com/news/301  

This topic was discussed at great length on the official CISSP forum as
well.

Now back to the serious stuff...

Clement


-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Bruno Cesar Moreira de Souza
Sent: Tuesday, December 05, 2006 5:53 AM
To: pen-test@securityfocus.com
Subject: Re: Re: CISSP

What source says that a 11 years old boy got CISSP? I
think this is only a rumour.

<https://www.isc2.org/cgi-bin/content.cgi?category=1187>:
"Applicants must have a minimum of four years of
direct full-time security professional work experience
in one or more of the ten domains of the (ISC)² CISSP®
CBK®. "

The CISSP is not a proof that you are specialist in a
specific security field (for example, penetration
test), but can demonstrate that you have the broad
expected knowledge for a information security
professional in all the 10 information security
domains: Access Control - Application Security -
Business Continuity and Disaster Recovery Planning -
Criptography - Information Security and Risk
Management - Legal, Regulations, Compliance and
Investigations - Operations Security - Physical
(Enviromental) Security - Security Architecture and
Design - Telecomunications and Network Security.

For demonstrate expertise in a specific field, I
agree, you have to look for another certification. I
believe that the certifications offered by SANS are
very good. 

But, ISC2 also offer another certifications for
demonstrate deeper knowledge in specific domains:

"For experienced information security professionals
with an (ISC)² credential in good standing, (ISC)²
Concentrations demonstrate their acquired rigorous
knowledge of select CBK® domains. Passing a
concentration examination demonstrates proven
capabilities and subject-matter expertise beyond that
required for the CISSP or SSCP credentials. 

CISSP Concentrations
Current Concentrations for CISSPs include the: 

ISSAP®, Concentration in Architecture  

ISSEP®, Concentration in Engineering  

ISSMP®, Concentration in Management  
"
(https://www.isc2.org/cgi-bin/content.cgi?category=99)

You have to be a CISSP, before trying get one of
these.


Best Regards,

Bruno Cesar M. de Souza


--- dfullerton@mantor.org escreveu:


Then I wonder if this certification should really
have this kind of notoriety. Looks like it's not
technical and if an 11 years old boy can complete
this cert ...it's not about security management
experience either.

Anyone can give me some good reason to acquire CISSP
while not being related to money and the wannabe
marketing-made notoriety?

Personally I done GCIH and GHTQ, the latest is
harder and really related to penetration testing. I
would like some GOOD reason for someone in the
security field for a while and having others, more
in deep, technical certification to go on with
CISSP.

Should we glorify such things? Tell me more about
the exam, the topics are quite general and may not
be totally in line with the exam and the real
knowledge being certified.

Danny Fullerton
---------------
IT Security Specialist, GCIH GHTQ
http://www.mantor.org/~northox
Mantor Organization



------------------------------------------------------------------------

This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download
Hailstorm for FREE.


http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW



------------------------------------------------------------------------







        



        
                
_______________________________________________________ 
Você quer respostas para suas perguntas? Ou você sabe muito e quer
compartilhar seu conhecimento? Experimente o Yahoo! Respostas !
http://br.answers.yahoo.com/

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: CISSP, Adam Morey
Next by Date:  RE: LAN pen test, Clemens, Dan
Previous by Thread:  Re: CISSP, Anders Thulin
Next by Thread:  Re: CISSP, Joey Peloquin
Indexes:  [Date] [Thread] [Top] [All Lists]