Noe the education, the certs, the experience, all in one makes you
qualified. Why cry about it when you could be reaching for all the
above?
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Nick Besant
Sent: Tuesday, December 05, 2006 5:45 AM
To: pen-test@securityfocus.com
Cc: dfullerton@mantor.org
Subject: Re: CISSP
I think it's a worthwhile qualification to have if only from the point
of view of structured learning. Unless you've already done a CS or
equivalent degree, it's unlikely that you'll have covered some of the
architectural or formal methodologies, practices, standards etc that you
must know to take the CISSP exam. On-the-job learning is an excellent
(I'm biased) way to learn all things security but you only tend to
learn the technologies etc around the environments you're working with.
I found the learning process, while covering some out-of-date material
that I'm unlikely to use in future, did cover some additional areas
which I've since applied to projects to my / my employer's benefit.
So; in summary, I would recommend it if you're looking for a broader
certification/career path/etc focusing on security. The breadth (not
really the depth) of the body of knowledge has provided me with a way to
cement together everything I've learned through working on or personal
research. YMMV :)
--
Nick Besant (lists@hwf.cc)
dfullerton@mantor.org wrote:
Then I wonder if this certification should really have this kind of
notoriety. Looks like it's not technical and if an 11 years old boy
can complete this cert ...it's not about security management
experience either.
Anyone can give me some good reason to acquire CISSP while not being
related to money and the wannabe marketing-made notoriety?
Personally I done GCIH and GHTQ, the latest is harder and really
related to penetration testing. I would like some GOOD reason for
someone in the security field for a while and having others, more in
deep, technical certification to go on with CISSP.
Should we glorify such things? Tell me more about the exam, the topics
are quite general and may not be totally in line with the exam and the
real knowledge being certified.
Danny Fullerton
---------------
IT Security Specialist, GCIH GHTQ http://www.mantor.org/~northox
Mantor Organization
----------------------------------------------------------------------
--
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70
1600000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016
00000008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
