RE: Re: CISSP

From: Clement Dupuis (cdupuis@cccure.org)
Date: Tue Dec 05 2006 - 18:09:38 EST

• Next message: Clemens, Dan: "RE: LAN pen test"
• Previous message: Adam Morey: "RE: CISSP"
• In reply to: Bruno Cesar Moreira de Souza: "Re: Re: CISSP"
• Next in thread: Joey Peloquin: "Re: CISSP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

http://www.securityfocus.com/news/301

This topic was discussed at great length on the official CISSP forum as
well.

Now back to the serious stuff...

Clement

-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Bruno Cesar Moreira de Souza
Sent: Tuesday, December 05, 2006 5:53 AM
To: pen-test@securityfocus.com
Subject: Re: Re: CISSP

What source says that a 11 years old boy got CISSP? I
think this is only a rumour.

<https://www.isc2.org/cgi-bin/content.cgi?category=1187>:
"Applicants must have a minimum of four years of
direct full-time security professional work experience
in one or more of the ten domains of the (ISC)² CISSP®
CBK®. "

The CISSP is not a proof that you are specialist in a
specific security field (for example, penetration
test), but can demonstrate that you have the broad
expected knowledge for a information security
professional in all the 10 information security
domains: Access Control - Application Security -
Business Continuity and Disaster Recovery Planning -
Criptography - Information Security and Risk
Management - Legal, Regulations, Compliance and
Investigations - Operations Security - Physical
(Enviromental) Security - Security Architecture and
Design - Telecomunications and Network Security.

For demonstrate expertise in a specific field, I
agree, you have to look for another certification. I
believe that the certifications offered by SANS are
very good.

But, ISC2 also offer another certifications for
demonstrate deeper knowledge in specific domains:

"For experienced information security professionals
with an (ISC)² credential in good standing, (ISC)²
Concentrations demonstrate their acquired rigorous
knowledge of select CBK® domains. Passing a
concentration examination demonstrates proven
capabilities and subject-matter expertise beyond that
required for the CISSP or SSCP credentials.

CISSP Concentrations
Current Concentrations for CISSPs include the:

ISSAP®, Concentration in Architecture

ISSEP®, Concentration in Engineering

ISSMP®, Concentration in Management
"
(https://www.isc2.org/cgi-bin/content.cgi?category=99)

You have to be a CISSP, before trying get one of
these.

Best Regards,

Bruno Cesar M. de Souza

--- dfullerton@mantor.org escreveu:

> Then I wonder if this certification should really
> have this kind of notoriety. Looks like it's not
> technical and if an 11 years old boy can complete
> this cert ...it's not about security management
> experience either.
>
> Anyone can give me some good reason to acquire CISSP
> while not being related to money and the wannabe
> marketing-made notoriety?
>
> Personally I done GCIH and GHTQ, the latest is
> harder and really related to penetration testing. I
> would like some GOOD reason for someone in the
> security field for a while and having others, more
> in deep, technical certification to go on with
> CISSP.
>
> Should we glorify such things? Tell me more about
> the exam, the topics are quite general and may not
> be totally in line with the exam and the real
> knowledge being certified.
>
> Danny Fullerton
> ---------------
> IT Security Specialist, GCIH GHTQ
> http://www.mantor.org/~northox
> Mantor Organization
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download
> Hailstorm for FREE.
>
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
>
------------------------------------------------------------------------
>
>

        
                
_______________________________________________________
Você quer respostas para suas perguntas? Ou você sabe muito e quer
compartilhar seu conhecimento? Experimente o Yahoo! Respostas !
http://br.answers.yahoo.com/

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Clemens, Dan: "RE: LAN pen test"
• Previous message: Adam Morey: "RE: CISSP"
• In reply to: Bruno Cesar Moreira de Souza: "Re: Re: CISSP"
• Next in thread: Joey Peloquin: "Re: CISSP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT