From: Clement Dupuis (cdupuis@cccure.org)
Date: Tue Dec 05 2006 - 18:09:38 EST
http://www.securityfocus.com/news/301
This topic was discussed at great length on the official CISSP forum as
well.
Now back to the serious stuff...
Clement
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] On
Behalf Of Bruno Cesar Moreira de Souza
Sent: Tuesday, December 05, 2006 5:53 AM
To: pen-test@securityfocus.com
Subject: Re: Re: CISSP
What source says that a 11 years old boy got CISSP? I
think this is only a rumour.
<https://www.isc2.org/cgi-bin/content.cgi?category=1187>:
"Applicants must have a minimum of four years of
direct full-time security professional work experience
in one or more of the ten domains of the (ISC)² CISSP®
CBK®. "
The CISSP is not a proof that you are specialist in a
specific security field (for example, penetration
test), but can demonstrate that you have the broad
expected knowledge for a information security
professional in all the 10 information security
domains: Access Control - Application Security -
Business Continuity and Disaster Recovery Planning -
Criptography - Information Security and Risk
Management - Legal, Regulations, Compliance and
Investigations - Operations Security - Physical
(Enviromental) Security - Security Architecture and
Design - Telecomunications and Network Security.
For demonstrate expertise in a specific field, I
agree, you have to look for another certification. I
believe that the certifications offered by SANS are
very good.
But, ISC2 also offer another certifications for
demonstrate deeper knowledge in specific domains:
"For experienced information security professionals
with an (ISC)² credential in good standing, (ISC)²
Concentrations demonstrate their acquired rigorous
knowledge of select CBK® domains. Passing a
concentration examination demonstrates proven
capabilities and subject-matter expertise beyond that
required for the CISSP or SSCP credentials.
CISSP Concentrations
Current Concentrations for CISSPs include the:
ISSAP®, Concentration in Architecture
ISSEP®, Concentration in Engineering
ISSMP®, Concentration in Management
"
(https://www.isc2.org/cgi-bin/content.cgi?category=99)
You have to be a CISSP, before trying get one of
these.
Best Regards,
Bruno Cesar M. de Souza
--- dfullerton@mantor.org escreveu:
> Then I wonder if this certification should really
> have this kind of notoriety. Looks like it's not
> technical and if an 11 years old boy can complete
> this cert ...it's not about security management
> experience either.
>
> Anyone can give me some good reason to acquire CISSP
> while not being related to money and the wannabe
> marketing-made notoriety?
>
> Personally I done GCIH and GHTQ, the latest is
> harder and really related to penetration testing. I
> would like some GOOD reason for someone in the
> security field for a while and having others, more
> in deep, technical certification to go on with
> CISSP.
>
> Should we glorify such things? Tell me more about
> the exam, the topics are quite general and may not
> be totally in line with the exam and the real
> knowledge being certified.
>
> Danny Fullerton
> ---------------
> IT Security Specialist, GCIH GHTQ
> http://www.mantor.org/~northox
> Mantor Organization
>
>
------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download
> Hailstorm for FREE.
>
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
>
------------------------------------------------------------------------
>
>
_______________________________________________________
Você quer respostas para suas perguntas? Ou você sabe muito e quer
compartilhar seu conhecimento? Experimente o Yahoo! Respostas !
http://br.answers.yahoo.com/
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
0008bOW
------------------------------------------------------------------------
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT