From: Joey Peloquin (joeyp@cotse.net)
Date: Wed Dec 06 2006 - 15:34:38 EST
Bruno Cesar Moreira de Souza wrote:
> What source says that a 11 years old boy got CISSP? I
> think this is only a rumour.
OK, I've read enough misinformation that I now have to add my two cents..
He was ~16, not ~11, and it was five years ago, so don't be surprised if
that bright ~21 year old Indian chap doing your pen-test is him. His father
owned and operated a security software and services company, and the kid had
been coding and assisting with assessments since he was ~10, or thereabout.
Apparently, he is a fairly gifted programmer.
Now, the part about the degree being required because of his age..correct.
It was a knee-jerk reaction deployed to prevent a minor from ever getting
the cert again, and possibly contributing to its loss of integrity. The ISC
saw the err of its ways, which is how we ended up with today's policy. The
experience requirement was there even when he got certified. However, his
work experience at his Father's company satisfied the requirement.
I know Thor, Jerry, and a couple of others were on this list back then, you
guys don't remember all the hoopla around this? After all, it was back when
there was less than 5K CISSPs worldwide, and every sales guy that says the
word 'security' in his pitch didn't have one**.
**No offense to the sales guys. If I was in sales, I'd make sure I had it too.
Cheers,
-jp
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT