From: Angelacci, Anna M CTR SPAWAR, J616 (anna.angelacci@navy.mil)
Date: Thu Dec 07 2006 - 11:08:53 EST
Noe the education, the certs, the experience, all in one makes you
qualified. Why cry about it when you could be reaching for all the
above?
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of Nick Besant
Sent: Tuesday, December 05, 2006 5:45 AM
To: pen-test@securityfocus.com
Cc: dfullerton@mantor.org
Subject: Re: CISSP
I think it's a worthwhile qualification to have if only from the point
of view of structured learning. Unless you've already done a CS or
equivalent degree, it's unlikely that you'll have covered some of the
architectural or formal methodologies, practices, standards etc that you
must know to take the CISSP exam. On-the-job learning is an excellent
(I'm biased) way to learn all things security but you only tend to
learn the technologies etc around the environments you're working with.
I found the learning process, while covering some out-of-date material
that I'm unlikely to use in future, did cover some additional areas
which I've since applied to projects to my / my employer's benefit.
So; in summary, I would recommend it if you're looking for a broader
certification/career path/etc focusing on security. The breadth (not
really the depth) of the body of knowledge has provided me with a way to
cement together everything I've learned through working on or personal
research. YMMV :)
-- Nick Besant (lists@hwf.cc) dfullerton@mantor.org wrote: > Then I wonder if this certification should really have this kind of > notoriety. Looks like it's not technical and if an 11 years old boy > can complete this cert ...it's not about security management > experience either. > > Anyone can give me some good reason to acquire CISSP while not being > related to money and the wannabe marketing-made notoriety? > > Personally I done GCIH and GHTQ, the latest is harder and really > related to penetration testing. I would like some GOOD reason for > someone in the security field for a while and having others, more in > deep, technical certification to go on with CISSP. > > Should we glorify such things? Tell me more about the exam, the topics > are quite general and may not be totally in line with the exam and the > real knowledge being certified. > > Danny Fullerton > --------------- > IT Security Specialist, GCIH GHTQ http://www.mantor.org/~northox > Mantor Organization > > ---------------------------------------------------------------------- > -- > This List Sponsored by: Cenzic > > Need to secure your web apps? > Cenzic Hailstorm finds vulnerabilities fast. > Click the link to buy it, try it or download Hailstorm for FREE. > http://www.cenzic.com/products_services/download_hailstorm.php?camp=70 > 1600000008bOW > ------------------------------------------------------------------------ > > ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=7016 00000008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:25 EDT