From: Mueller, Daniel (NMCI CIRT) (daniel.mueller@nmci-isf.com)
Date: Wed Dec 20 2006 - 08:52:13 EST
Any company in the industry even remotely wanting to land a Govt or DoD
contract must have a certain portion of their staff with this
certification. In fact the hiring practices listed below almost read
directly from the DoD 8570 instruction. There are other certs but the
high end for the best jobs require CISSP or the much more difficult SANS
certification which is derived of multiple certs. So in the end the
CISSP is the simplest choice of them all.
Thanks
Dan
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of R. DuFresne
Sent: Monday, December 18, 2006 9:43 PM
To: dfullerton@mantor.org
Cc: pen-test@securityfocus.com;
pen-test-return-1078483125@securityfocus.com
Subject: Re: Re: CISSP
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 4 Dec 2006, dfullerton@mantor.org wrote:
> Then I wonder if this certification should really have this kind of
notoriety. Looks like it's not technical and if an 11 years old boy can
complete this cert ...it's not about security management experience
either.
>
> Anyone can give me some good reason to acquire CISSP while not being
related to money and the wannabe marketing-made notoriety?
To get hired. It's a requirement for most companies seeking security
folks, some companies will hire you without, if you can show experience
in the field, and require you get one shortly after being employed., and
for any of the agencies that assist with those seeking employment in the
field. If you are seeking experience in the field by hiring thru
agencies that will market you for security type work, a CISSP is a most,
in most cases upfront to get a foot in the door.
>
> Personally I done GCIH and GHTQ, the latest is harder and really
related to penetration testing. I would like some GOOD reason for
someone in the security field for a while and having others, more in
deep, technical certification to go on with CISSP.
>
Great certs, in some ways superior to the CISSP, yet, not as well known
in the hiring realms. It takes getting an interview with a truly
clueful management/front team to get these to come across with the same
prestige as the CISSP.
Thanks,
Ron DuFresne
> Should we glorify such things? Tell me more about the exam, the topics
are quite general and may not be totally in line with the exam and the
real knowledge being certified.
It's too late, what you choose to "glorify" means little the rest of the
IT industry has already placed a high degree of import upon the cert.
Thanks,
Ron DuFresne
- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629
...We waste time looking for the perfect lover
instead of creating the perfect love.
-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFh1G1st+vzJSwZikRAgyGAJ9huIUNnx1Lv+GHEBvWvMMYO0TzeQCdFT0x
OKPzSqjBol47kzuokWpxl1k=
=4kW1
-----END PGP SIGNATURE-----
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:29 EDT