Security Basics mailing list archives
RE: CISSP Question
From: Elizabeth Tolson <etolson () gibralter net>
Date: Mon, 7 May 2007 16:34:30 -0400 (GMT-04:00)
First of all, to all who have written privately with loads of encouragement --- THANK YOU!!!! Secondly, regarding the facing of opposing counsel while on stand. I have to say that I have been cross-examined by the best and was able to stand my ground and win my case. Prior to being a paralegal, I was a Child Protective Services Social Worker. When you have to prove abuse (sexual or physical or emotional) and/or neglect, to the extent that the children should be removed from the home and the parents sent to prison, you had been be on your "p's and q's". I always was prepared before going to Court. Then I started working for the Child Support Office. Again, I was cross-examined by the best attorneys. Again, I stood my ground. Sometimes, and I don't know why, I see that when people have a certain degree or certification or job, they don't want to see other people do the same. I am not sure why -- I don't think I would be any kind of threat hear in little Eastern North Carolina to anyone overseas, etc. Elizabeth -----Original Message-----
From: Craig Wright <Craig.Wright () bdo com au> Sent: May 4, 2007 8:56 PM To: Elizabeth Tolson <etolson () gibralter net>, david.a.harley () gmail com Cc: security-basics () securityfocus com Subject: RE: CISSP Question In cases where one does not have the required experience, ISC2 has instituted an Associate qualification. This is for people who have passed the exam but do not as yet have the experience. If you are looking to work with law enforcement in digital forensics, most critically you need to be able to build and demonstrate a level of expertise. Most of the time it will never be challenged, if you find the evidence - than 9-10 times (form personal experience) it is not disputed (as long as procedures are followed). The issue is that you never know when the evidence will be challenged in court and this is where the opposing party will attempt to dispute your level of knowledge, skill and professional judgement. In jury cases, the difficulty is that juries do not just make decisions on the facts, but also have a level of perception added in. How well you handle under pressure aides in this process and as strange as it may sound, joining something like toastmasters may aide. The reason for this is that it helps you master speaking in front of people and when testifying as an expert, this is a particularly stressful experience (which though gets better with experience, never really goes away). By undermining your composure on the stand, an opposing attorney will attempt to make it seem that you do not handle stress well and thus may make mistakes. If you can make a mistake on the stand, than it is presumable that you may make an error in collecting evidence and that introduces reasonable doubt. Thus it is that not only experience and skill is required but also a level of control in front of difficult people (and this is generally the role of opposing council - to be difficult). This also adds the issue of using questionable experience (such as being a physical security guard and this is not aimed at anyone, but is a generalised analogy). If you are going to work with LE or otherwise in forensics, the question of ethics and integrity becomes even more crucial. Often it is simpler to dispute the credentials or attack the person than to attack the evidence, the result is the same - reasonable doubt. So the process is that if the opposing council can dig up dirt on you from your past (even 20 years back) they will. As an expert, many of the protections which apply to a witness do not apply to you. There are protections on attacking the character of witnesses that do not apply to experts. So if for instance the opposing council subpoenas your CISSP records and it stated 5 years professional security experience and you had been a security guard - they will use this. The questioning would go along the lines of: Attorney: You state that you had 5 years professional experience in information security before applying for the CISSP? Expert: Yes Attorney: But your resume states that you where a security patrol coordinator, is this correct? Expert: Yes, I was. I also worked with... Attorney: Just answer the question, please do not embellish it. Yes is all I want. So did you work 2 jobs at that time? Expert: No, what are you getting at? Attorney: So you lied on your CISSP application? Expert: No! I never would. Attorney: You did state that you are an IT Security professional with 5 years experience on the application, but that you where working in physical security? Expert: Yes - I was a security professional. Attorney: So you are either ignorant of what IT Security is and where not a professional or you lied. Is this true? Expert: No, I w... Attorney: No you are lying now or that you lied before. I would like to tender to the bench evidence that categorically demonstrated that "Expert" lied in his/her application to be considered for a CISSP. Expert: That is not.... Judge: Mr/Miss/Mrs "Expert" will please be quiet unless addressed. Attorney: I would like to submit to the bench that all evidence from "Expert" should be disallowed. This above situation is one that can and does occur. Thus it was mentioned that the legal terminology of a profession does not matter, maybe if you never go into a court. In digital forensics, it is your role to be prepared to go to court. A nasty attorney would likely file a perjury suit against Mr/Mrs "Expert" - which would likely exclude them and their evidence. It could also result in charges. So I am maybe a little risk adverse these days. I prefer to accept the legally defined class of what is a professional as if anything ever goes wrong for instance; the legally accepted definition is the one that counts. This states nothing in regards to the level of skill or ethics of the person, just if they are in either a legalistic or sociologically accepted defined class as a professional. Regards Craig Regards Craig Craig Wright Manager of Information Systems Direct +61 2 9286 5497 Craig.Wright () bdo com au +61 417 683 914 BDO Kendalls (NSW) Level 19, 2 Market Street Sydney NSW 2000 GPO BOX 2551 Sydney NSW 2001 Fax +61 2 9993 9497 www.bdo.com.au Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. The information in this email and any attachments is confidential. If you are not the named addressee you must not read, print, copy, distribute, or use in any way this transmission or any information it contains. If you have received this message in error, please notify the sender by return email, destroy all copies and delete it from your system. Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls. You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or Director of BDO Kendalls. It is your responsibility to scan this communication and any files attached for computer viruses and other defects. BDO Kendalls does not accept liability for any loss or damage however caused which may result from this communication or any files attached. A full version of the BDO Kendalls disclaimer, and our Privacy statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator () bdo com au. BDO Kendalls is a national association of separate partnerships and entities. ________________________________ From: listbounce () securityfocus com on behalf of Elizabeth Tolson Sent: Sat 5/05/2007 2:15 AM To: david.a.harley () gmail com Cc: security-basics () securityfocus com Subject: RE: CISSP Question My original question was whether a Masters Degree in Information Systems Security and a CCE Certification would qualify me for CISSP or do I need several years experience in the field. There were some suggestions as to what I could label as "experience" and how to maybe cut corners. I never asked how to cut corners to get the Cert. Elizabeth -----Original Message-----From: David Harley <david.a.harley () gmail com> Sent: May 4, 2007 4:54 AM To: Cc: security-basics () securityfocus com Subject: RE: CISSP QuestionI, in NO way, want to cheat, cut corners, etc. to get this or any other Certification.Elizabeth, I didn't see your original question (I've only just rejoined this list), but I'm sure no-one was questioning your personal integrity. In fact, I'm still not sure exactly what your original question was, but if it helps, I'd think that a Masters in Info Sec (or even working towards one) plus CCE would make you a good candidate for a range of jobs offering a way to acquire more hands-on experience. Even if you didn't go straight into something forensics related, CCE certification would say something very positive about your dedication and capacity for learning. Employers worth working for will value (among other things) experience, proven skill, academic achievement and willingness to work for professional (in a non-legal sense) qualifications. It depends on the exact job and the other candidates, of course, but they'll often use the attributes you do have as a guide to your potential in areas in which you may be less qualified right now. I wish you every success in realizing your potential. -- David Harley CISSP Security Author/Editor/Consultant/Researcher Small Blue-Green World AVIEN Guide to Malware: http://www.smallblue-greenworld.co.uk/pages/avienguide.html Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html
Current thread:
- RE: RE: CISSP Question, (continued)
- RE: RE: CISSP Question Simmons, James (May 03)
- "Professional", RE: RE: CISSP Question David Gillett (May 03)
- RE: "Professional", RE: RE: CISSP Question David Harley (May 04)
- "Professional", RE: RE: CISSP Question David Gillett (May 03)
- RE: CISSP Question Elizabeth Tolson (May 03)
- RE: CISSP Question Craig Wright (May 03)
- RE: CISSP Question Simmons, James (May 03)
- Message not available
- RE: CISSP Question Simmons, James (May 07)
- RE: CISSP Question Simmons, James (May 03)
- RE: RE: CISSP Question Simmons, James (May 03)
- RE: CISSP Question Elizabeth Tolson (May 04)
- RE: CISSP Question David Harley (May 04)
- RE: CISSP Question Craig Wright (May 07)
- RE: CISSP Question Elizabeth Tolson (May 07)
- RE: CISSP Question David Harley (May 08)
- RE: CISSP Question Craig Wright (May 08)
- CISSP Question Simmons, James (May 08)
- Re: CISSP Question Yousef Syed (May 09)
- RE: CISSP Question Simmons, James (May 09)
- RE: CISSP Question April Carson (May 09)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question April Carson (May 10)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question April Carson (May 10)
- Re: CISSP Question Yousef Syed (May 09)