RE: CISSP

["R. DuFresne" <dufresne () sysinfo com>]

On Tue, 27 Nov 2001, Baumann, Sean C. wrote:

> You must also take into account that the CISSP is not just
> technical knowledge, but also management and organizational (policy,
> disaster recovery, law, etc) knowledge that MANY people who are so called
> "wizards" have never been exposed to.  

It's for this very reason that my feelings on CISSP certs are they are far
too braodly based and perhaps should be more catgorical.  Security
engineers should not be lawyers, and only occasionally management
oriented, should they decide to take that track professionally.  The guys
in the trenches, administering the policies laidout by upper manegment
should have the skills and tools and understanding to to that, it's enough
of a job for them and they already wear far too many hats on the job as it
is.  My job is to secure amd maintain systems not worry about how many
cameras are watching folks in the restrooms and such, nor worring about
the companies lawyers job<s>.


Thanks,

Ron DuFresne
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards