Penetration Testing mailing list archives

Re: CISSP

From: Nick Besant <lists () hwf cc>
Date: Tue, 05 Dec 2006 10:44:57 +0000

I think it's a worthwhile qualification to have if only from the pointof view of structured learning. Unless you've already done a CS orequivalent degree, it's unlikely that you'll have covered some of thearchitectural or formal methodologies, practices, standards etc that youmust know to take the CISSP exam. On-the-job learning is an excellent(I'm biased) way to learn all things security but you only tend tolearn the technologies etc around the environments you're working with.

I found the learning process, while covering some out-of-date materialthat I'm unlikely to use in future, did cover some additional areaswhich I've since applied to projects to my / my employer's benefit.

So; in summary, I would recommend it if you're looking for a broadercertification/career path/etc focusing on security. The breadth (notreally the depth) of the body of knowledge has provided me with a way tocement together everything I've learned through working on or personalresearch. YMMV :)



--
Nick Besant (lists () hwf cc)



dfullerton () mantor org wrote:

Then I wonder if this certification should really have this kind of notoriety. Looks like it's not technical and if an 11 
years old boy can complete this cert ...it's not about security management experience either.

Anyone can give me some good reason to acquire CISSP while not being related to money and the wannabe marketing-made 
notoriety?

Personally I done GCIH and GHTQ, the latest is harder and really related to penetration testing. I would like some GOOD 
reason for someone in the security field for a while and having others, more in deep, technical certification to go on 
with CISSP.

Should we glorify such things? Tell me more about the exam, the topics are quite general and may not be totally in line 
with the exam and the real knowledge being certified.

Danny Fullerton
---------------
IT Security Specialist, GCIH GHTQ
http://www.mantor.org/~northox
Mantor Organization

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

Current thread:

Re: CISSP, (continued)
- Re: CISSP killy (Dec 07)
- RE: CISSP Shenk, Jerry A (Dec 03)
- Re: RE: CISSP mr . nasty (Dec 04)
- Re: Re: CISSP dfullerton (Dec 04)
  - RE: Re: CISSP Cony.Zhou (Dec 05)
    - RE: Re: CISSP Clement Dupuis (Dec 05)
  - Re: Re: CISSP Bruno Cesar Moreira de Souza (Dec 05)
    - Re: CISSP Anders Thulin (Dec 07)
    - RE: Re: CISSP Clement Dupuis (Dec 07)
    - Re: CISSP Joey Peloquin (Dec 07)
  - Re: CISSP Nick Besant (Dec 05)
    - RE: CISSP Adam Morey (Dec 07)
    - RE: CISSP Angelacci, Anna M CTR SPAWAR, J616 (Dec 11)
    - RE: CISSP Angelacci, Anna M CTR SPAWAR, J616 (Dec 07)
  - Re: Re: CISSP R. DuFresne (Dec 19)
    - RE: Re: CISSP Mueller, Daniel (NMCI CIRT) (Dec 20)
- RE: CISSP Craig Wright (Dec 04)
- Re: RE: CISSP mr . nasty (Dec 04)
  - RE: RE: CISSP Bates, Chris (Dec 05)
    - Re: CISSP Pete Herzog (Dec 07)
    - Re: CISSP Joseph McCray (Dec 10)

(Thread continues...)