Security Basics mailing list archives

RE: question about CISSP experience requirements

From: <rolando_ruiz () jetaviation com>
Date: Tue, 8 Aug 2006 12:29:32 -0400

You can get the associate of CISSP which does not require any
experience. 

https://www.isc2.org/cgi-bin/content.cgi?category=96

-----Original Message-----
From: Monroe, Bruce [mailto:bruce.monroe () intel com] 
Sent: Friday, August 04, 2006 6:48 PM
To: security-basics () securityfocus com
Subject: RE: question about CISSP experience requirements

A CISSP has to vouch for the experience requirements. If a certified
CISSP vouches for the experience requirements when you don't actually
have them that is a ethics violation...and a problem in itself that
could result in issues with their own cert. I was audited by ISC2 when I
got my CISSP a some years back so there is some checking done. From my
experience they don't check everyone, but they do check on a percentage
from every group taking the test. My recommendation would be to get the
experience and not try the get around the system. There are plenty of
other security related certificaitons you can get in the interim, and
the experience will stand you in good stead regardless. My 2 cents...

Regards, 
Bruce 

Note - the opinions expressed are my own and may not reflect those of my
employer.

-----Original Message-----
From: e.m.baechle () ieee org [mailto:e.m.baechle () ieee org] 
Sent: Friday, August 04, 2006 7:01 AM
To: security-basics () securityfocus com
Subject: Re: question about CISSP experience requirements

Kurt,

You raise a good question.  My opinion is that the CISSP designation
should specifically identify security experience.  However, my opinion
is likely very far off from reality.  I've seen quite a few people
achieve CISSP status from passing a test, with no more experience on
their resume than 5 years of changing backup tapes.  Suddenly they're a
"security expert" with field experience.

The CISSP certification itself is the "gold standard" however my
observations have been that a  lot of underqualified people are achiving
it.  Much the same way that $$$ drove the MCSE program to keeping a low
passing score.  Again, in my observation, I think you could achieve the
CISSP designation if you had someone willing to attest to you having
full-time security responsibility.

Sincerely,

Eric B.

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---

------------------------------------------------------------------------
---
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic
Excellence 
in Information Security. Our program offers unparalleled Infosec
management 
education and the case study affords you unmatched consulting
experience. 
Using interactive e-Learning technology, you can earn this esteemed
degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

question about CISSP experience requirements Kurt Aubuchon (Aug 03)
- Re: question about CISSP experience requirements Kurt Aubuchon (Aug 04)
- Re: question about CISSP experience requirements sun sadm (Aug 08)
- <Possible follow-ups>
- Re: question about CISSP experience requirements benjaminz (Aug 04)
- Re: question about CISSP experience requirements naveed1970 (Aug 04)
- Re: question about CISSP experience requirements y0han (Aug 04)
- Re: question about CISSP experience requirements maxd (Aug 04)
- Re: question about CISSP experience requirements e . m . baechle (Aug 04)
- RE: question about CISSP experience requirements Monroe, Bruce (Aug 05)
  - RE: question about CISSP experience requirements rolando_ruiz (Aug 08)
    - RE: question about CISSP experience requirements David Gillett (Aug 08)
  - RE: question about CISSP experience requirements Kurt Aubuchon (Aug 08)
- RE: question about CISSP experience requirements Monroe, Bruce (Aug 08)