RE: Wireless Security

["Nick Duda" <nduda () VistaPrint com>]

Just my .02

> Having a CISSP doesn't mean I know everything about Wireless Security

True, having a CISSP doesn't mean one needs to know everything about a
security solutions...but someone correct me if I am wrong, but your
question was very "rookie" in nature...as in, having a cert like CISSP
should help one (employer) be confident that something so rookie as your
question should be known with some level of detail....I'm not saying
don't ask for help, man I've asked for tons of help...i guess this topic
just continues to make me think about the CISSP.

I hold a GSEC and GCIH...i took the SANS CISSP course and am scheduled
to take the CISSP. I've sat the talks about what is better CISSP or
CSEC...etc (lets not start that one over). Most people say CISSP though,
and it does appear that CISSP seems to be more of the "Senior" cert to
have in security. Based on the content of the CISSP I personally find
the CISSP a joke and does not reflect the security world good at all. I
mean all websites and study groups , even the SANS course I took always
have the disclaimers like "In the real world this isn't true, but if you
want to pass the CISSP you need to answer it like this". Listen to Eric
Cole's SANS CISSP course, he says (quote), "Drink the coolaid". The
CISSP covers so much crap that never gets used in the real world, most
of their questions are so far from the real world (whats a true
DMZ..etc). A good portion of material is based soley on government stuff
(MAC and such). I found the GSEC to be more real world and to me, a GSEC
would "get you in the door" far faster than a CISSP would. This is why I
don't list certs after my name.

That being said, I take my CISSP in March lol Sorry this went off
topic...disregard.


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of David Harley
Sent: Thursday, February 07, 2008 7:10 AM
To: 'Yousef Syed'; 'Mike Hale'
Cc: 'Security Basics'
Subject: RE: Wireless Security

> Having a CISSP doesn't mean I know everything about Wireless 
> Security, or that I'm a Network Administrator. Nor does it 
> mean that I'm not humble enough to ask a question where I 
> don't know something, rather than make it up as I go along.

On that, at least, we can certainly agree. Enormous damage has been done
over the years by people who were unable to admit that they weren't able
or
qualified to deal with an issue, or would deal with it better by finding
out
more about it, and looking for people who -are- better qualified is a
mature
and sensible way of approaching that.

Being professional is not about knowing everything about everything: it
-is-
often about knowing the limitations of your own knowledge.

--
David Harley