morphed into certification argument (was : MS not telling enough - ethics)

[Michael Holstein <michael.holstein () csuohio edu>]

> They do random credential checking and I should I know, since I was
> audited after I passed the exam.

Me too .. before they'd issue my cert, I had to provide a resume, and 
they verified my employment history (yes, they did call).

> The CISSP cert is the best security cert around, without a doubt.

Personally I learned more from my SANS training (not the classes, just 
taking the 'challenge' exams) .. because they actually make you write a 
(rather long) paper based on your own original research.

The CISSP material was good (didn't go to those classes either .. just 
read the books) because without I'd have never known what heights of 
fence are required for various levels of security at a physical site -- 
the CISSP credential is good because it makes you focus on other areas 
of the practice you might not have considered (site security, for 
example -- as in the previous example).

Does a [favorite lettered credential] cert *prove* you know anything? Of 
course not. But it's just one more set of initials you can tack after 
your name -- which helps immensely when you're trying to best out the 
other 100 applicants for a job, or going back-and-forth with the 
defense's lawyer about "are you qualified to present this testimony".

My $0.02.

Michael Holstein CISSP GCIA
Cleveland State University
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/