Penetration Testing mailing list archives
RE: Re: CISSP
From: "Clement Dupuis" <cdupuis () cccure org>
Date: Tue, 5 Dec 2006 18:09:38 -0500
http://www.securityfocus.com/news/301 This topic was discussed at great length on the official CISSP forum as well. Now back to the serious stuff... Clement -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Bruno Cesar Moreira de Souza Sent: Tuesday, December 05, 2006 5:53 AM To: pen-test () securityfocus com Subject: Re: Re: CISSP What source says that a 11 years old boy got CISSP? I think this is only a rumour. <https://www.isc2.org/cgi-bin/content.cgi?category=1187>: "Applicants must have a minimum of four years of direct full-time security professional work experience in one or more of the ten domains of the (ISC)² CISSP® CBK®. " The CISSP is not a proof that you are specialist in a specific security field (for example, penetration test), but can demonstrate that you have the broad expected knowledge for a information security professional in all the 10 information security domains: Access Control - Application Security - Business Continuity and Disaster Recovery Planning - Criptography - Information Security and Risk Management - Legal, Regulations, Compliance and Investigations - Operations Security - Physical (Enviromental) Security - Security Architecture and Design - Telecomunications and Network Security. For demonstrate expertise in a specific field, I agree, you have to look for another certification. I believe that the certifications offered by SANS are very good. But, ISC2 also offer another certifications for demonstrate deeper knowledge in specific domains: "For experienced information security professionals with an (ISC)² credential in good standing, (ISC)² Concentrations demonstrate their acquired rigorous knowledge of select CBK® domains. Passing a concentration examination demonstrates proven capabilities and subject-matter expertise beyond that required for the CISSP or SSCP credentials. CISSP Concentrations Current Concentrations for CISSPs include the: ISSAP®, Concentration in Architecture ISSEP®, Concentration in Engineering ISSMP®, Concentration in Management " (https://www.isc2.org/cgi-bin/content.cgi?category=99) You have to be a CISSP, before trying get one of these. Best Regards, Bruno Cesar M. de Souza --- dfullerton () mantor org escreveu:
Then I wonder if this certification should really have this kind of notoriety. Looks like it's not technical and if an 11 years old boy can complete this cert ...it's not about security management experience either. Anyone can give me some good reason to acquire CISSP while not being related to money and the wannabe marketing-made notoriety? Personally I done GCIH and GHTQ, the latest is harder and really related to penetration testing. I would like some GOOD reason for someone in the security field for a while and having others, more in deep, technical certification to go on with CISSP. Should we glorify such things? Tell me more about the exam, the topics are quite general and may not be totally in line with the exam and the real knowledge being certified. Danny Fullerton --------------- IT Security Specialist, GCIH GHTQ http://www.mantor.org/~northox Mantor Organization
------------------------------------------------------------------------
This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 0008bOW
------------------------------------------------------------------------
_______________________________________________________ Você quer respostas para suas perguntas? Ou você sabe muito e quer compartilhar seu conhecimento? Experimente o Yahoo! Respostas ! http://br.answers.yahoo.com/ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000 0008bOW ------------------------------------------------------------------------ ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- Re: CISSP, (continued)
- Re: CISSP Philosophil (Dec 03)
- Re: CISSP ruud . geelen (Dec 03)
- Re: CISSP killy (Dec 07)
- RE: CISSP Shenk, Jerry A (Dec 03)
- Re: RE: CISSP mr . nasty (Dec 04)
- Re: Re: CISSP dfullerton (Dec 04)
- RE: Re: CISSP Cony.Zhou (Dec 05)
- RE: Re: CISSP Clement Dupuis (Dec 05)
- Re: Re: CISSP Bruno Cesar Moreira de Souza (Dec 05)
- Re: CISSP Nick Besant (Dec 05)
- RE: CISSP Angelacci, Anna M CTR SPAWAR, J616 (Dec 07)
- RE: Re: CISSP Cony.Zhou (Dec 05)
- Re: Re: CISSP R. DuFresne (Dec 19)
- RE: Re: CISSP Mueller, Daniel (NMCI CIRT) (Dec 20)
- Re: CISSP Philosophil (Dec 03)
- RE: CISSP Craig Wright (Dec 04)
- Re: RE: CISSP mr . nasty (Dec 04)
- RE: RE: CISSP Bates, Chris (Dec 05)