WebApp Sec mailing list archives
Re: Notes from CISSP class with Dr. Eric Cole
From: danew123 () nsw chariot net au
Date: Tue, 11 Oct 2005 09:22:54 +1000
A pre requisite for getting certified as a CISSP is to have at least 4 years experience in the field of security, in at least one of the domains covered in the common body of knowledge. The certification is also non vendor specific, and to say that it is based on jargon or 'certain terminology' is pure folly. As far as I am concerned, if you have issues with the certification, it probably means you haven't got it, or you can't get it. Regards, DW
-----Original Message-----From: Lyal Collins [mailto:lyal.collins () key2it com au] Sent: Monday, 10 October 2005 8:36 PMTo: 'Harley David'; webappsec () securityfocus comSubject: RE: Notes from CISSP class with Dr. Eric ColeI disagree regarding CISSP and some other certification processes. The "knowledge measurement" process in this case is based upon knowing certain terminology and the related definition inside and out as used by theindividuals in the certifying body.Think of the english language - while the USA, Canada, England and Australia all speak english, we all misunderstand each other at times because some terms are used differently. Lunch and dinner can be the same meal time in some places but separate meals in others. The principle of them being ameal is the same, however.Based on sample CISSP questions I've looked through, such differences affect about 5-10% of the questions in my view. So it seems the safest pass strategy is to buy a set of the study material, answer the questions (from the same vendor as the study material) the way the study material state, then return to real life work and real life security based on the sameprinciples that CISSP tries to verify that one posesses.Regards,Lyal-----Original Message-----From: Harley David [mailto:David.Harley () cfh nhs uk] Sent: Monday, 10 October 2005 6:10 PMTo: webappsec () securityfocus comSubject: RE: Notes from CISSP class with Dr. Eric Colethe CISSP answers are structured around knowing definitions, terminology and concepts particular to CISSP study materials, not those used in real life nor real life complexity in systems and security management.But that is real life...Exam-based certifications are based on knowledge of a predetermined body of what the certifying organization defines as knowledge, more or less by definition. Problem solving in a real life situation may be based on that Common Body of Knowledge, as ISC2 call it, but exams generally attempt to measure knowledge, rather than skill in -applying- knowledge.-- David HarleyThis e-mail is confidential and privileged. If you are not the intended recipient please accept our apologies; please do not disclose, copy or distribute information in this e-mail or take any action in reliance on its contents: to do so is strictly prohibited and may be unlawful. Please inform us that this message has gone astray before deleting it. Thank you for yourco-operation._____________________________________________________________________ This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com********************************************************************** This e-mail message and any attachments are intended only for the use of the addressee(s) named above and may contain information that is privileged and confidential. If you are not the intended recipient, any display, dissemination, distribution, or copying is strictly prohibited. If you believe you have received this e-mail message in error, please immediately notify the sender by replying to this e-mail message or by telephone to (02) 9646 9222. Please delete the email and any attachments and do not retain the email or any attachments in any form. **********************************************************************
Current thread:
- Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 02)
- Re: Notes from CISSP class with Dr. Eric Cole Garth Somerville (Oct 04)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 05)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 05)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 05)
- <Possible follow-ups>
- RE: Notes from CISSP class with Dr. Eric Cole Harley David (Oct 10)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 10)
- RE: Notes from CISSP class with Dr. Eric Cole Harley David (Oct 11)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 11)
- RE: Notes from CISSP class with Dr. Eric Cole Michael Krzeszkowski (Oct 11)
- RE: Notes from CISSP class with Dr. Eric Cole Lyal Collins (Oct 11)
- Re: Notes from CISSP class with Dr. Eric Cole danew123 (Oct 11)
- Re: Notes from CISSP class with Dr. Eric Cole Eoin Keary (Oct 11)
- Re: Notes from CISSP class with Dr. Eric Cole dreamwvr (Oct 11)
- Re: Re: Notes from CISSP class with Dr. Eric Cole f_kenisky (Oct 11)
- Re: RE: Notes from CISSP class with Dr. Eric Cole f_kenisky (Oct 11)
- RE: RE: Notes from CISSP class with Dr. Eric Cole Craig Wright (Oct 12)
- RE: Notes from CISSP class with Dr. Eric Cole PPowenski (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole intel96 (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole Saqib Ali (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole intel96 (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole kgp (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole intel96 (Oct 12)
- Re: Notes from CISSP class with Dr. Eric Cole Garth Somerville (Oct 04)