RE: CISSP without experience

["Robert Hines" <b.hines () comcast net>]

I think the actual value comes when the individual has to renew the CISSP,
it may be easy for some to get, but not so easy to keep.  Employers should
be asking for a candidate that has held the CISSP for more than 4 years, if
they seek a CISSP that has done more than memorize the text. Getting the
CISSP CERT is just the start of a career path, not an easy way to get a job.


-----Original Message-----
From: Fu Wang, Thio [mailto:fuwang () crimsonlogic com] 
Sent: Monday, February 14, 2005 8:46 PM
To: Varun Pitale; security-basics () securityfocus com
Subject: RE: CISSP without experience

Hi,

Here in Singapore, we have had people getting the CISSP without the
sufficient knowledge and experience acquired for 3 years. Some only have
1 year and they manage to get the CISSP. Many of the so called vendors
has people obtianing the CISSP with only 1 year experience. 

Have raised this to CISSP but noone there replies.

I really question the value of this type of certification as there is no
stringent background check on the candidate.

Rgds,
Fuwang

-----Original Message-----
From: Varun Pitale [mailto:varun.pitale () gmail com] 
Sent: Tuesday, February 15, 2005 6:51 AM
To: security-basics () securityfocus com
Subject: CISSP without experience


I have a 6 month experience on working professionally in Information
Security, but I have been learning and practicing it in my studies and
now I am looking for a job. Almost all of the jobs require a CISSP, but
you cannot get it without atleast 3 years experience. I did hear that
even without an experience you can pass the CISSP, but you will not get
the certification and then you can go to the employer and tell him that
you passed the CISSP. Anyone have any views or any experience with it?

-- 
Regards, 
   Varun
   (704)-687-6005 --(Office)
   (704)-458-3589 --(Mobile)
   mailto: varun.pitale_(at)_gmail_(dot)_com