Security Basics mailing list archives

RE: CISSP without experience

From: "Steve Fletcher" <safletcher () insightbb com>
Date: Thu, 24 Feb 2005 13:22:52 -0600

I have one major problem with all of this.  When I looked at the
requirements on the (ISC)2 web page, the information is very vague.  And,
when I emailed them to get clarification, the reply I got was the same as
the web page.

I have considered pursuing the CISSP cert, but I am not sure if I have
enough "security" experience.  I have 9 years of experience doing work for
various resellers/consultants, doing everything from setting up servers,
including file security, to installing and configuring Cisco PIX firewalls,
to, most recently, performing security audits on customer networks.  So,
does that meet the experience requirements?  No one seems to be able to tell
me........

Steve Fletcher
MCSE (NT4/Win2k), MCSE: Security (Win2k), HP Master ASE, CCNA, Security+
safletcher () insightbb com

-----Original Message-----
From: James Michael Stewart [mailto:michael () impactonline com] 
Sent: Thursday, February 17, 2005 9:56 PM
Cc: security-basics () securityfocus com
Subject: RE: CISSP without experience

 
ISC2 offers an Associate of ISC2 which is a label offered to those who pass
the CISSP exam but who do not have the 4 years of experience (or 3 years
with a recent college degree). Then you are given 5 years within which to
obtain 4 years of relevant security experience, once you obtain sufficient
relevant experience then you are offered the CISSP cert. More details are
available on the www.isc2.org Web site.

If a company is asking for CISSP, it is doubtful they even know about the
Associate plan. Furthermore, if they really want a CISSP they may not want
to settle for a non-experienced person who has passed the exam. That's part
of the benefit of CISSP from an employer's perspective... If you hold the
cert it automatically ensures you have at least 3 or 4 years of relevant
experience. 

ISC2 built the cert in this manner on purpose. They did not want people to
obtain the cert that did not have experience. 

BTW, I'm a CISSP instructor (30+ classes). 

James Michael Stewart
michael () impactonline com
IMPACT Online - www.impactonline.com
Austin, TX 78749

-----Original Message-----
From: Robinson, Sonja [mailto:SRobinson () HIPUSA com] 
Sent: Tuesday, February 15, 2005 7:08 PM
To: gautam.singh+spam () gmail com; Varun Pitale
Cc: security-basics () securityfocus com
Subject: RE: CISSP without experience

You should contact isc2.org and talk to them or checkthe web site.  I would
bet that you would be required to maintain the CPE's from the time you pass
until the time you become officially certified.


Sonja L. Robinson, CISSP, CISA, CISM
Forensic Specialist, Digital Investigations HIP Information Security Group
Tel: 212-806-4125
srobinson () hipusa com
 

-----Original Message-----
From: Gautam R. Singh [mailto:gautam.singh () gmail com]
Sent: Monday, February 14, 2005 11:14 PM
To: Varun Pitale
Cc: security-basics () securityfocus com
Subject: Re: CISSP without experience

I too am intrested in the same & facing the problem that all the jobs
interviewed for required CISSP but i too lack experience. Can we just take
the CISSP and exam and pass it?

Anyone who has done it?

~gRs
On Mon, 14 Feb 2005 17:50:46 -0500, Varun Pitale <varun.pitale () gmail com>
wrote:

I have a 6 month experience on working professionally in Information 
Security, but I have been learning and practicing it in my studies and 
now I am looking for a job. Almost all of the jobs require a CISSP, 
but you cannot get it without atleast 3 years experience. I did hear 
that even without an experience you can pass the CISSP, but you will 
not get the certification and then you can go to the employer and tell 
him that you passed the CISSP. Anyone have any views or any experience 
with it?

--
Regards,
   Varun
   (704)-687-6005 --(Office)
   (704)-458-3589 --(Mobile)
   mailto: varun.pitale_(at)_gmail_(dot)_com



--
Gautam R. Singh
http://www.google.com/search?q=gautam.singh%40gmail.com
[mcp,ccna,cspfa,] t: +91 9885576081 | pgp:
http://gautam.techwhack.com/key/ | ymsgr: er-333 | msn: ro0_@hotmail
CONFIDENTIALITY NOTICE: This e-mail transmission, including any attachments
to it, may contain confidential information or protected health information
subject to privacy regulations such as the Health Insurance Portability and
Accountability Act of 1996 (HIPAA). This transmission is intended only for
the use of the recipient(s) named above. If you are not the intended
recipient, or a person responsible for delivering it to the intended
recipient, you are hereby notified that any disclosure, copying,
distribution or use of any of the information contained in this transmission
is STRICTLY PROHIBITED. If you have received this transmission in error,
please immediately notify me by reply e-mail and destroy the original
transmission in its entirety without saving it in any manner.

Current thread:

RE: CISSP without experience, (continued)
- RE: CISSP without experience Hardeep (Feb 15)
  - RE: CISSP without experience NetEng (Feb 17)
- RE: CISSP without experience Andrew Shore (Feb 15)
- Re: CISSP without experience Ivan Coric (Feb 15)
- RE: CISSP without experience GaddyJrB (Feb 15)
- RE: CISSP without experience Fu Wang, Thio (Feb 15)
  - RE: CISSP without experience Robert Hines (Feb 17)
  - Re: CISSP without experience Kevin Conaway (Feb 17)
- RE: CISSP without experience Robinson, Sonja (Feb 17)
  - RE: CISSP without experience James Michael Stewart (Feb 19)
    - RE: CISSP without experience Steve Fletcher (Feb 24)
    - RE: CISSP without experience Clement Dupuis (Feb 24)
- RE: CISSP without experience Matt Arntsen (Feb 17)
- RE: CISSP without experience Dante Mercurio (Feb 17)
- RE: CISSP without experience Fu Wang, Thio (Feb 17)
- RE: CISSP without experience Paris E. Stone (Feb 17)
- RE: CISSP without experience mrodrigu (Feb 17)
- RE: CISSP without experience Neo Phile (Feb 19)