RE: question about CISSP experience requirements

[Kurt Aubuchon <kurtaubuchon () yahoo com>]

It's not my intention to "get around the system".  Nor
do I want anyone to vouch for experience I don't have.
Typically I avoid unethical behavior.  I'm just trying
to understand the requirements better.  

Based on some of the responses, I think I might
actually meet the requirements now.  I have a good
deal of network admin and DBA experience that I didn't
mention in my original post but which might be
applicable anyway.  Or, what I might do, as one member
suggested, is go for the "Associate" designation,
which gives me a few years to make the experience
requirement after passing the test.  That might still
open a few career doors for me.  I'm still kicking
that around.

Thanks again to all who offered advice.

Kurt

--- "Monroe, Bruce" <bruce.monroe () intel com> wrote:

> A CISSP has to vouch for the experience
> requirements. If a certified
> CISSP vouches for the experience requirements when
> you don't actually
> have them that is a ethics violation...and a problem
> in itself that
> could result in issues with their own cert. I was
> audited by ISC2 when I
> got my CISSP a some years back so there is some
> checking done. From my
> experience they don't check everyone, but they do
> check on a percentage
> from every group taking the test. My recommendation
> would be to get the
> experience and not try the get around the system.
> There are plenty of
> other security related certificaitons you can get in
> the interim, and
> the experience will stand you in good stead
> regardless. My 2 cents...
>
> Regards, 
> Bruce 
>
> Note - the opinions expressed are my own and may not
> reflect those of my
> employer.
>
> -----Original Message-----
> From: e.m.baechle () ieee org
> [mailto:e.m.baechle () ieee org] 
> Sent: Friday, August 04, 2006 7:01 AM
> To: security-basics () securityfocus com
> Subject: Re: question about CISSP experience
> requirements
>
> Kurt,
>
>
> You raise a good question.  My opinion is that the
> CISSP designation
> should specifically identify security experience. 
> However, my opinion
> is likely very far off from reality.  I've seen
> quite a few people
> achieve CISSP status from passing a test, with no
> more experience on
> their resume than 5 years of changing backup tapes. 
> Suddenly they're a
> "security expert" with field experience.
>
>
> The CISSP certification itself is the "gold
> standard" however my
> observations have been that a  lot of underqualified
> people are achiving
> it.  Much the same way that $$$ drove the MCSE
> program to keeping a low
> passing score.  Again, in my observation, I think
> you could achieve the
> CISSP designation if you had someone willing to
> attest to you having
> full-time security responsibility.
>
>
> Sincerely,
>
>
> Eric B.
------------------------------------------------------------------------
> ---
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE -
> ONLINE
> The NSA has designated Norwich University a center
> of Academic
> Excellence 
> in Information Security. Our program offers
> unparalleled Infosec
> management 
> education and the case study affords you unmatched
> consulting
> experience. 
> Using interactive e-Learning technology, you can
> earn this esteemed
> degree, 
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
> ---
---------------------------------------------------------------------------
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE -
> ONLINE
> The NSA has designated Norwich University a center
> of Academic Excellence
> in Information Security. Our program offers
> unparalleled Infosec management
> education and the case study affords you unmatched
> consulting experience.
> Using interactive e-Learning technology, you can
> earn this esteemed degree,
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
>


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------