Security Basics mailing list archives
RE: question about CISSP experience requirements
From: "Monroe, Bruce" <bruce.monroe () intel com>
Date: Mon, 7 Aug 2006 11:51:39 -0700
ISC2 also offers SSCP which requires 1 year of experience (www.isc2.org) for example. SANS also offers a wide range of certifications from security essentials to higher difficulties in specific security areas. http://www.giac.org/certifications/ gives a good overview of what's available and the requirements. Regards, Bruce -----Original Message----- From: Crispin Yuen [mailto:crispin.yuen () gmail com] Sent: Saturday, August 05, 2006 7:44 PM To: Monroe, Bruce Cc: security-basics () securityfocus com Subject: Re: question about CISSP experience requirements What would be those other security related certifications we can get in the interim? On 8/5/06, Monroe, Bruce <bruce.monroe () intel com> wrote:
A CISSP has to vouch for the experience requirements. If a certified CISSP vouches for the experience requirements when you don't actually have them that is a ethics violation...and a problem in itself that could result in issues with their own cert. I was audited by ISC2 when
I
got my CISSP a some years back so there is some checking done. From my experience they don't check everyone, but they do check on a
percentage
from every group taking the test. My recommendation would be to get
the
experience and not try the get around the system. There are plenty of other security related certificaitons you can get in the interim, and the experience will stand you in good stead regardless. My 2 cents... Regards, Bruce Note - the opinions expressed are my own and may not reflect those of
my
employer. -----Original Message----- From: e.m.baechle () ieee org [mailto:e.m.baechle () ieee org] Sent: Friday, August 04, 2006 7:01 AM To: security-basics () securityfocus com Subject: Re: question about CISSP experience requirements Kurt, You raise a good question. My opinion is that the CISSP designation should specifically identify security experience. However, my opinion is likely very far off from reality. I've seen quite a few people achieve CISSP status from passing a test, with no more experience on their resume than 5 years of changing backup tapes. Suddenly they're
a
"security expert" with field experience. The CISSP certification itself is the "gold standard" however my observations have been that a lot of underqualified people are
achiving
it. Much the same way that $$$ drove the MCSE program to keeping a
low
passing score. Again, in my observation, I think you could achieve
the
CISSP designation if you had someone willing to attest to you having full-time security responsibility. Sincerely, Eric B.
------------------------------------------------------------------------
--- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---
------------------------------------------------------------------------ ---
This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic
Excellence
in Information Security. Our program offers unparalleled Infosec
management
education and the case study affords you unmatched consulting
experience.
Using interactive e-Learning technology, you can earn this esteemed
degree,
without disrupting your career or home life. http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------ ---
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: question about CISSP experience requirements, (continued)
- Re: question about CISSP experience requirements sun sadm (Aug 08)
- Re: question about CISSP experience requirements benjaminz (Aug 04)
- Re: question about CISSP experience requirements naveed1970 (Aug 04)
- Re: question about CISSP experience requirements y0han (Aug 04)
- Re: question about CISSP experience requirements maxd (Aug 04)
- Re: question about CISSP experience requirements e . m . baechle (Aug 04)
- RE: question about CISSP experience requirements Monroe, Bruce (Aug 05)
- RE: question about CISSP experience requirements rolando_ruiz (Aug 08)
- RE: question about CISSP experience requirements David Gillett (Aug 08)
- RE: question about CISSP experience requirements Kurt Aubuchon (Aug 08)
- RE: question about CISSP experience requirements rolando_ruiz (Aug 08)
- RE: question about CISSP experience requirements Monroe, Bruce (Aug 08)