Re: CISSP

[Bob Radvanovsky <rsradvan () unixworks net>]

Here's what ISC(2)'s web site states: https://www.isc2.org/cgi-bin/content.cgi?category=1187  

=====================================

Applicants must have a minimum of four years of direct full-time security professional work experience in one or more 
of the ten domains of the (ISC)² CISSP® CBK®. 

CISSP professional experience includes:

Work requiring special education or intellectual attainment, usually including a liberal education or college degree. 
Work requiring habitual memory of a body of knowledge shared with others doing similar work. 
Management of projects and/or other employees. 
Supervision of the work of others while working with a minimum of supervision of one's self. 
Work requiring the exercise of judgment, management decision-making, and discretion. 
Work requiring the exercise of ethical judgment (as opposed to ethical behavior). 
Creative writing and oral communication. 
Teaching, instructing, training and the mentoring of others. 
Research and development. 
The specification and selection of controls and mechanisms (i.e. identification and authentication technology) (does 
not include the mere operation of these controls). 
Applicable titles such as officer, director, manager, leader, supervisor, analyst, designer, cryptologist, 
cryptographer, cryptanalyst, architect, engineer, instructor, professor, investigator, consultant, salesman, 
representative, etc. Title may include programmer. It may include administrator, except where it applies to one who 
simply operates controls under the authority and supervision of others. Titles with the words "coder" or "operator" are 
likely excluded. 

Waiver of Experience:
If certain circumstances apply and with appropriate documentation, candidates are eligible to waive a maximum of two 
years of professional experience as follows:

One-year waiver of the professional experience requirement for education.
Candidates can substitute a maximum of one year of direct full-time security professional work experience described 
above if they have a four-year college degree OR a Master's Degree in information security from a U.S. National Center 
of Academic Excellence in Information Security (CAEIAE) or regional equivalent.

If you hold both a four-year degree and a Master’s degree, you may only apply for a one-year waiver of experience.

One-year waiver of the professional experience requirement for holding an additional credential on the (ISC)²-approved 
list.
 
For more information, or if you have questions about your requirements, you might want to contact ISC(2) at the 
following:

Contact the (ISC)² Institute for:
(ISC)²'s education programs, seminars, continuing education programs, company store and study textbooks, etc. are 
coordinated through the (ISC)² Institute ("Institute") in Vienna, Va. Contact the Institute for any issues related to 
registration for courses. 

 PH:  +1.866.462.4777 (toll free in North American only)
      +1.703.891.6781  
 FX:  +1.703.356-7977 
 EM:  institute () isc2 org 

This has NOT been a paid-service announcement, and is sponsored by the letter "I" and the number "2".  ;))

Good luck.

-r

----- Original Message -----
From: Mark Matrafajlo [mailto:marcuu () gmail com]
To: security-basics () securityfocus com
Subject: Re: CISSP


> I'm pretty sure that CISSP only requires an AS with 3-4 years exp.
> I'm not sure about the SANS mentor class though
>
> On 28 Nov 2006 19:27:51 -0000, jlehman () mail esignal com
> <jlehman () mail esignal com> wrote:
> > I was going to take the SANS mentor class for the CISSP. But I have just
> discovered that they are requiring a B.S. degree, which I don't have. I have
> been in the I.T. field as a sys admin/telecommunications/pseudo security
> person for 10 years now. I have achieved SANS silver GCIH and CGNA in the
> past year and a SCP (snort certified professional).
> > I don&#8217;t have a B.S. because I decided to be a chef,a nd got a
> culinary arts degree. I did that for 15+yeard and made it to my goal, but I
> make much more today than I did as a restaurateur.
> > So people, should I continue to peruse the SANS track, or somehow get that
> B.S and get the CISSP eventually? I see many job postings that are asking
> for CISSP certs.
> >