RE: CISSP experience Question

["David Harley" <david.a.harley () gmail com>]

> I have passed the CISSP examination 19 months ago. I believe 
> that now have the required security experience but not 100% 
> sure because some of my work was security related but mixed 
> with other duties such as system and network administration. 

Well, you might be able to argue that those other duties are security
related: the requirements seem a little fuzzy on that.

> I estimated my pure security experience to now be accurate, 
> but how and with who should I confirm before applying the 
> endorsement form to (ISC)2?

There's a form and email address at
https://www.isc2.org/cgi-bin/contact.cgi. Might be best to go to the horse's
mouth. :)

> My second question is: I prefer to apply my endorsement 
> through a certified CISSP, but I currently do not know any. I 
> also will start a new job and my employer does not know me 
> that much at all to endorse me. 

I'd have thought that if they knew enough about you to employ you for a
security job, they've had to research you to some extent, though your former
employer would be the obvious choice, if they're willing to. If you did the
CBK review, the person who ran the course might be prepared to sponsor you,
if they remember you. 

> Should any CISSP know me for 
> a certain amount of time before endorsing me, or can any 
> CISSP that I could contact through the internet do so as long 
> as they think my experience is enough through examining my CV? 

I wouldn't endorse someone I didn't know, certainly not on the basis of
examining their CV, and wouldn't feel that constituted a review of "the work
history and experience, reputation, and criminal history" of the individual.
I might endorse someone I hadn't met personally, depending on the context in
which I knew them. Via an open list like this wouldn't be enough. Mileage
may vary, but there is an ethical issue about best endeavours. Sorry if this
sounds elitist: it's not. I'm more than happy to endorse people I know well
enough to be reasonably sure they're Good Eggs. :) 

-- 
David Harley CISSP, Small Blue-Green World
Security Author/Editor/Consultant/Researcher
AVIEN Guide to Malware:
http://www.smallblue-greenworld.co.uk/pages/avienguide.html
Security Bibliography:
http://www.smallblue-greenworld.co.uk/pages/bibliography.html