Re: recommendation for a cissp bootcamp

[Paul Keser <pkeser () STANFORD EDU>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Well put.  I would have to agree.  I studied for (and passed) my CISSP
on my own during the 1st 2 courses of my MS in Information Assurance.

It would have been a piece of cake if I had waited until completing my
MS but main thing I did notice was how much more depth my master program
went into.  They basically expanded all the 10 domains into separate
classes.

After completing the masters program it definitely reinforced my initial
feeling that the CISSP was 10 miles long and 2 feet deep.

I have heard nothing but good things about our local ISSA chapter's
review course.  It actually costs less than the included materials would
on their own I believe.  Everyone I know that *relied* on a bootcamp
type class failed the first time and had to study and try again on their
own.  Those that studied on their own and used a bootcamp to augment
their training were successful.

- -PaulK


Paul Keser
Assoc. Information Security Officer
Stanford University
650.724.9051
GPG Fingerprint:  DBA3 E20F CE91 28AA DA1C  4A77 3BD9 C82D 2699 24FB


Lovaas,Steven wrote:
> Since this is a *higher education* security list, I have to chime in here. Don't
> get me wrong, I see value in technical training such as SANS provides. But the
> CISSP has never been about certifying technical knowhow. It's about a broad
> awareness of the field, the kind you need if you're going to be talking security
> both to network/system folks and to management/finance/legal as well. It's about
> breadth, of the kind you get in a Master's degree. When there *were* no MS
> programs in infosec, taking boot camps and the like for the CISSP was the best
> way to get that kind of knowledge (other than live experience).
>
> But now there are a number of great degree programs at all levels, and we ought
> to be encouraging our peers -- the ones who want to get into security in some
> depth -- to be acquiring academic credentials. After a master's program, you can
> walk in and take the CISSP exam with no further preparation and not break a
> sweat!
>
> Some of these high-quality programs are online, and can be done from the comfort
> of your gaming console (I mean, PC) while working full-time. I happen to be
> partial to the program at Norwich University, where I got my MS and have taught
> from time to time. My classmates are all out working in the field, and I've had
> many doors open to me (including a PhD program) because of the knowledge and
> contacts I made there.
>
> So I won't bash SANS and all the rest... I just don't think they're the
> appropriate answer to every question.
>
> Steve
>
> ============================================
> Steven Lovaas, MSIA, CISSP
> IT Security Manager
> Academic Computing & Network Services
> Colorado State University
> 970-297-3707
> Steven.Lovaas () ColoState EDU
> ============================================
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Doug Markiewicz
> Sent: Monday, December 08, 2008 12:20 PM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] recommendation for a cissp bootcamp
>
> > All of the bootcamps are just CBK reviews.
>
> Eh, good point.  I would recommend one of the 3-5 days @ 8-hours/day variety
> over a 6-7 days @ 10-12 hours/day variety where your
> brain is total mush afterwards.
>
>
> > There is no way for someone to pass this exam without the prerequisite
> experience.
>
> Well if you can memorize a book, you can pass the test.  I've seen plenty of
> that.  If you don't have the experience, you can still
> sit for the test and become an Associate of ISC2.  Whether you have the
> experience or not, I think the prep and testing taking are
> an interesting experience.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJPwxLO9nILSaZJPsRAj5tAJ9ChhpufO6/dvrtQH0Oe9fuFGPUWACcCgjY
YjC1efCu99i6GjjlHchiMqQ=
=tc4a
-----END PGP SIGNATURE-----