Firewall Wizards mailing list archives

Re: CISSP

From: Bill_Royds () pch gc ca
Date: Tue, 27 Nov 2001 12:18:29 -0500


To be allowed to write the CISSP, one has to document at least 3 years
experience in at least 2 of the "domains" of knowledge.
The CISSP has been describe as the 10,000 foot view of IT security. It
does NOT indicate great depth in any field, as Crispin Cowan has properly
noted. But it does means someone has looked at a large number of areas and
is aware of the implications of them.
   I am involved in a CISSP study course at the moment and plan to write
the exam in January. I am finding that I know something about each of the
areas we study, some in a lot of depth, some only loosely. But the
systematic review is very useful, even it is to learn a consistent
terminology for various things.
   I have worked with computer security for over 20 years, as well as real
time software development for longer. What Robert and Crispin ask is that
people do the thing right. What the CISSP helps assure is that people know
to do the right thing.
If I were hiring someone to work on my system security architecture, I
would want someone who knows what the CISSP tests. If I were looking for
an implementer of this architecture, I would want someone with more of the
SANS GIAC certifications.
Certainly, just having the CISSP certification doesn't ensure you have any
depth, but it does ensure that you have some breadth.

Bill Royds





t <miedaner () twcny rr com>
11/26/01 09:04 PM


        To:
        cc:     firewall-wizards () nfr com
        Subject:        Re: [fw-wiz] CISSP


I try to stay silent on this list but have got to say put this into
perspective.

Testing is great and certification is great but you all realize that
passing a
test in college and graduating with a degree does not mean you can
actually do
anything useful.

Is a person with only a CISSP and 0 experience useful.  Well, in theory
and you
know where that gets us.

On the other side it is a bench mark of sorts.  If anything it does teach
some
lingo (talk the talk).

I guess I would ask the question of all: Can a person with zero experience
in
the field pass the CISSP test?  All the time, 5, 10, 50 percent of the
time?



_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards




_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

RE: CISSP robert_david_graham (Nov 26)
- Re: CISSP t (Nov 27)
  - Re: CISSP Jody C. Patilla (Nov 28)
    - Re: CISSP R. DuFresne (Nov 28)
    - RE: CISSP Jeff Brown (Nov 28)
- <Possible follow-ups>
- RE: CISSP Gibson, Brian (Nov 27)
- RE: CISSP Baumann, Sean C. (Nov 27)
  - RE: CISSP R. DuFresne (Nov 28)
    - RE: CISSP Peter Lukas (Nov 28)
- Re: CISSP Bill_Royds (Nov 28)
- RE: CISSP Baumann, Sean C. (Nov 28)
- RE: CISSP Paris Stone (Nov 29)
- RE: CISSP R. DuFresne (Nov 29)
- RE: CISSP kstephe6 (Nov 29)
- RE: CISSP Ames, Neil (Nov 30)