Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: CISSP

From: "Jeff Brown" <jvbrown () gte net>
Date: Wed, 28 Nov 2001 12:59:52 -0500

It's likely that this thread will run open-loop
on fw-wiz, as this is more akin to an enigma.

These questions and responses bring to mind
similar long running debates on real-world vs.
theoretical experience. While few would argue
that 'cockpit' expertise is important in gaining a
true understanding of the InfoSec issues, the
existence of some minimum standard (CISSP or
other) is necessary to establish a starting point.

We have all seen and understand the difference
between a certified newbie Novell/Microsoft/other 
'gurus', and the individuals that are so busy doing 
the WORK, they have little time/interest in a cert.

Generally, the cert seems to be most important
to those interested in Resume building...
these days, an increasingly significant motivator. 

Heck,  I wonder what % of BlackHats (some
of which are as skilled in these elements as any
whitehat) need a CISSP behind their handle ?

My sense is that most hiring entities would opt
for a PROVEN cockpit expert anyday.

JVBrown

-----Original Message-----
From: firewall-wizards-admin () nfr com
[mailto:firewall-wizards-admin () nfr com]On Behalf Of Jody C. Patilla
Sent: Tuesday, November 27, 2001 2:54 PM
To: t
Cc: firewall-wizards () nfr com
Subject: Re: [fw-wiz] CISSP


At 09:04 PM 11/26/01 -0500, t wrote:

I guess I would ask the question of all: Can a person with zero experience in
the field pass the CISSP test?  All the time, 5, 10, 50 percent of the time?


I know more than one person who has never configured a firewall or a router,
never written a line of code, never rebuilt a filesystem, who has a CISSP.
You have to remember that all the certifications in this industry also have
a for-profit aspect.  In some cases, one might suggest that profit is the
primary or even sole motive.  People who pass tests who have no experience
usually have to go to training classes, which cost money. They buy study
guides, which cost money. They go to conferences and get certification 
"credits" for attending certain tutorials, which cost money. If I were
running an organization which made money from certifications, I'd probably
be promoting the value of certification very loudly.

- jcp

  
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: