Firewall Wizards mailing list archives
RE: CISSP
From: "Jeff Brown" <jvbrown () gte net>
Date: Wed, 28 Nov 2001 12:59:52 -0500
It's likely that this thread will run open-loop on fw-wiz, as this is more akin to an enigma. These questions and responses bring to mind similar long running debates on real-world vs. theoretical experience. While few would argue that 'cockpit' expertise is important in gaining a true understanding of the InfoSec issues, the existence of some minimum standard (CISSP or other) is necessary to establish a starting point. We have all seen and understand the difference between a certified newbie Novell/Microsoft/other 'gurus', and the individuals that are so busy doing the WORK, they have little time/interest in a cert. Generally, the cert seems to be most important to those interested in Resume building... these days, an increasingly significant motivator. Heck, I wonder what % of BlackHats (some of which are as skilled in these elements as any whitehat) need a CISSP behind their handle ? My sense is that most hiring entities would opt for a PROVEN cockpit expert anyday. JVBrown -----Original Message----- From: firewall-wizards-admin () nfr com [mailto:firewall-wizards-admin () nfr com]On Behalf Of Jody C. Patilla Sent: Tuesday, November 27, 2001 2:54 PM To: t Cc: firewall-wizards () nfr com Subject: Re: [fw-wiz] CISSP At 09:04 PM 11/26/01 -0500, t wrote:
I guess I would ask the question of all: Can a person with zero experience in the field pass the CISSP test? All the time, 5, 10, 50 percent of the time?
I know more than one person who has never configured a firewall or a router, never written a line of code, never rebuilt a filesystem, who has a CISSP. You have to remember that all the certifications in this industry also have a for-profit aspect. In some cases, one might suggest that profit is the primary or even sole motive. People who pass tests who have no experience usually have to go to training classes, which cost money. They buy study guides, which cost money. They go to conferences and get certification "credits" for attending certain tutorials, which cost money. If I were running an organization which made money from certifications, I'd probably be promoting the value of certification very loudly. - jcp _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: CISSP robert_david_graham (Nov 26)
- Re: CISSP t (Nov 27)