Firewall Wizards mailing list archives
RE: CISSP
From: Paris Stone <Paris () esr com>
Date: Wed, 28 Nov 2001 14:50:21 -0500
Just go to dice.com or monster.com and see how many descriptions require a person with 'cockpit' experience vs. a bunch of LETTERS at the end of their signature file. It should add an interesting twist to this thread. A mentor of mine once told me this: "Degree, Certification, Experience. Most employers are looking for someone with at least two of the three." How you choose to get your two is up to you, but the IT industry has created this little paradox on it's own. My 2 Cents: IT'S ALL ABOUT MONEY! Not just the certification process/companies. My certifications do not pay my mortgage but they do help me to negotiate more money, and that does pay the mortgage. -----Original Message----- From: Jeff Brown To: Jody C. Patilla; t Cc: firewall-wizards () nfr com Sent: 11/28/01 12:59 PM Subject: RE: [fw-wiz] CISSP It's likely that this thread will run open-loop on fw-wiz, as this is more akin to an enigma. These questions and responses bring to mind similar long running debates on real-world vs. theoretical experience. While few would argue that 'cockpit' expertise is important in gaining a true understanding of the InfoSec issues, the existence of some minimum standard (CISSP or other) is necessary to establish a starting point. We have all seen and understand the difference between a certified newbie Novell/Microsoft/other 'gurus', and the individuals that are so busy doing the WORK, they have little time/interest in a cert. Generally, the cert seems to be most important to those interested in Resume building... these days, an increasingly significant motivator. Heck, I wonder what % of BlackHats (some of which are as skilled in these elements as any whitehat) need a CISSP behind their handle ? My sense is that most hiring entities would opt for a PROVEN cockpit expert anyday. JVBrown -----Original Message----- From: firewall-wizards-admin () nfr com [mailto:firewall-wizards-admin () nfr com]On Behalf Of Jody C. Patilla Sent: Tuesday, November 27, 2001 2:54 PM To: t Cc: firewall-wizards () nfr com Subject: Re: [fw-wiz] CISSP At 09:04 PM 11/26/01 -0500, t wrote:
I guess I would ask the question of all: Can a person with zero
experience in
the field pass the CISSP test? All the time, 5, 10, 50 percent of the
time? I know more than one person who has never configured a firewall or a router, never written a line of code, never rebuilt a filesystem, who has a CISSP. You have to remember that all the certifications in this industry also have a for-profit aspect. In some cases, one might suggest that profit is the primary or even sole motive. People who pass tests who have no experience usually have to go to training classes, which cost money. They buy study guides, which cost money. They go to conferences and get certification "credits" for attending certain tutorials, which cost money. If I were running an organization which made money from certifications, I'd probably be promoting the value of certification very loudly. - jcp _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards