Firewall Wizards mailing list archives

RE: CISSP

From: "Gibson, Brian" <gibsonb () gruntal com>
Date: Mon, 26 Nov 2001 19:07:54 -0500

I would like to respond to two points made by you.  One is a nit pick and
the other is a general observation.

-----Original Message-----
From: robert_david_graham [mailto:robert_david_graham () yahoo com]
Sent: Monday, November 26, 2001 4:00 PM
To: 'robert_david_graham'; ark () eltex ru; 'David Hawley'
Cc: firewall-wizards () nfr com
Subject: RE: [fw-wiz] CISSP

<snip>
 (Every layer of the OSI
Model is end-to-end, for appropriate ends and appropriate services).</snip>

I would say that Layers 1 and 2 do not include end to end connectivity.
They are not carried from Host to Host necessarily so I would say that they
are NOT end to end.

I think that you can generally categorize Security professionals into 3
basic groups.  Hackers, Design Engineers(for lack of a better term), and
Policy Wonks.

You would certainly appear to fall under the Hacker category from what you
have posted.  For you a CISSP would not be generally valuable.  Design
Engineers could gather some value from a CISSP because the CISSP, as a
program and not a certification, would allow them to understand policy
issues and procedures that they often overlook.  Policy Wonks are the guys
who would most benefit from CISSPs.  

Although I have not taken the CISSP cert I have looked over the questions
and it really isn't very techinical, relatively speaking.  Certainly nothing
compared to a CCIE. I think virtually any Hacker or Design Engineer could
answer those questions fairly easily.  However it is pretty deep in policy
and procedure stuff which for most hands on guys is at best tangental to
their jobs.  

If you don't plan on being a Security Officer or Consultant I don't really
see there being a lot of value to it.  

Of course I could be wrong.

***********************************************************************
Gruntal & Co., L.L.C.'s e-mail system is for business purposes only.
Messages are not confidential. All e-mail may be reviewed by
authorized supervisors, compliance or internal audit personnel.
E-mail will be archived for at least three years and may be produced
to regulatory agencies or others with a legal right to access such
information. Gruntal will not accept trade order instructions via
e-mail. Please telephone your Account Executive to place trade orders.

Gruntal & Co., L.L.C.
***********************************************************************

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

RE: CISSP robert_david_graham (Nov 26)
- Re: CISSP t (Nov 27)
  - Re: CISSP Jody C. Patilla (Nov 28)
    - Re: CISSP R. DuFresne (Nov 28)
    - RE: CISSP Jeff Brown (Nov 28)
- <Possible follow-ups>
- RE: CISSP Gibson, Brian (Nov 27)
- RE: CISSP Baumann, Sean C. (Nov 27)
  - RE: CISSP R. DuFresne (Nov 28)
    - RE: CISSP Peter Lukas (Nov 28)
- Re: CISSP Bill_Royds (Nov 28)
- RE: CISSP Baumann, Sean C. (Nov 28)
- RE: CISSP Paris Stone (Nov 29)
- RE: CISSP R. DuFresne (Nov 29)
- RE: CISSP kstephe6 (Nov 29)
- RE: CISSP Ames, Neil (Nov 30)