Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RES: CISSP Test

From: Michael Simpson <mikie.simpson () gmail com>
Date: Tue, 5 Apr 2005 21:34:15 +0100
reminds me of the time when my father had all his letters placed after
his name on a letter from the royal college of psychiatrists. He is a
very bright man and had just been made one of the very few general
practitioners (family practitioners) to be made a fellow of the above
college, mainly due to being published in peer reviewed journals every
year since 1971 and running a psychosexual clinic for many years.
Anywho, the nice postman had added the letters C.R.A.P. after the long
list. He laughed, saying that some of the letters had been gleaned
during a time when "they were giving them away if you collected enough
crisp (chip) packets"

my point and his is that it doesn't really matter what goes after your
name as it doesn't mean that much. I myself have MB Ch.B - bachelor of
medicine and surgery and CCNA but neither of these qualifies me to do
anything, my recent experience is much more relevant so you will find
neither of them (or any others that i might accrue because i like the
feeling i get taking exams) in my sig. I would rather that people type
my name into google and find something interesting there

-don't bother, you won't  


On Mar 29, 2005 10:49 PM, J. Oquendo <root () nullrouted us> wrote:


On Tue, 29 Mar 2005, R Mondesir wrote:


The C.P.A exam for accountants is a better comparison to the CISSP
than the Bar exam is for lawyers if we are going to compare industry
benchmarks.  Eitherway, an internationally accepted stantard seems
inevitable.


Funny thing is, outside of the USA, I barely see people abroad toss in
fifty different little signatures when they send out mail.

Joe Blow
SCSA, CISSP, CCIE, CCDA, MCSE, FOOL, PWND, OVRKL
55 Main Street
London Bridge

With the exception of the Cisco certs, I can't recall seeing someone "tag"
their CISSP status coming from somewhere outside of the United States. Not
to say it is not important, but sigs (and this is all they mean to me...
signatures) are becoming overrated and bloated. Its like "Yea well I just
obtained my Symantec Uber Certified Klassification! Now I can add a SUCK
to my sig!" Give me a break.

I should for kicks dig through some of the mailing lists I'm on and point
fingers at CCDA's, MCSE's, CISSP's, and other little signature devils who
ask questions a 16 year old can answer. There are those who take tests,
and there are those who don't.

I'm sure many on this list know someone who is supposed to know but is
actually a clueless gimp.


I wholeheartedly agree that there needs to be an industry benchmark,
something that says you cannot operate in this field unless you have passed
x. I'm thinking along the lines of something similar to the Bar exam that


Industry benchmark? Sure there should be some overall knowledge of just
about everything but how do you define the unknown which is what most
computer security is at its core. Well I guess I'm looking at it from a
Greyhat perspective. How do you expect someone to learn vulnerabilities
that pop up. It takes a little more than reading and memorizing some book.
Bottom line in my opinion.


lawyers have to take, or perhaps a license like what doctors are required to
obtain before being able to practice. I fear its going to take something of
that level to truly separate the chaff from the wheat. Anything less and you
only end up with braindumps and bootcampers throwing resume after resume at
you.


It will not separate any chaff from the wheat. How many people just dive
into books and pass exams? With the CISSP, one is supposed to have an
alloted amount of time in the field. Sure lets debunk this moronic notion
of them validating this... Joe Blow worked for Foo Financial for 10 years.
9 of those years where in the mailroom. His brother in law works in the
compsec department and convinced his boss to `give him a chance`. Joe Blow
with one year experience studies for that one year. Applies to take the
test with (get this) 10 years (oh my he has some experience (do he not!)
under his wing. Joe Blow gets his sig and becomes a sig nazi. Whoopdeedoo.
So much for standards.

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
GPG Key ID 0x0D99C05C
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0D99C05C

sil @ infiltrated . net http://www.infiltrated.net

"How a man plays the game shows something of his
character - how he loses shows all" - Mr. Luckey

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: