Full Disclosure mailing list archives

RE: IT security professionals in demand in 2006

From: "Christopher Carpenter" <ccarpenter () dswa net>
Date: Tue, 6 Dec 2005 13:09:04 -0700


-----Original Message-----
From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of 
wilder_jeff Wilder
Sent: Tuesday, December 06, 2005 12:41 PM
To: buford.t.pisser () verizon net; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] IT security professionals in demand in 2006

I didnt know that they gave out scores?... have they started doing that?



-Jeff Wilder
CISSP,CCE,C/EH



-----BEGIN GEEK CODE BLOCK-----
  Version: 3.1
        GIT/CM/CS/O d- s:+ a C+++ UH++ P L++ E- w-- N+++ o-- K- w O- M--
        V-- PS+ PE- Y++ PGP++ t+ 5- X-- R* tv b++ DI++ D++
        G e* h--- r- y+++*
------END GEEK CODE BLOCK------

From: "Buford T. Pisser" <buford.t.pisser () verizon net>
To: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] IT security professionals in demand in 2006
Date: Tue, 06 Dec 2005 13:44:41 -0500
MIME-Version: 1.0
Received: from lists.grok.org.uk ([195.184.125.51]) by 
bay0-mc7-f3.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 6 
Dec 2005 11:02:15 -0800
Received: from lists.grok.org.uk (localhost [127.0.0.1])by 
lists.grok.org.uk (Postfix) with ESMTP id BFFB8A13;Tue,  6 Dec 2005 
19:00:50 +0000 (GMT)
Received: from vms044pub.verizon.net (vms044pub.verizon.net 
[206.46.252.44])by lists.grok.org.uk (Postfix) with ESMTP id A9D0CBA0for 
<full-disclosure () lists grok org uk>;Tue,  6 Dec 2005 18:44:54 +0000 (GMT)
Received: from [192.168.254.1] ([64.111.148.124])by vms044.mailsrvcs.net 
(Sun Java System Messaging Server 6.2-4.02(built Sep9 2005)) with ESMTPA id 
<0IR3005S5AQJKDW4 () vms044 mailsrvcs net> 
forfull-disclosure () lists grok org uk; Tue, 06 Dec 2005 12:44:43 -0600 (CST)
X-Message-Info: JGTYoYF78jE+aOizAzTLL45gEFpM1aEsx0aWQEqmiWM=
X-Original-To: full-disclosure () lists grok org uk
Delivered-To: full-disclosure () lists grok org uk
X-Accept-Language: en-us, en
References: 
<6450e99d0512041801p4adf24bclb8deaeefd203fa9a () mail gmail 
com><00bc01c5f945$fc232af0$0100a8c0@nuclearwinter><1f1991610512050808r2a32795fw2e17d932e8cbf9c () mail gmail 
com><017f01c5f9c7$f0820c70$0100a8c0@nuclearwinter><1f1991610512051145h1c38f612k95068a437c93319b () mail gmail 
com><01e601c5fa02$3a96ff20$0100a8c0@nuclearwinter><4395CFC1.90607 () lcssecuritygroup com>
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
X-Mailman-Approved-At: Tue, 06 Dec 2005 19:00:37 +0000
X-BeenThere: full-disclosure () lists grok org uk
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: An unmoderated mailing list for the discussion of security 
issues<full-disclosure.lists.grok.org.uk>
List-Unsubscribe: 
<https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, 
<mailto:full-disclosure-request () lists grok org uk?subject=unsubscribe>
List-Archive: <http://lists.grok.org.uk/pipermail/full-disclosure>
List-Post: <mailto:full-disclosure () lists grok org uk>
List-Help: <mailto:full-disclosure-request () lists grok org uk?subject=help>
List-Subscribe: 
<https://lists.grok.org.uk/mailman/listinfo/full-disclosure>, 
<mailto:full-disclosure-request () lists grok org uk?subject=subscribe>
Errors-To: full-disclosure-bounces () lists grok org uk
Return-Path: full-disclosure-bounces () lists grok org uk
X-OriginalArrivalTime: 06 Dec 2005 19:02:15.0871 (UTC) 
FILETIME=[92BBBCF0:01C5FA97]

I was already in the door and had been doing the work for years. Then the 
"Company" decided that I needed the Cert to make myself saleable to 
perspective customers. I went to Borders and picked up a copy of "CISSP For 
Dummies". Cracked the book 2 nights before the test to take the practice 
exams. Scored a 92 on the exam and put the book away. We were given 6 hours 
to complete the exam. They handed the exams out at 9:15. We started the 
test about 20 minutes later. At 11:45 I was sitting in the resort 
restaurant with my two sons eating breakfast. I would not howerevr put down 
the significance or value of the CISSP certification. With it I doubled my 
salary within less than 4 months of having obtained it. My ex employer  
paid for the  cert,  but refused to budge on the raise promises that were 
made to get me to go for the cert. But then a gain, I did say ex-employer.

Marvin R. Myers CISSP

Scott Renna wrote:

The certs get you in the door

Being crappy at your job and showcasing your shortcomings will show you 
out the door.

sk wrote:


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Ditto. As of April 2004, they weren't publishing scores. According to
https://www.isc2.org/cgi-bin/content.cgi?page=814#retest:

"As a matter of (ISC)² policy and good testing practice, (ISC)² does not report numeric scores to passing candidates.
Passing candidates are not issued numeric scores in order to (a) be in compliance with testing industry guidelines, and
(b) to protect candidates from those who could misinterpret the meaning of the numeric scores (employers, for example).

The (ISC)² examinations are referred to as "high stakes examinations" and are constructed using a criteria-referenced
test design. A criteria-referenced test is not intended to compare candidates' performance against that of other
candidates but rather to compare a candidate's performance against an absolute set of criteria. For example, an
employer may erroneously assume a candidate with a score of 850 is more competent than a candidate with a score of 750.
Actually, tests of this design (strictly constructed certification or licensing examinations) are not able to make such
a distinction. It can only accurately be stated that both candidates possess the minimum competencies necessary to hold
the credential.

Unlike the case of passing candidates, it is important for failing candidates to be provided with an overall numeric
score, in addition to the diagnostic relative strength and weakness information, so the candidate can assess the level
of effort and areas needing more or less attention to prepare for a retake of the examination."

Sorry for the large paste.

Chris
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: IT security professionals in demand in 2006, (continued)
- - - Re: IT security professionals in demand in 2006 J.A. Terranson (Dec 05)
    - Re: IT security professionals in demand in 2006 Scott Renna (Dec 06)
    - Re: IT security professionals in demand in 2006 Buford T. Pisser (Dec 06)
    - Re: IT security professionals in demand in 2006 wilder_jeff Wilder (Dec 06)
  - Re: IT security professionals in demand in 2006 Gautam R. Singh (Dec 05)
    - Re: IT security professionals in demand in 2006 6ackpace (Dec 06)
  - Re: IT security professionals in demand in 2006 InfoSecBOFH (Dec 06)
    - Re: IT security professionals in demand in 2006 wilder_jeff Wilder (Dec 06)
- RE: IT security professionals in demand in 2006 J. Patterson Wicks (Dec 06)
  - RE: IT security professionals in demand in 2006 Paul Schmehl (Dec 06)
- RE: IT security professionals in demand in 2006 Christopher Carpenter (Dec 06)
  - Re: IT security professionals in demand in 2006 Vincent Archer (Dec 07)