Full Disclosure mailing list archives
Re: Hacking Boot camps!: certifications
From: Marco Ermini <markoer () markoer org>
Date: Fri, 25 Nov 2005 13:15:42 +0100
The instructor in my CISSP CBK review camp - very useful and informative, FOR MY MILEAGE; it was from The Training Camp in UK - said that they introduced the limit of having some years of experience in obtaining the CISSP, after a 12 y.o. passed the exam - he was the son of a software programmer somewhat knowledgeable about security... And I have to add: guys from USA, which are addicted into one-out-of-four multiple choice exams because, for instance, they also did that at school, driver license exams, etc. have a great advantage over European-style educated persons like me, which for instance rarely did University exams on paper: in the 90% of the University exams, we are questioned "live" by the professor and we have to demonstrate real knowledgeably of the argument through arguing and speaking - we can't simply guess the multiple choices... this has actually a drawback on this kind of tests: we may know a topic, extensively talk about it, have real working experience on it, but being not very good in doing multiple choice exams - while someone who has more practice on this kind of exam could overcome our results even if he/she knows HALF about the topic than me - I feel this unfair (anyway, I passed the exam ;-)). Back on the employers and DICE search... I don't think you can simply compare different certifications in this way... they are very different, and so employer requirements... and who knows, maybe the 116 GIAC positions are way better than the 677 CISSP positions... just look at how many employers look at a simple and stupid CCNA certification... you are not going to become rich because there are 10,000 open positions for CCNA certificated - they are simple "SHOW LOG" guys :-) - or MCSE or MCSD Visual Basic developer..., etc. Cheers On 11/24/05, InfoSecBOFH <infosecbofh () gmail com> wrote:
But my dear friends... one can lie and still get his CISSP. I know of at least 3 different people who are NEW to infosec but faked some experience for their CISSP. Hell, I lied on my application and got my CISSP yet I still ./ my way around the interweb.
[...] -- Marco Ermini Dubium sapientiae initium. (Descartes) root@human # mount -t life -o ro /dev/dna /genetic/research (This message is for the designated recipient only and may contain privileged or confidential information. If you have received it in error, please notify the sender immediately and delete the original.) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Hacking Boot camps!: certifications senator . crabgrass (Nov 23)
- Re: Hacking Boot camps!: certifications InfoSecBOFH (Nov 24)
- Re: Hacking Boot camps!: certifications Marco Ermini (Nov 25)
- Re: Hacking Boot camps!: certifications InfoSecBOFH (Nov 24)