lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 22 Mar 2005 14:18:20 -0500
From: "Forbes, Robert R" <Robert_Forbes@...rey.com>
To: "Andre Ludwig" <andre.ludwig@...il.com>,
	<robert@...dsecurity.com>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: RE: Re: CISSP Test


Well Put Andre :-) 

-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Andre
Ludwig
Sent: Tuesday, March 22, 2005 1:37 PM
To: robert@...dsecurity.com
Cc: full-disclosure@...ts.grok.org.uk; bugtraq@...urityfocus.com
Subject: Re: [Full-disclosure] Re: CISSP Test

So much haterade it could drown a NFL football team.

The CISSP is good for a few reasons.  

It exposes all of us packet heads to weird things that we may or may
not normally do in our day to day grind.   While a mm deep and a mile
wide is apt at describing it from a knowledge point of view, it is
that very notion that makes the CISSP worth something.   For me it
comes back to the whole "why do i need a degree? i am smartar then
those edumacted foolz upstairs any hoo!".  For me the value add was
that i got to learn a bit about stuff that was "out of the box" that i
have worked myself into via specialization.  Meaning it exposed me to
all sorts of fun stuff like management issues of IA policies, legal
aspects of Infosec, and all that warm gooey goodness.

Does it make me a more well rounded individual?  You bet, ever since i
added those fine words to my name I have been pimping bitches to no
end.  I mean the womenz just melt when you tell them you are a
Certified Informant ion Systems Security Professional. It just has
that ring to it.

Is it the ultimate in geek mental masturbatory bling? NOPE (i think
the SANS GSE is at this point)

Does it make those ever so sezzy HR chicks melt?  Yup
Oh and it makes your boss all tingly with pride when he goes on
sales/business lunches.


So to recap, CISSP is good for its prestige and ability to show the
hardest core of geeks that there is more then reverse engineering
binaries when it comes to Infosec.   If you all ready know all the
domains inside and out to a point where studying INDEPTH the Knowledge
base, then what in the hell are you doing on this list?  You should be
out r00ting Iranian nuke plants while living in that bunker that the
DIA keeps you in.

Cheers

Dre


On Tue, 22 Mar 2005 10:18:40 -0800, robert@...dsecurity.com
<robert@...dsecurity.com> wrote:
> Vladamir(wireless.insecurity@...il.com)@Tue, Mar 22, 2005 at
10:36:25AM -0500:
> > I have heard conflicting views of the CISSP exam, is it worth it?
> 
> Depends on what you want out of it.  Go to www.hotjobs.com or dice.com
and type in CISSP.   You'll see lot's of good jobs that list CISSP as
either a requirement or a desired background.
> 
> That said, I heard a joke recently that goes something like this:
> "Getting your CISSP and trying to work in the Information Security
field is a bit like reading the Hardy Boys series and applying for a job
at the FBI... except that's not really fair to the Hardy Boys, as that
series actually does cover some investigation and espionage techniques."
> 
> I'm not sure how we got to the point where the CISSP became so
popular.  The test has very little to do with security.  In fact, you
will get throgh the CISSP test less confused and with a higher test
score the less you actually know about security.  Just get the Boson
test prep and you should pass the first time you try.
> 
> And if you do pass, please, please, don't affix it to the end of your
name. One of the easiest ways to find out if the email is even worth
reading is if the poster has CISSP as part of their name.  If they do,
it's usually safe to hit delete before you get more confused :).
> 
> Robert
> 
> --
> Robert E. Lee
> CEO, Dyad Security, Inc.
> W - http://www.dyadsecurity.com
> E - robert@...dsecurity.com
> M - (949) 394-2033
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Powered by blists - more mailing lists