lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: srenna at vdbmusic.com (srenna@...music.com)
Subject: CISSP Test

agreed on the devaluing of the GIACs.  SANS is really 
making a big mistake and angering 7000 Security 
Professionals.

The three "crown jewels" as I see them are CISSP, SANS 
GIAC(with practical) and CISM/CISA.

Get any of those combined with solid experience and you're 
in.  A CISSP is basically becoming like the MCSE these 
days.

Scott Renna CISSP, GCIA, GCIH  <---Practical
Security Team Lead


On Tue, 22 Mar 2005 11:37:45 -0500
  adeel hussain <ad33lh@...il.com> wrote:
> Hello Vladamir,
> 
> To answer your question, yes the CISSP is worth it. 
> However it is
> only worth it due to the publics misconception of what 
>is is.
> 
> The CISSP certification basically shows that you have a 
>base
> understanding of the primary concepts across what are 
>widely regarded
> as all the major areas if IT security knowledge (known 
>as the Common
> Body of Knowledge or CBK).  This is a good thing if you 
>are, or aspire
> to be, in a management position.
> 
> Unfortunately the common perception of the CISSP by most 
>non-IT
> security people (which includes HR staff) is that 
>someone who is a
> CISSP is capable and competent in all areas of IT 
>security.  Add to
> that the belief it is the best (or only) security 
>certification they
> are aware of and it becomes "the" security certification 
>in thier
> eyes.
> 
> I have seen many job descriptions in my time and in the 
>last few years
> it is rare to find one that does not either require or 
>desire the
> CISSP.
> 
> As for other certifications, the SANS certs are quite 
>good although, I
> believe, they are about to get devalued by the removal 
>of the
> practical requirement.  I would recommend getting the 
>CISSP, maybe the
> GSEC (SANS security essentials cert) and then focusing 
>on certs for
> products/systems within the area you will be working in. 
> But
> remember, the cert is just the starting point and the 
>resume's foot in
> the door.  You need to study and get as much hands on as 
>you can to
> actually learn your chosen trade.
> 
> 
> Good Luck,
> 
> Adeel
> _______________________________________________
>Full-Disclosure - We believe in it.
> Charter: 
>http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ