lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: [ok] Certifications 

On Mon, 22 Nov 2004 11:51:43 CST, Anders Langworthy said:

> The CISSP, otoh, supposedly requires 4 years of professional full-time 
> security work (3 years with a college degree, or 2 years with a BS & 
> Masters in Info Security).  Going to a boot camp wouldn't take care of 
> this requirement.  Shouldn't those with 4 years of professional 
> experience doing security be able to pass the exam without the need for 
> a boot camp anyway (or is that just foolish optimism)?  Are the exp. 
> requirements so open to interpretation or embellishment?  What gives?

It's quite possible to be (for instance) a firewall admin for 4 years, and
know *every* in and out of all the common exploits you see, but not have a
really good grasp on some of the *other* security fields (for instance, how
to define a site security policy).  On the flip side, you can spend a decade
getting good at doing security policies, and not know squat about how to
monitor the network....

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20041122/5822c590/attachment.bin

Powered by blists - more mailing lists