From: Joseph Brunner (joe@affirmedsystems.com)
Date: Thu Nov 20 2008 - 12:18:56 ARST
I don't make this stuff up... I watched 5 people read a testking type answer
key, and guess what? They all used it and passed...
And what boss wouldn't ENDORSE their employee's application?
Cheaper than giving them a raise, huh?
If this cert carries any weight its because most people are not smart enough
to get the ccie security and then the rolls Royce- the GSE.
If I was ONLY a security practitioner looking to make my bones I would just
get the GSE.
Now read the requirements for the GSE (giac), and tell me what a CISSP can
do?
Can a CISSP mitigate a sql injection attack?
Can a CISSP detect attempts to avoid detection of his IDS?
Can a CISSP detect and block users who have connected to a botnet?
(Only if he/she has some real world experience)! I don't think the CISSP
Can vouch for you... the GSE, obviously!
-Joe
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Matthew Long
Sent: Thursday, November 20, 2008 4:10 AM
To: Cisco certification
Subject: RE: OT What do you all think about CISSP certification?
I have been considering the CISSP on an off for some time, I look at it
as an option and as a large percentage of my work is security
consultancy it is useful to have the weight of a CISSP to sit along with
a CCIE. It also has the advantage of being a cert which is not tied to a
vendor take a look at
"http://www.networkworld.com/news/2008/111708-cisco-sec.html" .
As to the ability to cheat, yes the CISSP is a written (I haven't sat it
yet) but from what I have heard there is quite a bit of interpretation
required for the exam questions. It's not like pass4suring your CCNA.
And once you have passed your exam you have to be endorsed:
"Once a candidate has been notified they have successfully passed the
CISSP examination, he or she will be required to have his or her
application endorsed before the credential can be awarded.
The endorser attests that the candidate's assertions regarding
professional experience are true to the best of their knowledge, and
that the candidate is in good standing within the information security
industry."
http://www.isc2.org/endorsement.aspx
Now I not saying the endorsement isn't fool proof, but, how many R&S
jockeys have won their spurs in the real world and how many are sat
tapping away on a dynamips lab?
You pays you money and takes your choice.
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Pavel Bykov
Sent: 18 November 2008 23:01
To: Darby Weaver
Cc: darth router; Duncan Maccubbin; Cisco certification
Subject: Re: OT What do you all think about CISSP certification?
One of the reasons CCIE has held up in high ranks over all those years
is
the thorough practical part, which inherently filters out paper-boys, or
certifications where people can cheat using TK, Pass4Sure, etc.
CISSP does not have that, and as far as I know, has only theoretical
part to
it.
Therefore it could have value HR-wise now, but weight of the cert it is
directly offseted by it's demand and amount of people cheating their way
to
it.
On Tue, Nov 18, 2008 at 10:28 PM, Darby Weaver
<ccie.weaver@gmail.com>wrote:
> All,
>
> I've seen a lot of demand for the CISSP.
>
> It's not that hard from a technical perspective but it is broad and
does
> require a little time to study for it.
>
> It has its place and some people with the CISSP are commanding greater
> salaries than a CCIE.
>
> But recall the CISSP is not assumed to have any specific knowledge of
> either
> a PIX/ASA nor Cisco.
>
> It's a generalist certification very similar to the SANS GSEC.
>
> If you want to work in a Security capacity it's kind of assumed to be
> there.
>
> So not a bad $500.00 or so investment for the exam or maybe
$4500-5000.00
> for a class.
>
> Cheaper than a CCIE for sure.
>
>
>
>
> On Mon, Nov 17, 2008 at 4:28 PM, darth router
<darklordrouter@gmail.com
> >wrote:
>
> > Good conversation. I've seen it as a DoD contract requirement
before. I'd
> > probably look at it as a resume booster, but I do have to admit,
there
> was
> > good material with what I did read over, just boring, and not action
> packed
> > like working on cisco gear!
> >
> >
> >
> > On Mon, Nov 17, 2008 at 6:53 AM, Duncan Maccubbin <
> > duncan.maccubbin@earthlink.net> wrote:
> >
> > > How much did your CCIE teach you about Physical data center
security?
> > > Disaster recovery? Law? While it didn't go into deep detail I
still
> > learned
> > > quit a bit. The CISSP is what it is which is not a vendor specific
> hands
> > on
> > > exam.
> > >
> > > "But to each is own... I worked at a company where like 5 people
got
> the
> > > CISSP. None of them could configure even the basic stuff on a
pix... so
> > what
> > > does that tell you???"
> > >
> > > It tells me you have no clue what the CISSP exam is about.
> > >
> > > -----Original Message-----
> > > >From: Joseph Brunner <joe@affirmedsystems.com>
> > > >Sent: Nov 17, 2008 10:41 AM
> > > >To: "'Diment, Andrew'" <Andrew.Diment@qwest.com>, 'darth router'
<
> > > darklordrouter@gmail.com>, 'Cisco certification' <
> ccielab@groupstudy.com
> > >
> > > >Subject: RE: OT What do you all think about CISSP certification?
> > > >
> > > >Right, I agree "knowledge is never useless"
> > > >
> > > >There is better security knowledge for today's re-aligned world
in the
> > > >CCNA-SEC
> > > >
> > > >I wouldn't even say the CISSP is an inch deep... it's about a
> millimeter
> > > >deep, that's why I think its worthless. The CCIE written's are an
inch
> > > deep.
> > > >
> > > >But to each is own... I worked at a company where like 5 people
got
> the
> > > >CISSP. None of them could configure even the basic stuff on a
pix...
> so
> > > what
> > > >does that tell you???
> > > >
> > > >-Joe
> > > >
> > > >-----Original Message-----
> > > >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> Of
> > > >Diment, Andrew
> > > >Sent: Monday, November 17, 2008 10:26 AM
> > > >To: Joseph Brunner; darth router; Cisco certification
> > > >Subject: RE: OT What do you all think about CISSP certification?
> > > >
> > > >I don't agree with your assessment that the CISSP is useless.
Does it
> > > >teach you to configure a firewall...no, but neither does a
college
> > > >degree. Would you consider that useless too? Knowledge is never
> > > >useless.
> > > >
> > > >You just need to take it for what it is, a 50,000 foot view of
all
> > > >aspects of security. A mile wide and an inch deep. By itself it
> might
> > > >not mean much, but it does show you went through the material and
> passed
> > > >the test. Anything, and I mean anything, that will move your
resume
> to
> > > >the "interview" pile is very useful.
> > > >
> > > >I very recently applied for a security job within my own company.
I
> got
> > > >a call from HR and the guys exact words were "you have a CCIE and
a
> > > >CISSP, I'm going to immediately forward your resume to the hiring
> > > >manager". I had an interview 24 hours later.
> > > >
> > > >Andy
> > > >
> > > >-----Original Message-----
> > > >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> Of
> > > >Joseph Brunner
> > > >Sent: Monday, November 17, 2008 8:39 AM
> > > >To: 'darth router'; 'Cisco certification'
> > > >Subject: RE: OT What do you all think about CISSP certification?
> > > >
> > > >OT is right.. search the archives...
> > > >
> > > >My thoughts - useless, now more than ever...
> > > >
> > > >Its bad in IT right now unless you can configure a firewall, not
tell
> us
> > > >we should have one. Unless you can configure a lockdown of a
voice
> over
> > > >ip network, not tell us we should lock down our voice over ip
network.
> > > >Get it?
> > > >
> > > >The CISSP is heavy on theory, but not many places have time for
> theories
> > > >any more... they are running their budgets on empty until at
least
> 2011.
> > > >Its time to roll up your sleeves and hit the datacenter.
> > > >
> > > >-Joe
> > > >
> > > >-----Original Message-----
> > > >From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On
Behalf
> Of
> > > >darth router
> > > >Sent: Sunday, November 16, 2008 8:58 PM
> > > >To: Cisco certification
> > > >Subject: OT What do you all think about CISSP certification?
> > > >
> > > >Anyone have it? Does it bring any real value to your career?
> > > >
> > > >
> > > >Blogs and organic groups at http://www.ccie.net
> > > >
> > >
>
>_______________________________________________________________________
> > > >Subscription information may be found at:
> > > >http://www.groupstudy.com/list/CCIELab.html
> > > >
> > > >
> > > >Blogs and organic groups at http://www.ccie.net
> > > >
> > >
>
>_______________________________________________________________________
> > > >Subscription information may be found at:
> > > >http://www.groupstudy.com/list/CCIELab.html
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >This communication is the property of Qwest and may contain
> confidential
> > > or
> > > >privileged information. Unauthorized use of this communication is
> > strictly
> > > >prohibited and may be unlawful. If you have received this
> communication
> > > >in error, please immediately notify the sender by reply e-mail
and
> > destroy
> > > >all copies of the communication and any attachments.
> > > >
> > > >
> > > >Blogs and organic groups at http://www.ccie.net
> > > >
> > >
>
>_______________________________________________________________________
> > > >Subscription information may be found at:
> > > >http://www.groupstudy.com/list/CCIELab.html
> > > >
> > > >
> > > >Blogs and organic groups at http://www.ccie.net
> > > >
> > >
>
>_______________________________________________________________________
> > > >Subscription information may be found at:
> > > >http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > >
This archive was generated by hypermail 2.1.4 : Mon Dec 01 2008 - 08:18:31 ARST