mailing list archives
Re: [ok] Certifications
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Nov 2004 16:59:41 -0500
On Mon, 22 Nov 2004 11:51:43 CST, Anders Langworthy said:
The CISSP, otoh, supposedly requires 4 years of professional full-time
security work (3 years with a college degree, or 2 years with a BS &
Masters in Info Security). Going to a boot camp wouldn't take care of
this requirement. Shouldn't those with 4 years of professional
experience doing security be able to pass the exam without the need for
a boot camp anyway (or is that just foolish optimism)? Are the exp.
requirements so open to interpretation or embellishment? What gives?
It's quite possible to be (for instance) a firewall admin for 4 years, and
know *every* in and out of all the common exploits you see, but not have a
really good grasp on some of the *other* security fields (for instance, how
to define a site security policy). On the flip side, you can spend a decade
getting good at doing security policies, and not know squat about how to
monitor the network....