Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: [ok] Certifications
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Nov 2004 16:59:41 -0500

On Mon, 22 Nov 2004 11:51:43 CST, Anders Langworthy said:

The CISSP, otoh, supposedly requires 4 years of professional full-time 
security work (3 years with a college degree, or 2 years with a BS & 
Masters in Info Security).  Going to a boot camp wouldn't take care of 
this requirement.  Shouldn't those with 4 years of professional 
experience doing security be able to pass the exam without the need for 
a boot camp anyway (or is that just foolish optimism)?  Are the exp. 
requirements so open to interpretation or embellishment?  What gives?

It's quite possible to be (for instance) a firewall admin for 4 years, and
know *every* in and out of all the common exploits you see, but not have a
really good grasp on some of the *other* security fields (for instance, how
to define a site security policy).  On the flip side, you can spend a decade
getting good at doing security policies, and not know squat about how to
monitor the network....

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]