Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: CISSP-ISSMP
From: "Arley Barros Leal" <arley.leal () sonae com>
Date: Tue, 9 May 2006 17:33:29 +0100

"... So having the cert doesn't make you good, and doesn't prove to anyone
that you have experience or skill.."

Definitely, and may go further and say the same about college, mba and even
about a Master degree.

The truth is, employers will probably not overlook certs, and thus if found
two candidates with similar profiles but one has some fancy words like MCSE,
CEH, CISSP, CSSP, CCIE or whatever on his CV, I bet the jackpot goes to
owner of all those acronyms :-) Thus CERTs are an added value for any IT
professional and for any employer who looks towards ROI on their human
capital.

IMHO, if u have the time, the will and the money...go for it...

Cheers--

 
-----Original Message-----
From: nat () morgothan com [mailto:nat () morgothan com] On Behalf Of Nathaniel
Hirsch
Sent: segunda-feira, 8 de Maio de 2006 21:19
To: Mohamed Abdel Kader
Cc: pen-test () securityfocus com
Subject: Re: CISSP-ISSMP

I recently got my CISSP.  The company that I work for paid for me to go to a
class, and take the test assuming I passed. If I failed then the $500 would
be on my nickle.  Thankfully I did not fail.  The main reason they wanted me
to get my CISSP is now they can charge more for the work they contract me
out to, this and you need it or some other equivalent to do level 3 and 4
DITSCAP testing.  As for an ROI after I passed a got a 15% raise which was
nice, but I was also up for a raise, so I can not tell you how much that was
due to the CISSP, and how much was due to my overall performance at the
company.  Personally I feel that the exam and certification process is a
waste of time, and so does everyone else at the company, but they are
needed, or so they say.  However we have a guy who works here who is a CISSP
and a CEH(certified ethical hacker), and to be truthful, he is quite
possible the most worthless tester I have ever had to work with, and
everyone else in the office knows this.  So having the cert doesn't make you
good, and doesn't prove to anyone that you have experience or skill.  It
just proves that you can pick the correct answer out of a four possible
answer on a 250 question multiple choice exam. As for giving an out of 10
scale for everything you mentioned I guess they would all be 5s because it
all really depends on a lot of other things.  As for what job its good for,
I would have to say more managerial then anything else.  The topics covered
are really only puddle deep, not enough to know whats going on, just enough
to know that it is going on though.


Nathaniel Hirsch, CISSP
Xacta Corporation
656 Shrewsbury Ave.
Shrewsbury, NJ 07702

On 5/8/06, Mohamed Abdel Kader <makster12 () hotmail com> wrote:
Hi all,
I was wondering if anyone out there did the CISSP-ISSMP concentration.
I want to know the value added in the areas listed below, in an out of 
10 scale for example:

    Total ROI
    Career Advancement
    Industry Demand
    Raise Potential

    Suitable for what job/position (not an out of 10 answer of course 
:))

I also want to know the material to study from.

Thanks a million.
MAK

----------------------------------------------------------------------
--------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the 
Analyst's Choice Award from eWeek. As attacks through web applications 
continue to rise, you need to proactively protect your applications 
from hackers. Cenzic has the most comprehensive solutions to meet your 
application security penetration testing and vulnerability management 
needs. You have an option to go with a managed service (Cenzic 
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download 
FREE whitepaper on how a managed service can help you: 
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm 
your results from other product. Contact us at request () cenzic com for
details.
----------------------------------------------------------------------
--------



----------------------------------------------------------------------------
--
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to
rise, you need to proactively protect your applications from hackers. Cenzic
has the most comprehensive solutions to meet your application security
penetration testing and vulnerability management needs. You have an option
to go with a managed service (Cenzic ClickToSecure) or an enterprise
software (Cenzic Hailstorm). Download FREE whitepaper on how a managed
service can help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
----------------------------------------------------------------------------
--

Attachment: smime.p7s
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault