Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: Anyone here a CISSP?

  1. #11
    Senior Member SephStorm's Avatar
    Join Date
    Aug 2008
    Posts
    166

    Default

    Quote Originally Posted by lupin View Post
    They accept some related experience as long as there is some security component to the job, like system administration for example, but yes, its true that they also have a minimum experience requirement.

    I think that point is actually in the certifications favour (it means that the cert holder has had some hands on experience and hasnt just passed the exam right out of a certification mill), and I do meet the requirement, but regardless Im still not going to get a CISSP.
    I don't like this, while I'll agree that it is a good idea, it doesn't take anything else into account, whether it be a bad economy, or someone whose just getting into a field.

    Now with the CISSP in particular it makes sense, you need experience to logically perform the tasks of a CISSP, but I would not like this to be the case for other certifications. For me, when I pursue a certification, I am learning new things, not just confirming previously held knowledge. When I study for CCENT like I am currently, it is my first time working with Cisco products (excluding the requisite Linksys products). Like Lupin said, he has the knowledge and ability, he doesn't need the certification.

    @theprez

    Do most employers even recognize Associate of ISC? I had to consider that when I was looking at SSCP.
    "You're only smoke and mirrors..."

  2. #12
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by thorin View Post
    I'm actually a OSSTMM trainer now.
    Cool.

    Quote Originally Posted by thorin View Post
    I've also been looking at doing my GWAPT (which replaced GWAS)...I had hoped for this year but in reality it seems like it's gonna wait till next year
    Yeah, me doing the course this year will be heavily dependent on available funding. I'm waiting for it to be available on OnDemand, as this will be slightly cheaper than going to SANS Sydney 2009 (and it being slightly cheaper will make it more likely that I'll get to do it)

    Quote Originally Posted by SephStorm View Post
    I don't like this, while I'll agree that it is a good idea, it doesn't take anything else into account, whether it be a bad economy, or someone whose just getting into a field.
    Yes, its a little unpopular, but as you mentioned its good for the certification (witness how the MCSE was devalued because of all the certification holders who couldn't even perform basic Windows admin tasks).
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #13
    Senior Member SephStorm's Avatar
    Join Date
    Aug 2008
    Posts
    166

    Default

    Quote Originally Posted by lupin View Post
    Yes, its a little unpopular, but as you mentioned its good for the certification (witness how the MCSE was devalued because of all the certification holders who couldn't even perform basic Windows admin tasks).
    i've heard of this but how is that even possible? I mean its like 20 exams (exaggeration). And why would someone try to get a job as an IT Engineer with no experience? Just makes no sense to me.
    "You're only smoke and mirrors..."

  4. #14
    Junior Member IAMZOMBIE's Avatar
    Join Date
    Jan 2010
    Posts
    81

    Default

    Quote Originally Posted by SephStorm View Post
    i've heard of this but how is that even possible? I mean its like 20 exams (exaggeration). And why would someone try to get a job as an IT Engineer with no experience? Just makes no sense to me.
    It was a different era 10 years ago.
    On the radio all you heard were 'get rich quick, become a systems engineer' commercials.
    I have a MCSE in NT4 and 2000 from back then, but I stopped certs all together when my manager at the time who couldn't even tell you what dhcp is got his mcse from a bootcamp. He said they feed him the actual questions for 10 hours and then he would take the test over and over until he passed. With an instructor 'watching' if necessary. I spent 13 months on the NT4 one and 11 months on the 2000 one. I was pissed.

    IMO, we need something like the CPA that accountants have. An exam you take ONCE, and then just maintain with CPE.

    Another thing that got to me is at one time I have 4 high level certs and then I realized, how the hell am I going to re-certify? I would have to recertify 1 exam a year. That with work = stagnation and no life.

  5. #15
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by SephStorm View Post
    i've heard of this but how is that even possible? I mean its like 20 exams (exaggeration). And why would someone try to get a job as an IT Engineer with no experience? Just makes no sense to me.
    There's braindumps out there for Microsoft exams, so if you have access to these and a good memory, you can pass many of the tests without knowing much. Also a lot of the knowledge required for the tests is kind of theoretical and forgotten quickly unless you use it regularly. I have an MSCA + Security, which I completed last year, and I know I have forgotten a healthy chunk of the stuff I learned that I haven't used since, even though I understood it well at the time of the exam.

    And lots of people try to get jobs that they aren't qualified for - its not just a problem in the IT field.

    I only really got this Microsoft certification because it was a requirement for my Masters degree, I didn't get it out of an expectation that it would help me get a better job. The Microsoft certs don't have a good enough reputation to make it worth the effort you have to put in to getting one (your estimate of 20 tests was only a slight exaggeration, I think it takes about 8 or 9 tests to get a Server 2003 MCSE)
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  6. #16
    Senior Member SephStorm's Avatar
    Join Date
    Aug 2008
    Posts
    166

    Default

    I think it's sad, a few bad apples in years gone by make it harder for those of us up and comming to get on a level playing field.
    "You're only smoke and mirrors..."

  7. #17
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Quote Originally Posted by SephStorm View Post
    I think it's sad, a few bad apples in years gone by make it harder for those of us up and comming to get on a level playing field.
    "Few" hardly covers the numbers of MCSE's out there who were pumped out of the certification mills.

    I've met a few CISSP's in my runs around the security industry, and have thus decided NOT to get mine anytime soon based on the majority of their knowledge (there are some - mostly whom I have never met - who go against the grain, but so far those in Australia have not instilled much faith in me). Not necessarily pertinent to the thread, but I thought I should contribute a bit after the MCSE thing.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  8. #18
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    1

    Default

    Hi Thorin, Are you in the states.. or Canada?
    Just curious, im a trainer too!

    Quote Originally Posted by thorin View Post
    @ lupin

    I'm actually a OSSTMM trainer now. When I joined the company I'm currently with I did both the full OPST (with the company I'm currently at) and OPSA (with Pete Herzog himself). I was pretty happy with them. ISECOM's certs are very popular in Europe and Mexico but gaining ground in North America. For the OPST we usually do a full week (5d) course with the exam on the 5th day.

    I've also been looking at doing my GWAPT (which replaced GWAS)...I had hoped for this year but in reality it seems like it's gonna wait till next year

  9. #19
    Member godcronos's Avatar
    Join Date
    Jan 2010
    Posts
    103

    Default Re:

    Lupin: " witness how the MCSE was devalued because of all the certification holders who couldn't even perform basic Windows admin tasks"
    - I don't understand how these people passed exams. I am currently studying for an MCSE. I am done with the networking part and am learning the Exchange 2003 server. It's time consuming, since I got a full time job and run a small computer business. Yes, there are a lot of exams, it's pretty crazy. Personally I can't wait to end this cert and go on with something in the security field.
    We all have jobs because of Microsoft, no matter if you administer a Windows environment, or do pentesting.
    I am pretty sure it's not devalued, at least I hope it's not. I still see ads and some pretty good salaries out these for system engineers( 50k-55k with no experience to 65K with experience, certified, now that's not bad at all). Well, that's what they offer in S. Cali .
    I think cheap employers and stupid HR people devalue it.

  10. #20
    Member
    Join Date
    Jan 2010
    Location
    The new forums
    Posts
    462

    Default

    Quote Originally Posted by godcronos View Post
    - I don't understand how these people passed exams. I am currently studying for an MCSE. I am done with the networking part and am learning the Exchange 2003 server. It's time consuming, since I got a full time job and run a small computer business. Yes, there are a lot of exams, it's pretty crazy. Personally I can't wait to end this cert and go on with something in the security field.
    We all have jobs because of Microsoft, no matter if you administer a Windows environment, or do pentesting.
    I am pretty sure it's not devalued, at least I hope it's not. I still see ads and some pretty good salaries out these for system engineers( 50k-55k with no experience to 65K with experience, certified, now that's not bad at all). Well, that's what they offer in S. Cali .
    I think cheap employers and stupid HR people devalue it.
    Passing the exam isn't the hard part, it's actually knowing the material.

Page 2 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •