Hot Diggety! Matt Lawrence was rumored to have written: > > I do know that I have had to clean up far too many disasters caused by > cowboy sysadmins who thought they were a lot smarter than they really > were. Mainly ones who didn't believe that they needed to do any > planning and just made it up as they went along.
Yeah. But that's generally not something certification by itself can cure, as this is more of a personality trait that requires learned discipline. I've seen this with people of 'both camps'. Re: the CISSP, seems like a must-have for folks working in enterprise security these days. I know of entire teams with it up to (and including) the director level, one step below VP. I've seen security-related job openings that had CISSP certification as a prerequisite or the application would be fed to a very hungry shredder. Literally on a lark with a moment's notice, I once took a practice CISSP exam years ago just to see what it was like at a time when people I knew were mildly stressing over their upcoming CISSP exam. Now, mind you, this wasn't 'the real thing' and likely not scored the same, but I failed with a 63% score; 70% was passing. I am fairly confident that with actual study and immersion, I could most definitely pass it -- hopefully with a respectable score. :-) I'd been immersed in various security aspects for years so already had some sort of practical foundation for base knowledge. Still, I was stoked to get a 63% on the first try and without any preparation. Not an approach I would recommend to anyone seriously taking it, though. :-) (On the real exam, I've heard rumors it's graded on a curve so if true, you'd essentially be competiting against not straight scoring of 'book learning' per se but of the knowledge/experience/skills of those who also sits for the exam.) What little I recall of the practice exam was that it was respectable; very comprehensive, and even in its multiple-choice format, still took a while to slog through it. Required some real knowledge (practical and theoretical), understanding, experience, and insight, I thought. Touched upon a good number of security-related subject matter areas and often in depth. Worth it? I'd defer to those who actually possess this certification, but seems respectable and like a fair shake if your goal is to be involved in enterprise security in some form. -Dan _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
