While you are correct that passing a test does not necessarily equivocate to
having a clue, much like the CNE / MCSE / MOUSE / ETC certificates, I
suspect that in the near future, many companies will start looking at the
CISSP as a gate for resume review; ie, you have to have one on your resume
before they bother interviewing you. This sort of resume treatment is very
common. The guy in HR that knoww next to nothing about computers can't read
your resume and tell if you have a clue, but he can say "hmm. college degree
and one of these CISSP things, I'll forward this one to the technical group"
whereas he might go "hm.. worked a lot, but I don't see any degrees /
certifications; must not be very good" and into the circular file it goes.
Didn't say this was right, it's just the way it is (sometimes).
-----Original Message-----
From: D Clyde Williamson [mailto:[EMAIL PROTECTED]]
Sent: Saturday, July 10, 1999 11:00 AM
To: [EMAIL PROTECTED]
Subject: To Certify or Not To Certify
Ah, the age old question. CISSP or not... or some other
certification.... I truly belive that the point is being missed. No
test, CISSP or anything else garuntees knowledge. No employer worth his
salt will hire you based on a CISSP certification or any other cert. If
he does, I would worry.
Security isn't something you just take a test on and become an expert.
It's a mindset, a way of thinking. It's "Planning for Murphey's Law".
You don't get that out of a book. You don't get that from a test. I know
some CISSP individuals that are extremely clued. I know others, who
instead of riding the clue bus... were apparently hit by it. The CISSP
certification touches on great subjects... the study book has some good
stuff inside it. But, don't be fooled in thinking that a certification
would in any way mean your a security expert. It doesn't even
necessarily mean you're on you way to being an expert. It means you can
pass a test.
Learn to balance paranoia with your company's requirements... that's a
start.
D Clyde Williamson APP (A Paid Paranoid)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
