TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
----------------------------------------------------------------------------
I believe that we are in agreement here. I think that
there is a common misconception that CISSP also ensures technical
competency and that's what I was trying to clarify.
Now, there are other "professional" cerfications that also provide
technical competency assurances (The Professional Engineer (PE) is one
example) so I don't think that the two are mutually exclusive.
cheers,
-Jason
On Wed, 12 Jan 2000, Gary Dentremont/Towers Perrin wrote:
> Date: Wed, 12 Jan 2000 22:38:18 -0500
> From: Gary Dentremont/Towers Perrin <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED], Jim Boxmeyer <[EMAIL PROTECTED]>,
> "Matthew F. Caldwell" <[EMAIL PROTECTED]>,
> Julie Williams <[EMAIL PROTECTED]>
> Subject: Re: Information
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
> ----------------------------------------------------------------------------
>
>
>
> IMHO:
> Although many people who currently hold the CISSP certification come from
> technical backgrounds, most of the senior people have tracked into a management
> or consulting positions. The primary purpose of the CISSP is to provide a
> method for establishing a baseline to assure that the person bearing the
> designation subcribes to the ethical tenets and minimum levels of experience and
> understanding of all security concepts to become a "practioner". As with a CPA
> or CISA, this is a "professional" certification, it was never intended to be a
> technical certification. This means you could build a practical security
> program for a corporation, including managing a security administration group.
> A security program encompasses much more than technical congiguration, such as
> policy development, compliance monitoring, education & awareness, etc.
> The bottom line: CISSP is for people that want to track into Management.
> Technical certifications will not prepare you to manage people, projects or
> programs.
>
> Regards,
> Gary Dentremont, CISSP
>
>
>
>
>
>
> "Mary_L_Jensen/Boulder/IBM"@ca.ibm.com on 01/10/2000 11:51:57 AM
>
>
> To: "Jim Boxmeyer" <[EMAIL PROTECTED]>
> cc: "Matthew F. Caldwell" <[EMAIL PROTECTED]>, "Julie Williams"
> <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (bcc: Gary Dentremont/Towers
> Perrin)
> From: "Mary_L_Jensen/Boulder/IBM"@ca.ibm.com
> Date: 01/10/2000 11:51 AM
> Subject: Re: Information
>
>
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems!
> ----------------------------------------------------------------------------
>
>
>
> The problem I have with the CISSP certification is that it is not as
> "technical" as I would like. CISSP proves you know the general theories
> and aspects of security as a whole. Not a bad thing to have but, there
> seems to be a gap in the technical requirements.
>
> What good is there is knowing the general aspects of firewalls if you can't
> configure one?
>
>
>
>
>
> "Jim Boxmeyer" <[EMAIL PROTECTED]> on 01/08/2000 06:49:32 PM
>
> To: "Matthew F. Caldwell" <[EMAIL PROTECTED]>, "Julie Williams"
> <[EMAIL PROTECTED]>
> cc: [EMAIL PROTECTED] (bcc: Steve Manzuik/CanWest/IBM)
> Subject: Re: Information
>
>
>
>
> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to
> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
> ----------------------------------------------------------------------------
>
>
> Hi,
>
> Another site which is bringing a security training program online is the
> SANS organization.
> Their SNAP program is looking very good, although it is still new there has
> been approval given
> by many security professionals. You can get further information at their
> web
> site http://www.sans.org
>
>
> Jim Boxmeyer
> Senior Engineer
> ONCTek LLC
> http://www.onctek.com
> 908-595-2159
>
> -----Original Message-----
> From: Matthew F. Caldwell <[EMAIL PROTECTED]>
> To: Julie Williams <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
> Date: Saturday, January 08, 2000 8:27 AM
> Subject: Re: Information
>
>
> >TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> to
> >[EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
> >---------------------------------------------------------------------------
>
> -
> >
> >
> >Hi Julie,
> >
> > The only test I have found that provides some security knowledge
> >testing is the CISSP exam for information security professionals.
> >
> >The web site with test information is located at the following:
> >http://www.isc2.org. ISC^2 is a independent consortium that does the
> >testing. This is a ~258 question test that deals with everything from VMS
> >security to encryption.
> >
> >
> >Matthew F. Caldwell, CISSP - Senior Consultant
> >-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > Guarded.Net - An Information Security Company
> > connect(); to the future of secure computing!
> > Email: [EMAIL PROTECTED]
> >-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> > http://www.guarded.net
> >
> >On Tue, 4 Jan 2000, Julie Williams wrote:
> >
> >> TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message
> to
> >> [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any
> problems!
> >>
> -------------------------------------------------------------------------
> ---
> >>
> >> I apologize if this email is being sent out of the realm of this
> listserv,
> >> but I am sorta lost as to where it would be appropriately sent..
> >> I am trying to find out how commercial business test their experts.
> >> 1. Are they tested?
> >> 2. How are they tested?
> >> 3. As a supervisor in Information Assurance/Security/Vulnerabilities,
> how
> >> do you OBJECTIVELY test the people that are supposed to know what they
> are
> >> doing.
> >>
> >> Why test, I need to know where I am at, Is their a standard level of
> >> knowledge for this stuff???
> >> Any Help would be greatly benefical
> >>
> >>
> >>
> >
> >
> >
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
AT&T Wireless Services
IT Security
UNIX Security Operations Specialist
