[Full-disclosure] CISSP Test
ad33lh at gmail.com
Tue Mar 22 16:37:45 GMT 2005
To answer your question, yes the CISSP is worth it. However it is
only worth it due to the publics misconception of what is is.
The CISSP certification basically shows that you have a base
understanding of the primary concepts across what are widely regarded
as all the major areas if IT security knowledge (known as the Common
Body of Knowledge or CBK). This is a good thing if you are, or aspire
to be, in a management position.
Unfortunately the common perception of the CISSP by most non-IT
security people (which includes HR staff) is that someone who is a
CISSP is capable and competent in all areas of IT security. Add to
that the belief it is the best (or only) security certification they
are aware of and it becomes "the" security certification in thier
I have seen many job descriptions in my time and in the last few years
it is rare to find one that does not either require or desire the
As for other certifications, the SANS certs are quite good although, I
believe, they are about to get devalued by the removal of the
practical requirement. I would recommend getting the CISSP, maybe the
GSEC (SANS security essentials cert) and then focusing on certs for
products/systems within the area you will be working in. But
remember, the cert is just the starting point and the resume's foot in
the door. You need to study and get as much hands on as you can to
actually learn your chosen trade.
Full-Disclosure is hosted and sponsored by Secunia.