Search
-
Re: An oped on the issues of CISSP
Yet you sounded like the CISSP didn't live up to your expectations and the "really basic stuff" you asked your interviewees to do was supposed to be known by the CISSP interviewees. Also the whole description of your hiring process sounded ad hoc as, apparently, the first approach wasn't fruitful at all. Not really. You… -
Re: An oped on the issues of CISSP
There are NO proper brain **** for the CISSP in particular though. I just look at certifications as a standard, that a particular person at least "some what" has a certain level of understanding. Plus you must have certain certs for certain jobs such as for the DOD 8570.01. It does not matter how much you actually know,… -
Re: An oped on the issues of CISSP
-
Re: An oped on the issues of CISSP
Without knowing what the job description was it's not really easy to say that the questions weren't fair or not. But, with that said, just saying if someone has 5 or more years with 2 of the domains so they should know powershell, sql injection, etc, isn't really accurate either. Their focus in the domains might be account… -
Re: An oped on the issues of CISSP
The article is a mixed bag. The problem with the CISSP is that a lot of people feel it makes you a security guru in all aspects, which is totally untrue. They compare it to the OSCP, which is like apples and oranges even though they both are in the realm of security. There are enough specialties in security that looping it… -
Re: An oped on the issues of CISSP
This is in incredible statement and very revealing. I suppose if I believed security people don't actually do anything I wouldn't have any issues with perception of CISSP. In the world I live in, security requires DOers. They were very good questions - thanks for sharing. I wish more employers would do this kind of… -
Re: An oped on the issues of CISSP
So for the first part of that article I kinda wanted to slap the author and some of the people he was quoting. The whole point of the CISSP is that you have to have five years of experience *in* infosec in order to get the cert. You also have to have someone vouch for your experience. If it's discovered that you lied, you… -
Re: An oped on the issues of CISSP
Besides SIEM question you are doing it wrong. CISSP is a knowledge-based exam, it doesn't check skills. And it makes sense because essentially there are no experts in IT and everybody is a novice because everything is changing quickly and therefore you don't have time to become an expert. And before someone objects, an… -
Re: An oped on the issues of CISSP
Agreed. We recently put out for a security engineer, we said they needed 3 yrs with a SIEM, good networking knowledge, 5 yrs security experience, etc. Got tons of resumes with lots of CISSPs on them. So we did a phone screening first, asking basic knowledge questions (what tool would you use to verify data being sent is… -
Re: An oped on the issues of CISSP
Perfect case study. This, in a nutshell, is the issue with CISSP. It's HR/Management/Leadership perception that is the problem (not the cert itself). It's one thing to hold someone back in a professional services/consulting/contract role where you're selling credentials to customers. But doing that internally when you can…
26 results