Keep in mind that the CISSP is not a technical certification, it's a
professional certification. If your looking for a technical cert, look
towards the SSCP or GIAC...

-Scott

-----Original Message-----
From: Chip Carpenter [mailto:security@powermmv.com]
Sent: Monday, July 02, 2001 10:01 AM
To: afletch@farm-credit.com; cisspstudy@securityfocus.com
Subject: Re: 3-year rule

Also, tech moves at such a speed that a 3 year old certification if unused,
is worthless. If you have used it, then your resume should speak for
itself.
-chip

At 08:05 AM 6/29/01 -0700, afletch@farm-credit.com wrote:
>Re: The 3 year requirement: I think it's a good idea. The IT world has
>become so certification conscious that many people are simply collecting
>certifications like a stamp collector collects stamps. I don't know if
>it's the intent of the 3-year rule to mitigate this tendency or not, but if
>it were adhered to (and it's not) it would go a long way towards ensuring
>that the candidate was serious about Information Security. Just my $0.02
>worth, and worth every cent of it!! ;-)
>
> On 6/29/2001 Tom Watson wrote:
>
> [SNIP]
>
> >On a separate issue what are people's views about the 3+ year rule for
the
> >CISSP? I don't have that experience but I am more than confident in my
> >knowledge of the CBK and my ability to pass the CISSP. Surely an employer
> >looking at my CV/resume is capable of identifying the extent of my IS
>based
> >experience, and as such, why impose this restriction on those wishing to
> >attain certification of their IS knowledge?

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]