Laura,

I was under the impression that ISC2 does confirm or deny an individuals
certification. After reading your email, I checked the ISC2 website and
found this information:

Written Requests for Confirmation of Certification
Employers, prospective employers or other parties who wish to confirm
whether an individual is currently certified by (ISC)2 must submit a request
in writing to (ISC)2 at the following:

(ISC)2 Services
P.O. Box 1117
Dunedin, FL 34697 USA

For more information, please contact (ISC)2 Services by phone at
727.738.8657 or 727.738.9548, or toll-free in North America at
1.888.333.4458, or by email at service@isc2.org.

Hope this helps.

Rgds,

Gulrez Jamadar,
CISSP, CCSE, CCNA, MCSE+I, CNE
NSE- Lucent Worldwide Services

"Knowledge can lead to freedom.."

-----Original Message-----
From: Laura Taylor [mailto:ltaylor@relevanttechnologies.com]
Sent: Sunday, November 11, 2001 10:38 AM
To: awakeningtech@yahoo.com; cisspstudy@securityfocus.com
Subject: RE: CISSP or GSEC ?

Another point of reference on ISC2. I recently called up ISC2
because I was thinking of hiring someone whole told me they
were a CISSP. I had reason to believe that this person might
be falsifying credentials, but I was not sure. I figured I would
ask ISC2 if this person really was a CISSP. They would not confirm
or deny this person's certification in any way. The person was
not listed on the ISC2 web site with other CISSPs. ISC2 said that
they do not list all CISSPs, that each CISSP has to ask to be
listed.

I asked ISC2 how I could know if this person really was a true
CISSP. They said the only way was to ask them for a copy of
their "certificate." They also said that there were a variety
of different types of certficates for CISSP, and that they
certificate format changes from time to time. I asked how I could
possibly know if it was an "authenticate" certificate, and they
admitted there was no way I could know.

Basically, anyone can put a CISSP after their name, and it is not
possible for anyone else to really know if they are a CISSP or not
unless they chose to be listed on the ISC2 website. This person
said they had chosen not to be listed.

So I would say that if you are a CISSP, and you are not listed on
the ISC2 website, I would get listed. Otherwise, there is no reason
for any person to believe you are a CISSP since ISC2 will not confirm
anything.

Laura

--------------------------------------------------
Laura Taylor
Chief Technology Officer
Relevant Technologies, Inc.
Voice: 978-374-8928
Fax: 603-382-1818
www.relevanttechnologies.com
www.relevant.net

-----Original Message-----
From: Todd [mailto:awakeningtech@yahoo.com]
Sent: Saturday, November 10, 2001 10:15 PM
To: cisspstudy@securityfocus.com
Subject: RE: CISSP or GSEC ?

I know that I am going for GIAC then others because
when I went to take the CISSP test I saw the "TRUE"
light that ISC2 was all about. ISC2 is just about the
money involved, I was in a overbooked room where the
test had to start 20 mins late to find extra chairs
placing six people per small table instead of the
normal four. To make matters worse I was supposed to
have a reader that did not show up, I was told there
was nothing that could be done at that point. Even
worse I had to straddle the legs of two tables placed
together so they could make more room for more people
in one small room. The room was so over packed with
people the A/C unit had to take two hours before it
started to get cool in the room. When I called ISC2 to
complain, considering I failed the test by one
question, I was told they could not and would not do
anything for the situation that I was that they put me
in.

Just my situations although it did show my what ISC2
does really care about.

Todd Irby

--- Brad Bemis <bbemis@lucent.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> If you are looking for a good order to knock out
> some of the best
> certifications in the market by using each as a
> building block toward
> the next, I'd recommend something along the
> following lines.
>
> GSEC
> SSCP
> CISSP
> ABCP/CBCP
> CAPM/PMP
> CISA
>
> My philosophy is that most people in the security
> business start out
> working at the technical level and evolve into
> multiple areas
> including management, project management, business
> management, and
> more as they increase their knowledge and continue
> progressing up the
> InfoSec ladder. Most of us don't even start off in
> security, it just
> kinda finds us ;-)
>
> Brad Bemis, CISSP
>
>
> - -----Original Message-----
> From: brvarin@regence.com
> [mailto:brvarin@regence.com]
> Sent: Friday, November 09, 2001 10:03 AM
> To: cisspstudy@securityfocus.com
> Subject: Re: CISSP or GSEC ?
>
>
>
> It depends on where your skill level is. The GSEC
> certification is
> more of
> a cert that says you have a basic knowledge of
> security issues. The
> CISSP
> is an advanced certfication that says you have an
> "advanced"
> knowledge of
> security issues. A GSEC would be a good
> certification if you are just
> starting out in the security field whereas a CISSP
> would be something
> you
> get after a few years.
>
> There are other certifications from SANS GIAC and
> they are focused on
> more
> technical areas such as firewalls, intrusion
> detection, OS security,
> etc.
> These would be better certifications to get if you
> are a technical
> type.
>
> Just my $.02
>
> Brian
>
>
>
>
> From: "eko yulianto" <eko.yulianto@lippobank.co.id>
> on 11/06/2001
> 07:15 PM
>
>
> To: <cisspstudy@securityfocus.com>
> cc:
> bcc:
>
>
> Subject: CISSP or GSEC ?
>
>
> Dear All,
> Does anyone know which the better choice CISSP
> Certification or GSEC
> Certification, thank's for your comments.
>
> Eko Yulianto
> IT Security
> Menara Asia 3rd Floor
> Diponegoro 101, Lippo Karawaci
> Tangerang, Indonesia
> Phone: +62.21.5460666 ext.5335
> Fax: +62.21.5460660
> Post Office: 15810
> E-mail:eko.yulianto@lippobank.co.id
>
>
>
>
>
>
>
>
======================================================================
> =====
> IMPORTANT NOTICE: This communication, including any
> attachment,
> contains
> information that may be confidential or privileged,
> and is intended
> solely
> for the entity or individual to whom it is
> addressed. If you are not
> the
> intended recipient, you should delete this message
> and are hereby
> notified
> that any disclosure, copying, or distribution of
> this message is
> strictly
> prohibited. Nothing in this email, including any
> attachment, is
> intended
> to be a legally binding signature.
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Personal Security 7.0.3
>
>
iQA/AwUBO+y+Gn+BgtvRZusjEQKRsACg/oPkbSHAoBMWP6iIgXrBRsHH+SIAoK4n
> ntPxMx6J/Zvl24h6Oh/VT0tq
> =g3SW
> -----END PGP SIGNATURE-----

__________________________________________________
Do You Yahoo!?
Find a job, post your resume.
http://careers.yahoo.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]