Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: CISSP: the new MCSE??

  1. #11
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    The GIAC GSE god cert kicks butt, but its expensive..as you said, you need to get at least 5 other cert's first. Kinda like going after a CCIE. But personally, I think the gsec certs are much better then the CISSP. What people don't seem to understand (especially human resources people, but they don't understand much) is that CISSP is more based on theory, while the GSEC certs are very specialized. If someone has a GCIH, you know that they have training and experience in Incident Responce. It doesn't mean you hire them to set up a firewall. If someone has a CISSP, then you know that they have trainging in the theorys of security, but have no idea what they can actually do.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  2. #12
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    Well, there was recently a decent sized thread on the sec focus lists about this and it was basically laid down that the cissp is security from a management 1000 mile wide/1 inch deep perspective. The GIAC certs are actual hands on technical certifications for the most part. There is alot of bitching about everyone requiring cissp even though what they actually need is someone with the hands on technical knowledge.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  3. #13
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    There is alot of bitching about everyone requiring cissp even though what they actually need is someone with the hands on technical knowledge.
    That would suggest to me that HR/Management doesn't understand what a CISSP is..
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #14
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    HR/Management doesn't understand what a computer is most of the time
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  5. #15
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    Haha, indeed. From what I can gather from various sources there is indeed alot of misunderstanding as to what having the cissp credentials actually means and alot of hype involved in getting them. I hear the commercials for local training institutions that are no longer plugging higher paying jobs from just being a tech monkey, now it is all about becoming a cissp certified security professional and so on to get the fat pay.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  6. #16
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,883
    Companies are finally understanding the necessity of security. They just don't know where to look to find sometone that knows anything about secuirty, so they grab the closest CISSP because they at least have a general idea and you can hire 1 person to do 12 jobs (so they think) as apposed to getting people with gsec that are specialized in one or two things. The gsec person probably has most of the same knowledge as a CISSP but because they are specialized, they are overlooked by HR.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  7. #17
    Ninja Code Monkey
    Join Date
    Nov 2001
    Location
    Washington State
    Posts
    1,027
    Well...nowadays the GSEC includes the cissp cbk so they should have at least a good portion of the same knowledge.
    "When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
    "There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
    "Mischief my ass, you are an unethical moron." - chsh
    Blog of X

  8. #18
    Member
    Join Date
    Aug 2003
    Posts
    98
    Originally posted here by souleman
    HR/Management doesn't understand what a computer is most of the time

    Thats a fact!
    to most HR dept's, certs are "trendy" usally the company with the best marketing stategy that targets HR dept's with there "look for applicants with our xxx certificate, they are REAL IT proffessionals" propaganda, is the one the HR people will *think* is the prestigous one.

    In one of my old jobs, I had a HR rep that will call me for advice about what certifications to look for on a resume, I generally told him not to look so much at certification, but look more at applicable experience (ironic I had to tell this to HR person,ah?)
    I hate this place, nothing works here, I\'ve been here for 7 years, the medication does\'nt work...

  9. #19
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,323
    In one of my old jobs, I had a HR rep that will call me for advice about what certifications to look for on a resume, I generally told him not to look so much at certification, but look more at applicable experience (ironic I had to tell this to HR person,ah?)
    Not really IMHO. They are involved in HR. They go with what they know and understand. When we say experience that can mean many things in computers (networks, security, programming, specific areas like Lotus Notes, Web Devel, etc.). If they look for certs, they can weed through things faster (I don't doubt that HR gets tonnes of resumes to sift through, many of them in less-than-stellar state). I think I would want to specialize in IDS stuff for the GSEC as I happen to enjoy the challenge of IDS, Honeypots and packet sniffing (and looking at all them logs!!)



    That all said, to me it sounds worthwhile to get both: CISSP for the managerial point of view and GSEC for the technical point of view.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  10. #20
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Part of the mission of my organization is to place people in jobs...... You have no idea how many times I get the resumes of people that have DOS, MCSE, MVS or some other acronym on their resume with the question from the placement "specialist".... "What does this mean and can they fulfil the parameters of this job description......."

    On rare occasions I get to hire someone for my department..... HR is not even allowed to screen the resumes.... I do it..... It means that I spend a week reading 200+ resumes - but I end up getting what I want.... And I have seen _so_ many _paper_ "tigers". I am utterly unimpressed by the paperwork anyone brings to the table..... Depending upon the position they are looking for with me there are a series of questions they get asked that elevate their requirement for knowledge in the position I am hiring for.... The higher you go... the better chance of employment with me...... And I give you this $h1T from a position that has not a single piece of paper to back up it's level of skill......

    Paperwork is all very well...... It is a good determination for those that don't know what they want/need to decide upon an employee...... But when an employer has a person that _knows_ what is needed and can't be BS'ed then it is still the survival of the fittest for those that apply...... It's easy to go into an exam situation..... The question is can you manage the exam at the _same_ time Martha in Accounting can't send her attachment to her Accounts Receivable that is imperative to get done _today_ and Montgomery in Sales can't hear the music CD he placed in the CD-ROM.....

    That's the real test........

    Arguments against my position on this freely accepted......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •