Certification Information

[rapier57]

Originally posted here by Ghost_25inf
nWhy do I need to know the OSI Model?

OSI model provides us all a common reference from which to work. Very important when discussing things like firewalls or traffic filters. What level is this particular traffic being filtered on? Physical or Application? Makes a big difference in what happens.

[Ghost_25inf]

Originally posted here by Juridian

It is unethical because you are trying to achieve certification in some area without acquiring the basic skills to get you there. Any git with 2 and a half braincells can memorize 'b, c, c, a, b'.

Well thats not how I studied the questions, I more or less read the question and the answer and when it showed up on the test I remembered what was writen. Not A,B, or C.

I wasnt getting mad mate, sorry if I came off that way.

I havent heard of any claims brought against them and to tell you the truth I dont even know how they obtain the questions. All I know is they had the exact questions.

Just one more thing, I dont want you all to think I cheated, but my professor gave me the exact question and told me to study before I took the test. So I didnt purchase this exam and I looked it over 2 hours before I went in to take the exam. I pretty much new all the answers anyways. that test was too easy in my mind.

I know what the OSI model is all about trust me but to think that you will need to referance it then I say na no way. It was good to go over it but no need to ask it on the test. I rather hire a kid who can tell me what each IRQ is for even thought thats almost obsolete, over some kid who can tell me the OSI model. at least you can see the IRQ table and work with it. I beleive OSI was more for the programmer to know than the Networking tech.

Oh well I was just using it as a reference and nothing more.

[zencoder]

Originally posted here by Ghost_25inf
no this is a legit site and what is so unethical about studying. Yes they are the exact questions. But let me ask you a question, Why do I need to know the OSI Model? Useless crap that sits in my head, that only sounds good when you are talking with a bunch of geeks. But yet they wanna ask you this on the test.

Hey guys. Legit site or not, what is happening is whomever has taken the certification test has agreed to the Non-Disclosure Agreement (or whatever else they want to call it), and thus risks their own status. If you are found to have violated the terms of the testing/certification process by utilizing such a system, then your own certification could also be at risk.

What is unethical is that you are expected to study and learn/remember the information by reviewing appropriate related documentation and materials, and by getting 'crib sheets' you are failing to demonstrate your understanding of the subject matter. That is a big long phrase that means 'you lied'.

What are the odd's of being caught?

Probably not too great.

What is the value of knowing
Please Do Not Throw Sausage Pizza Away^U the 7 Layer OSI model? Anymore or less than knowing the 4 layers of the TCP/IP model?

*shrug* Knowledge is power. Just because something does not seem directly significant or meaningful to you isn't proof that it is worthless. Not harping on you, just saying...

I can appreciate your position...while studying and trying to learn, it can be frustrating. I am still amazed that CompTIA had the gall to ask me to identify certain hardware coupling types for an exam that was very specifically oriented towards a flavor of operating systems, and had NOTHING directly to do with hardware or platforms at ALL. But hey, it's their test and they DID mention it (briefly and in passing) in the study materials.

[HTRegz]

Hey Hey,

Interesting thread to say the least... I'm very surprised to see anyone who frequents AO see that the OSI model is useless...

Anyways... since know one has mentioned this yet... Spyder: You do realize that you are required to have 4 years of Full-Time Professional Information Security experience right? 3 years with a College Diploma... at that point in a persons experience life... There's no point in obtaining the A+.... it's a useless piece of paper.... it's only good if you have no experience and even then the testing is so basic that it makes good TP...

Perhaps you should sit down and assess why you decided upon those two certifications... It's an odd combination to pair together... Then you should assess that you can meet the requires for CISSP... You have to have an endorsement that you have completed the necessary requirements to qualify for the certification... SSCP might be a better choice... only 7 of the 10 domains are covered (The management type ones.. law, ethics, etc are not covered) and you are only required to have 1 year of full time professional information security experience...

Just something you may want to consider... going for the two at the same time definately doesn't add up... it almost sounds like you just suddenly decided to get the two most commonly mentioned certifications.. with no rhyme or reason.

Peace,
HT

[Spyder32]

Spyder: You do realize that you are required to have 4 years of Full-Time Professional Information Security experience right? 3 years with a College Diploma... at that point in a persons experience life... There's no point in obtaining the A+.... it's a useless piece of paper.... it's only good if you have no experience and even then the testing is so basic that it makes good TP...

Thank you HT, but yes.. I already know that. I have a "mentor" of sorts that has helped me with things since like day 1 who has told me virtually all I need to know in what I'm doing. I already have the prerequisites (sp?) as I am told.

Perhaps you should sit down and assess why you decided upon those two certifications...

Hah, I did that about a good few months ago mate. Easily.. A+ because it's the first step and like you said it's rather easy.. but I need it under my belt (or atleast I'd love to have it..). As for CISSP, I've wanted that since I was much younger and it has been my goal for quite some time. However, life and work has interfered with my personal and professional endeavors for quite some time, but now I can get back to it. And I will..

going for the two at the same time definately doesn't add up... it almost sounds like you just suddenly decided to get the two most commonly mentioned certifications.. with no rhyme or reason.

Nope.. and as a matter of fact, they are the two most commonly mentioned -- in our field (Information Security). Thus, why I am targeting them (moreso the CISSP). The A+ is the simple and starter "hump" I must get over to start the endeavors I wish to venture on.

[HTRegz]

Originally posted here by Spyder32
Thank you HT, but yes.. I already know that. I have a "mentor" of sorts that has helped me with things since like day 1 who has told me virtually all I need to know in what I'm doing. I already have the prerequisites (sp?) as I am told.

I would have to question this mentor... from what you talk about with your position on here and on AIM... It sure doesn't sound to me like you'd even be close for the requirements for professional experience...

Hah, I did that about a good few months ago mate. Easily.. A+ because it's the first step and like you said it's rather easy.. but I need it under my belt (or atleast I'd love to have it..). As for CISSP, I've wanted that since I was much younger and it has been my goal for quite some time. However, life and work has interfered with my personal and professional endeavors for quite some time, but now I can get back to it. And I will..

Can't say except what I've already said... the A+ isn't a first step for anything but other CompTia stuff and their stuff is fairly useless... If it's from a resume stand point... the experience you require in order to qualify for the CISSP will be much more impressive than the A+ would be.

Nope.. and as a matter of fact, they are the two most commonly mentioned -- in our field (Information Security). Thus, why I am targeting them (moreso the CISSP). The A+ is the simple and starter "hump" I must get over to start the endeavors I wish to venture on. [/B]

I'd be curious to know what else you want to do that requires you have the A+... I'd also like to know where the A+ comes in as the most commonly mentioned cert in Information Security... CISSP, SSCP, GIAC and CCSP maybe... A+ is the kind of cert required if you wish to go into Tech Support for a chain store (Radio Shack (or The Source), Best Buy, Futureshop) and for people fresh out of school with no experience...

Peace,
HT

[Spyder32]

I would have to question this mentor... from what you talk about with your position on here and on AIM... It sure doesn't sound to me like you'd even be close for the requirements for professional experience...

Hrmm.. thanks? I won't say anything to that other than you don't know me very well, so don't say anything and that when we talk on AIM it is only about AO stuff (predominantly).

the A+ isn't a first step for anything but other CompTia stuff and their stuff is fairly useless...

Merely opinion, okay...

the experience you require in order to qualify for the CISSP will be much more impressive than the A+ would be.

Obviously..

If it's from a resume stand point...

Which it is, but blah.. you let it be my resume, thanks..

I'd be curious to know what else you want to do that requires you have the A+...

Nothing.. it's not "required" for almost anything.. it's something I look to have and overcome, merely thats all? I wish to have it as something to add to my belt, to "show" so to speak.. nothing for any future certification really (especially any CompTIA cert).

I'd also like to know where the A+ comes in as the most commonly mentioned cert in Information Security... CISSP, SSCP, GIAC and CCSP maybe... A+ is the kind of cert required if you wish to go into Tech Support for a chain store (Radio Shack (or The Source), Best Buy, Futureshop) and for people fresh out of school with no experience...

You're right there, I shouldn't have said that it is the most commonly mentioned cert in Information Security. Again though, it's nothing required per say of me. As for the above comment of "with no rhyme or reason", you don't know my "rhymes or reasons". I haven't mentioned them.. thank you.

[bballad]

aalways use to give my students the a+ for dummies book (was a cert mill trainer in a past life). the tear outinsdie the front cover basicly hasevery thing you need to know. I have found unfortuniatly the comptia stuff wont get you very far so I would not look to network+, Inet+, securtiy+, server+, PM+. unless you want to combine a+ network+ with some MS stuff to get a MCSA don't bother with the rest of comptia (a+ won't get you much more then entry level...if that). CISSP is not bad I would also look into the itil fundimentals as itil is starting to make a splash on this side of the pond.

Oh and after workign in the industry for ten years, OSI is useless unless you are looking to be a router guy(in which case look at the cisco tests) or a programmer (certs are meningless go get a degree). 10 years of systems and network engenieering and I have never had to bother with OSI layers in the real world.

EDIT: now that I think about it a bit of clarification. a basic knwladge of OSI usefull, knowing if somthing works on the network/application/physical layer usefull...knowing the speccifications or textbook definitions...not very usefull.

also spyder the CISSP is aimd more at manager level, less feild knowladge and more genreal/legal ect...you may want to look at the SANS stuff or the scnp cert.

[Trench_Rot]

bballad, I think you're partially right in that you don't use the OSI verbatim, but I find that the concepts are priceless. It's the framwork of the OSI model and the ideas surrounding that I use everyday.

Spyder32... Steer clear of the the A+ if you are looking to nail some security certs. I'd say few security guys ask themselves (on any given day) "hmm, what was the front-side bus on the 486 chip in 199x?" If you're looking for a starter test to get you feet wet try the Net+ or the Security+. However, I would recommend going right for a CCNA. It is a good platform for networking and is not as vendor specific as you'd think.

As for the CISSP... it's a monster, but definitely doable. The best place to start is isc2.org. They have TONS of info and links to study guides. And like someone else already said, be careful where you get you study info... If you get caught cheating you can have the CISSP cert revolked for life. People shouldn't cheat anyway.

Trench CISSP, CCSP, etc...

[ric-o]

Spyder:

A+ wont help you a bit toward an infosec job - I'm a hiring manager and could care less about A+.....unless I'm hiring for tech support (helpdesk, desktop,etc).

Going from A+ to CISSP is like climbing the steps in a 2-story house to climbing a mountain...huge mountain. You'll have much studying to do between those two.

Like others have mentioned, CISSP is geared to sec managers. They have other certs that are more for the specialist/technical folk.

Keep in mind that ISC2 DOES audit CISSP professionals to ensure requirements are met.....better make sure your _ducks_ are in a row before even registering for the $500 test.

Good luck.....study your arse off for the CISSP!!!