Does any one have the idea about CISSP..
and also please send me some links to study if you have..
It's a management oriented, vendor neutral, Information Security certification. It's not really technical, and there isn't much that has to do with computer forensics in it, if that's what you're interested in.
I'm studying for it now and http//
Oh yeah, and you have to have 5 years experience in two or more domains the exam covers, plus do some other stuff to get the certification. You can become an "Associate of (ISC)2 though, which means you've done everything but you don't yet meet the experience requirement.
Well stated Audio, and right on the money.
malinda, the main reason you see CISSP's in forensics is we're the group of folks who "grew up" on the IT/Security side of the industry rather than the LE side. While the CISSP has some use in establishing credentials, especially in the Incident Response and worm/virus aspects, a forensic specific certification probably has more value.
You also, I believe, still need a current CISSP to "endorse" you …
The cccure.org site is really good, and if you can answer the questions there, you will find the actual thing a breeze. Content debates aside, the exam is the longest that I have ever sat, and simply in endurance terms is quite a challenge …
If I recall correctly, it was 300 multiple guess questions over something like 6 hours …
wow thx for the info my friends,
still i haven't decide yet whether i gonna do it or not ??
need to think about it
Azrael Have you taken the CISSP Test?
I agree that
I passed my CISSP test in November 2006. Went to a 1 Week Boot Camp (Mon. To Sat.) On the last day (Sat) we took a practice test. Took Actual 6 Hour Test on Sunday. It was still very tough. I know people (Very Experienced IT Professionals) who have failed the test more then once and have used the
Just Passing On Information From Someone Who Has Been Through The Wholes Process and With Good Luck Passed.
Azrael Have you taken the CISSP Test?
Yeah, I sat it back in 2004 -) (and passed … I thought that I better add that -P )
I did a weeks intensive training as well, with the exam at the end (as part of a 2 week security training course that also included ISO17799 Lead Auditor Cerification and some PenTest training).
One of our trainers was Clement Dupuis who runs CCCure, who was most entertaining -) I found that the questions he set on his site (and gave us on the course) are/were harder than those that were in the exam, in some cases by a significant amount - I stand by my statement that if you can answer all of the questions that are there, you will find that the actual exam is very "do-able". I also stand by the statement that the physical side of the exam is by far the hardest (and this is up to UK Masters Degree Level) that I have ever done - even with the rest breaks that we were permitted.
I've yet to meet someone in the industry that I know who has taken it and failed, but then I've only met a very small number of people in the UK who have taken it … All of whom were security specialists to start with …
I have found the certification to have been of mixed value in the UK, I don't think that it is as well regarded here as it is in the US. Some people are impressed, but in general I think it is still gaining a place here.
Does any one have the idea about CISSP..
I'm not sure what you're looking for WRT "the idea about CISSP"…the cert is an infosec mgmt level cert, not a technical one.
I first obtained my cert in '99, after passing the exam. Three years later, I let it lapse, b/c by that time, the only purpose of the cert was to get my resume past recruiters and get an interview scheduled (and I wasn't about to lie about my cert, which was something I'd seen on a number of resumes…). Six months after I let it lapse, the vendor contacted me and offered to reinstitute my cert (for a fee, of course) and all I had to do was keep paying my dues. Since then I've maintained the cert by authoring books.
and also please send me some links to study if you have..
I'd start with what's available here
http//
After all, they are the ones who developed the cert.
My "prep" for the exam started with a two-week course put on by a company in Fairfax, VA. The first day, the lead instructor stated, "the purpose of this course is NOT to prepare you for the exam." Snap! The training was poorly planned and managed, and there were a number of issues. For example, at the time, you could go to the ISC2 website and purchase a booklet with sample questions for each domain for $10. Many of us did, and used it as part of the course. Each of the domains presented had sample questions themselves, several of which were verbatim of what was in the purchased study guides…but the answers were different. ;-(
I later spent a couple days going over the book, "Practical Unix and Internet Security" and passed the exam.
I got my CISSP designation in 2002. My prep was 6 weeks of reading everything on
About once a year I proctor the exam for CISSP wannabes. On my most recent stint in October, we had about 20 candidates, one-third of whom were re-taking the exam. On this occasion, no one completed the exam before the three-hour mark. Several used the entire six hours. Everyone was breathing hard and shaking their heads when they turned their work in. Evidently, ISC^2 has made the exam a bit harder. lol
I agree with Harlan. The CISSP certification looks good on a résumé / CV and may even be required by some employers (particularly for infosec jobs in the Washington, DC-area), but it really is of limited value, in general and of no help in forensics. Every year when I am billed for my "annual maintenance fee" of $85, I ask myself why I'm paying for this.
Just my "two coins of little value."
-Austin
really appreciate all u r valued comments.
thanks guys