CISSP anyone?

Just wanted to get some advice on it…

-has anyone taken this exam
-do you have any books or any other sources to recommend for CISSP exam?
-wats the value of this certification?

Re: CISSP anyone?

will comment on this later and provide a booklist as well… for now these threads may be helpful:

http://www.paklinks.com/gs/showthread.php?t=119961

http://www.paklinks.com/gs/showthread.php?t=172672

Also, nos is our resident in-training security professional… he’ll be able to advise you more.

Re: CISSP anyone?

Mr. Genius, I have taken the exam and passed it...Jan 2004. It is not what it is cracked up to be...if you have any background in security, you will pass this exam. I went into the exam without reading any books and I believe I aced it (they just tell you pass or Fail). Some of my friends used the book called "CISSP Passport" and they swear by it.

hmmmm. value of the certification, any certification is valid if you have soem experience in the field.

Re: CISSP anyone?

Kaleem,when u say "any" background you mean experience in forsenics or general white-hat stuff? Like firewall setups and things of that nature. I've been thinking of this as well. But keep putting it off as i don't have any coding experience, which I assume may be a requirement. Ofcourse I need to do a lot more research on it.
My previous job's VP had a CISSP and the bit*ch didn't even know that "ping" was neither TCP or UDP, and didn't even know how to edit a .bat file. He was saying that he had to do a week's worth of "camp" before taking the exam.

Re: CISSP anyone?

thanks guys…
umar bhai, i read both the threads – thanks for digging that up for me..

abt the value of certification… uhmm.. i have some experience in the field but not as much as you guys. I graduated with an undergrad in Networks Technology last week and i have done one certification in Network Security i.e. http://ipd.cti.depaul.edu/NSPbrochure.pdf
also working full time as an it analyst for a year. I wanted to know how intense the exam is and whether i can pass it without taking a class for it…

is cissp one of those certification that we have to renew ?

what value did it add to you guys other than adding “chaar chaands” to your resumes

p.s. u guys have achieved a lot mashaAllah

Re: CISSP anyone?

^ I'd reiterate what Kaleem said... the certification exam aint difficult. In fact it's very general in its treatise of security concepts. You Do Not need to attend a course for this. Read the CISSP-BOK and you don't even need to purchase books for it. In fact, the two books I have were so boring that I didn't even read past a couple of chapters and still passed the exam.

Anyone with general ideas about authentication, access control, certificates, SET, PKI and other security architectures will do fine - there's no need to know specifics at the infrastructure level.

Yes the certification does have a continuing education requirement and somewhat of a screening process to determine your eligibility to sit for the exam as well.

Re: CISSP anyone?

To answer your second question Re: value of the certification, it depends what type of a job role are you going to use this towards. CISSP may be the best-in-class credential for the Director/Manager of Computer Services in a large organization cuz it endorses your broad understanding of security and its strategic importance.

On the other hand, if you're a networking professional, then something like Checkpoint Firewall certification or Cisco Security certification is a much better route cuz it endorses focused operational knowledge of technologies (both these btw are very highly regarded in the industry).

Re: CISSP anyone?

Its not a technical cert bro … so can’t entirely blame 'em … but on second thoughts … your VP deserved a _ _ _ _ _ khair …

Re: CISSP anyone?

If you were talking about CISSP about two (or so) years ago then I must say that it does give you an edge when looking for a job … and even now … some employers put CISSP as a requirement for the job [even though they want to hire someone just to keep an eye on the computer room :rolleyes: ].

Its a game bro … all these certs are rubbish. * That said, you’ll have to get some under your belt in order to get past the HR. If you simply want a security cert then I’d suggest you go for CISSP but if you really wanna learn something (through research) then I’d suggest you go for the GIAC certification, they are a real kick arse …

Other certification that you might wanna consider:

MCSE Security [was the #1 Cert on CertCity in 2004]
CISCO Certified Security Professional - CCSP [excellent hands-on stuff]
Certified Information Security Administrator - CISA
Certified Information Security Manager - CISM *
Security+ Certified Professional [Kids play. Alhamdulillah I scored 96% in this one]
Certified Wireless Network Administrator - CWNA
Certified Wireless Network Professional - CWNP

And ofcourse there are Checkpoint certifications but I wouldn’t go for them for some reasons.

I hope all this info sets you out in the right direction. And do bear in mind that some of these certs have pre-requisites … like CISM requires 2-3 years IT experience etc.

:k:**

Re: CISSP anyone?

[quote=“Umar Talib”]
^ I’d reiterate what Kaleem said… the certification exam aint difficult. In fact it’s very general in its treatise of security concepts. You Do Not need to attend a course for this. Read the CISSP-BOK and you don’t even need to purchase books for it. In fact, the two books I have were so boring that I didn’t even read past a couple of chapters and still passed the exam.
QUOTE]

hmmm… ab kuch kuch samajh aarah hai… so u need these certs to get past HR more than to gain skills.. .. interesting

i guess i will look at security job requirements at monster, hotjobs and dice… hopefully the postings will have the requirement certs in them…
waise, CISSP seems a little boring now… i would prefer something hands on

nos, since you’ve been on that road recently… which one do u recommend for a start up cert… Security + ? MCSE Security ? did u take classes or studied on your own?

Re: CISSP anyone?

^ amm … for a startup cert … I’d suggest you go for … CISSP … Security+ is childs play as I said … and most employers don’t even know if such a cert exists. If you are looking for something hands-on then I’d suggest CCSP :k:

… and yes I did self-study for Security+ n’ I’d do the same for CISSP/MSCE Security/CISM

Re: CISSP anyone?

^ what he said, go for a CCSP cert

Re: CISSP anyone?

NOS you are spot on.. GIAC certifications sur are a big kik a$s . I have seen four of GIAC certs material till now.
GIAC Certified Firewall Analyst Certified Professionals (GCFW)
GIAC Certified Windows Security Administrator Certified Professionals (GCWN)
GIAC Certified UNIX Security Administrator Certified Professionals (GCUX)
GIAC Certified ISO-17799 Specialist Certified Professionals (G7799)
They sure seems to be on the right track of real IT security. The information in the books aint something very super natural, but you wont find such compilation of information in one book ( or one cert). I am planning my self to take CISSP/GCWN and MCSE+Secrutiy.

My brother took (GCFW) last week, and according to him this one is way more tougher than his earlier ones (CISSP/CISA).*

Re: CISSP anyone?

alrighty,, i am gonna dig into CCSP, MCSE + Security, and CISSP... GIAC sounds a little advanced for now...

thankyou all.

Re: CISSP anyone?

I feel like that as well. I don’t know where i’m going to end up, but i have a few friends who have all the certs in the world but were still struggling. In the end, I believe, it comes down to personalities.

I’m going to get prepped for a few just in case, just for the heck of it. Did someone say that u don’t need to keep getting refresher certs for CISSP?

Re: CISSP anyone?

Hi all,

need some advice, i want to do CISSP, at present i am in karachi can anyone please suggest which is the best institute.

Thanks & Regards

Re: CISSP anyone?

[QUOTE]
Originally Posted by nos
* ... all these certs are rubbish.*

[/QUOTE]

True. Maybe that is why I never renewed my CCNA nor tried CCNP (even after 10 router lab at home). At the end of the day, it is not what cert you got, it is what you can accomplish at your job and experience in the past.

Re: CISSP anyone?

if u're doing it now forget the CISSP passport book.. it's outdated.. buy the most recent one.. the official book is probably the best bet.. but it's expensive.. $60+ and huge.. (over 1000 pages!)