?

Log in

entries friends calendar profile Previous Previous Next Next
*gulp* - Karen's Musings
Random Rambling
estherchaya
estherchaya
*gulp*
Got my registration confirmation today for the CISSP course & exam.

What the hell was I thinking? I was working on the Cryptography section last night (too late to deal with that, I realize now). My father said (as if this would make me feel better):

Well, if it makes you feel any better, the hardest section for me was the Cryptography section, and I was a cryptologist for 20 years!
(somewhat paraphrased)

Yeah, um, THAT'S supposed to make me feel better??????????

Tags:
Current Mood: gloomy gloomy

6 comments or Leave a comment
Comments
cahwyguy From: cahwyguy Date: July 13th, 2005 05:18 pm (UTC) (Link)
I know one of the CISSP proctors out in the 'springs. If you need his email, let me know... he might know of good training material for you. [Although personally, I see no need for CISSP: but I'm one of those folks that has been doing this for 20 years on the technical side.]
estherchaya From: estherchaya Date: July 13th, 2005 05:34 pm (UTC) (Link)
I wholeheartedly agree with your assessment that there is no need for a CISSP. It will not make me any better at what I do (and I'm pretty good at what I do, if I do say so myself), nor will it provide me with sufficient skills or knowledge to work in domains outside of my own. It will not even prove my knowledge base as I've heard nothing but negative things about how poorly written the exam is, how it doesn't cover domains with equal weight, how it scratches the surface while expecting in-depth knowledge. Also, the air of secrecy around the entire thing pisses me off. I think they still make you sign something swearing that you won't ever breath a detail of the exam to another soul. That, I think, is ridiculous.

My father took the exam with 32 years experience SOLELY because he was offered a sizeable bonus at work if he became a CISSP. The cost of the exam was pennies for the reward he stood to reap. So he gave himself 11 weeks to study (1 week per domain and 1 week of review). He took the exam, called me, told me that he doubted if he passed and that he didn't give a hoot because it was all a load of hooey anyway. Several weeks later, he called me with nothing but disbelief in his voice when he'd received an email that he had passed the exam.

There was a time, and I'm not sure if it's still true, that many government agencies were requiring that contractors have a certain number of CISSPs on any IT Security contract in order to qualify.

For me it's less about money and more about having letters to put next to my name. My company is really big on having so-called "experts" on board. Since I have a bachelor's degree in the humanities, a year of law school, and only half a dozen years experience, it's a good thing for me to have the CISSP so people take me a little more seriously. Not that I expect anyone to take me seriously. Then again, I don't exactly anticipate passing this exam either. Like I said, I do good work in my field, but I can't say that I am going to conquer all ten domains by the end of August.

I think I've got decent training material. I've got my dad's books and a book that I had gotten myself. Plus I have all my dad's study notes... no one takes better notes than my dad! :) plus, I'm taking a 5 day seminar right before the exam, so hopefully that'll keep it all fresh in my mind...
either_or From: either_or Date: July 13th, 2005 06:09 pm (UTC) (Link)
are you studying to become a spy?
estherchaya From: estherchaya Date: July 13th, 2005 07:33 pm (UTC) (Link)
Heh heh. I wish.

No. CISSP stands for Certified Information Systems Security Professional. The exam is a 250 question multiple-choice exam, covering 10 domains of Information Security: Access Control & Methodology; Applications & Systems Development; Business Continuity Planning; Cryptography; Law, Investigations & Ethics; Operations Security; Physical Security; Security Architecture & Models; Security Management Practices; Telecommunications, Network, & Internet Security.

It's a stupid exam which proves nothing, but it looks all pretty on a resume. Bleh.
either_or From: either_or Date: July 13th, 2005 07:49 pm (UTC) (Link)
"It's a stupid exam which proves nothing, but it looks all pretty on a resume. Bleh."

just like my master's degree!
basilwhite From: basilwhite Date: July 14th, 2005 02:58 am (UTC) (Link)
I'm a cyber geek at the VA.

Look what I made! It's the guess the dictator/sitcom character for va.gov!

The first rule about CISSP is, you don't talk about CISSP.
6 comments or Leave a comment