[Cisspstudy] cisspstudy Digest, Vol 10, Issue 34
Scott Sistare
sistarers at gmail.com
Fri Apr 24 17:36:45 EDT 2009
If you plan on working for the US Government both are useful. Google DODI
8570 to see what I mean. Depending on your privilege level on a network
there are different CERTs required. Hope this helps.
Regards,
Scott
-----Original Message-----
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
On Behalf Of cisspstudy-request at cccure.org
Sent: Friday, April 24, 2009 2:20 PM
To: cisspstudy at cccure.org
Subject: cisspstudy Digest, Vol 10, Issue 34
Send cisspstudy mailing list submissions to
cisspstudy at cccure.org
To subscribe or unsubscribe via the World Wide Web, visit
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
cisspstudy-request at cccure.org
You can reach the person managing the list at
cisspstudy-owner at cccure.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of cisspstudy digest..."
Today's Topics:
1. Re: CSSLP Certification - Opening of Exam And
ClassRegistration (aditya malhotra)
2. Re: CSSLP Certification - Opening of Exam And
ClassRegistration (Clement Dupuis)
----------------------------------------------------------------------
Message: 1
Date: Fri, 24 Apr 2009 13:25:39 -0400
From: aditya malhotra <adityamalhotra85 at gmail.com>
Subject: Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
ClassRegistration
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID:
<a20334a80904241025q721c5aa4o250c0d0052277897 at mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"
Hi All,
Just a quick question. Do you feel today Security + is even asked by any
company? I guess its just CISSP which is widely required by corporations.
On Fri, Apr 24, 2009 at 7:13 AM, Lonzell Scaife <lscaife1 at verizon.net>wrote:
> Thanks guys for the feedback.
>
> -----Original Message-----
> From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org]
> On Behalf Of Chris Papas
> Sent: Thursday, April 23, 2009 3:54 PM
> To: The CISSP Study Mailing list
> Subject: Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
> ClassRegistration
>
>
> I took both and felt like I wasted my money on the Sec+ as it was so much
> easier than the CISSP that I would call it CISSP very light. If you are
> ready for the CISSP then go for it. If you need a stepping stone to get
to
> the CISSP then take the Sec+ to get your feet wet.
>
>
> ---------- Original Message ----------------------------------
> From: Clement Dupuis <clement.dupuis at cccure.com>
> Reply-To: The CISSP Study Mailing list <cisspstudy at cccure.org>
> Date: Thu, 23 Apr 2009 11:50:48 -0400
>
> >The Security Plus exam is a subset of the CISSP, it is not as large but
> has
> >a bit more of a technical flavor.
> >
> >If you are ready for the CISSP, you should be ready for the Sec+ as well.
> >
> >Take care
> >
> >Clement
> >
> >
> >Cl?ment Dupuis, CD
> >CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS,
> MBHS,
> > ACE
>
>
>---------------------------------------------------------------------------
> -------------------
> >In real life:
> >Senior Security Specialist and Instructor
> >Security University
> >>> Call me to get the best CISSP training <<
>
>
>---------------------------------------------------------------------------
> -------------------
> >In Cyberspace:
> >President/Security Evangelist/Chief Learning Officer (CLO)
> >The CCCure Family of Portals
>
>
>---------------------------------------------------------------------------
> -------------------
> >Business: 407 479 3903
> >Fax: 407 264 8396
> >
> >Maintainer of :
> >The CISSP and SSCP Open Study Guides Web Site
> >http://www.cccure.org
> >
> >The Professional Security Testers Warehouse
> >http://www.professionalsecuritytesters.org
> >
> >Knowledge sharing and giving back to the community
> >
> >
> >On Thu, Apr 23, 2009 at 11:35, Lonzell <lscaife1 at verizon.net> wrote:
> >
> >> I?ve been studying for the CISSP exam for about 4 months now but have
> >> been told to go ahead and take the Security+ exam due to the fact the
> >> material I?ve been using for the CISSP will have me prepared for the
> >> Security+ exam also. What do you think?
> >>
> >>
> >>
> >> *From:* cisspstudy-bounces at cccure.org [mailto:
> >> cisspstudy-bounces at cccure.org] *On Behalf Of *Prakash
> >> *Sent:* Thursday, April 23, 2009 8:43 AM
> >> *To:* cisspstudy at cccure.org
> >> *Subject:* [Cisspstudy] CSSLP Certification - Opening of Exam And Class
> >> Registration
> >>
> >>
> >>
> >> The CSSLP aims to stem the proliferation of security vulnerabilities
> >> resulting from insufficient development processes by establishing best
> >> practices and validating an individual?s competency in addressing
> security
> >> issues throughout the software lifecycle (SLC). Code-language neutral,
> it
> >> will be applicable to those involved in the SLC, including analysts,
> >> developers, software engineers, software architects, project managers,
> >> software quality assurance testers and programmers.
> >>
> >> To be eligible for the certification, CSSLP candidates must demonstrate
> >> four years of professional experience in the SLC process or three years
> of
> >> experience and a bachelor?s degree (or regional equivalent) in an IT
> >> discipline.
> >>
> >> It covers seven domains:
> >>
> >> * Secure Software Concepts - security implications in software
> >> development
> >> * Secure Software Requirements - capturing security requirements in
> the
> >> requirements gathering phase
> >> * Secure Software Design - translating security requirements into
> >> application design elements
> >> * Secure Software Implementation/Coding - unit testing for security
> >> functionality and resiliency to attack, and developing secure code and
> >> exploit mitigation
> >> * Secure Software Testing - integrated QA testing for security
> >> functionality and resiliency to attack
> >> * Software Acceptance - security implication in the software
> acceptance
> >> phase
> >> * Software Deployment, Operations, Maintenance and Disposal -
> security
> >> issues around steady state operations and management of software
> >>
> >> The first open exams will be offered beginning June 30, 2009
> >>
> >> For more information on the CSSLP, You can visit *www.isc2.org/csslp*
> >>
> >>
> >>
> >> _______________________________________________
> >> cisspstudy mailing list
> >> cisspstudy at cccure.org
> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
> >>
> >>
> >
> >
> >
> >
>
>
>
>
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
--
Thanks,
Aditya Malhotra
MS in Information Security Policy & Management
Carnegie Mellon University
Ph: (415)-608-3375
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090424/d9f4
626f/attachment-0001.html>
------------------------------
Message: 2
Date: Fri, 24 Apr 2009 14:19:57 -0400
From: Clement Dupuis <clement.dupuis at cccure.com>
Subject: Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
ClassRegistration
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Message-ID:
<959788640904241119m69408f9ei33d54c49cdee8021 at mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"
Both Security+ and the CISSP are two different beasts for two different
target population.
Security+ is the beginning introduction to the world of security. It is for
managers, system admin, network admin, or anyone who would like to learn
more about computer security and how it applies to their daily tasks.
The CISSP requires a MINIMUM of 5 years of PROFESSIONAL experience to start
with. It is for experience security people who wants to learn all facets of
information security and learn security beyond using a black box.
Security+ is sometimes requires on job posting but no as much as the CISSP
is.
We rarely see jobs posting with Security+ as a requirement. However, it can
give you an edge as a system admin if you go for an interview and they see
that you are interested in not only work on the operation side but also
doing it securely.
Take care
Clement
Cl?ment Dupuis, CD
CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS,
ACE
----------------------------------------------------------------------------
------------------
In real life:
Senior Security Specialist and Instructor
Security University
>> Call me to get the best CISSP training <<
----------------------------------------------------------------------------
------------------
In Cyberspace:
President/Security Evangelist/Chief Learning Officer (CLO)
The CCCure Family of Portals
----------------------------------------------------------------------------
------------------
Business: 407 479 3903
Fax: 407 264 8396
Maintainer of :
The CISSP and SSCP Open Study Guides Web Site
http://www.cccure.org
The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org
Knowledge sharing and giving back to the community
On Fri, Apr 24, 2009 at 13:25, aditya malhotra
<adityamalhotra85 at gmail.com>wrote:
> Hi All,
>
> Just a quick question. Do you feel today Security + is even asked by any
> company? I guess its just CISSP which is widely required by corporations.
>
>
>
> On Fri, Apr 24, 2009 at 7:13 AM, Lonzell Scaife
<lscaife1 at verizon.net>wrote:
>
>> Thanks guys for the feedback.
>>
>> -----Original Message-----
>> From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org
>> ]
>> On Behalf Of Chris Papas
>> Sent: Thursday, April 23, 2009 3:54 PM
>> To: The CISSP Study Mailing list
>> Subject: Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
>> ClassRegistration
>>
>>
>> I took both and felt like I wasted my money on the Sec+ as it was so much
>> easier than the CISSP that I would call it CISSP very light. If you are
>> ready for the CISSP then go for it. If you need a stepping stone to get
>> to
>> the CISSP then take the Sec+ to get your feet wet.
>>
>>
>> ---------- Original Message ----------------------------------
>> From: Clement Dupuis <clement.dupuis at cccure.com>
>> Reply-To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>> Date: Thu, 23 Apr 2009 11:50:48 -0400
>>
>> >The Security Plus exam is a subset of the CISSP, it is not as large but
>> has
>> >a bit more of a technical flavor.
>> >
>> >If you are ready for the CISSP, you should be ready for the Sec+ as
well.
>> >
>> >Take care
>> >
>> >Clement
>> >
>> >
>> >Cl?ment Dupuis, CD
>> >CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS,
>> MBHS,
>> > ACE
>>
>>
>---------------------------------------------------------------------------
>> -------------------
>> >In real life:
>> >Senior Security Specialist and Instructor
>> >Security University
>> >>> Call me to get the best CISSP training <<
>>
>>
>---------------------------------------------------------------------------
>> -------------------
>> >In Cyberspace:
>> >President/Security Evangelist/Chief Learning Officer (CLO)
>> >The CCCure Family of Portals
>>
>>
>---------------------------------------------------------------------------
>> -------------------
>> >Business: 407 479 3903
>> >Fax: 407 264 8396
>> >
>> >Maintainer of :
>> >The CISSP and SSCP Open Study Guides Web Site
>> >http://www.cccure.org
>> >
>> >The Professional Security Testers Warehouse
>> >http://www.professionalsecuritytesters.org
>> >
>> >Knowledge sharing and giving back to the community
>> >
>> >
>> >On Thu, Apr 23, 2009 at 11:35, Lonzell <lscaife1 at verizon.net> wrote:
>> >
>> >> I?ve been studying for the CISSP exam for about 4 months now but have
>> >> been told to go ahead and take the Security+ exam due to the fact the
>> >> material I?ve been using for the CISSP will have me prepared for the
>> >> Security+ exam also. What do you think?
>> >>
>> >>
>> >>
>> >> *From:* cisspstudy-bounces at cccure.org [mailto:
>> >> cisspstudy-bounces at cccure.org] *On Behalf Of *Prakash
>> >> *Sent:* Thursday, April 23, 2009 8:43 AM
>> >> *To:* cisspstudy at cccure.org
>> >> *Subject:* [Cisspstudy] CSSLP Certification - Opening of Exam And
Class
>> >> Registration
>> >>
>> >>
>> >>
>> >> The CSSLP aims to stem the proliferation of security vulnerabilities
>> >> resulting from insufficient development processes by establishing best
>> >> practices and validating an individual?s competency in addressing
>> security
>> >> issues throughout the software lifecycle (SLC). Code-language neutral,
>> it
>> >> will be applicable to those involved in the SLC, including analysts,
>> >> developers, software engineers, software architects, project managers,
>> >> software quality assurance testers and programmers.
>> >>
>> >> To be eligible for the certification, CSSLP candidates must
demonstrate
>> >> four years of professional experience in the SLC process or three
years
>> of
>> >> experience and a bachelor?s degree (or regional equivalent) in an IT
>> >> discipline.
>> >>
>> >> It covers seven domains:
>> >>
>> >> * Secure Software Concepts - security implications in software
>> >> development
>> >> * Secure Software Requirements - capturing security requirements
in
>> the
>> >> requirements gathering phase
>> >> * Secure Software Design - translating security requirements into
>> >> application design elements
>> >> * Secure Software Implementation/Coding - unit testing for
security
>> >> functionality and resiliency to attack, and developing secure code and
>> >> exploit mitigation
>> >> * Secure Software Testing - integrated QA testing for security
>> >> functionality and resiliency to attack
>> >> * Software Acceptance - security implication in the software
>> acceptance
>> >> phase
>> >> * Software Deployment, Operations, Maintenance and Disposal -
>> security
>> >> issues around steady state operations and management of software
>> >>
>> >> The first open exams will be offered beginning June 30, 2009
>> >>
>> >> For more information on the CSSLP, You can visit *www.isc2.org/csslp*
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> cisspstudy mailing list
>> >> cisspstudy at cccure.org
>> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>> >>
>> >>
>> >
>> >
>> >
>> >
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>
>
>
> --
> Thanks,
> Aditya Malhotra
> MS in Information Security Policy & Management
> Carnegie Mellon University
> Ph: (415)-608-3375
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090424/504f
dfca/attachment.html>
------------------------------
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
End of cisspstudy Digest, Vol 10, Issue 34
******************************************
More information about the cisspstudy
mailing list