Richard,

Excellent piece.

I passed the CISSP exam this summer with NO revision, NO boot-camp, NO intensive training course, NO homework, NO use of the study guide (I didn't even purchase it), NO special additional reading and NO trouble at all. I paid my money to do the exam, then got too busy to study but I went along anyway to just 'give it a go'. I didn't know the format of the exam, had never seen previous questions etc. I discovered it was a long multi-choice (multi-guess) exam so I just whizzed through using my skill and judgement (and occasionally straight guesses) and was the first to finish and leave the exam hall. Imagine my surprise to have PASSED!

To put this in context, I have over a decade's experience in infosec and computer audit, and a scientific/technical background. I'm good at common-sense stuff. I probably would have stood the same chance of success if it had been a general exam about science or technology.

I feel no more competent to do infosec now than I did pre-CISSP, in fact I'm now slightly dubious about anyone who says they have the qualification as if it means something important ... but still I'd prefer to employ a CISSP (or CISA or MSc or ....) than someone with no qualifications, *all else being equal*.

Kind regards,
ANON CISSP (fluke).

PS On one of the systems I use, my password is QWERTYUIOP. My $500 cheque is in the post. Honest.



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/118/16905#16905