Re:CISSP - Criticisms From Wikipedia (http://en.wikipedia.org/wiki/CISSP):
Although the CISSP is widely considered to be the de facto certification for information security professionals, it has also been criticized by some parties:
1) Being an "inch deep and a mile wide" means that the test has little or no depth, and passing it may prove only that a person is good at memorizing facts and passing examinations.
2) It sometimes tests on outdated information (for instance, the CISSP exam as of 2006 still sometimes asks questions about 10BASE2 Ethernet, which has not been widely used since the 1990s).
3) The test is formulated so that testees are to choose the best answer from among a group, rather than an actual correct answer. Some feel that this is a form of "trick" question, and really just tests attention to detail, rather than the subject matter.
4) Some questions given on CISSP tests, and information in the CBK® itself, is technically inaccurate, skewed, or incomplete. For instance, the Official (ISC)2 Guide to the CISSP Exam, based on the CBK®, says that all host-based intrusion detection systems work by reading audit logs -- completely ignoring the fact that the most common such system used today is probably Tripwire, which does not read audit logs. Critics charge that inaccuracies and wild blanket statements such as this are too common within the CBK®.
---but if it looks good on a CV...
Although the CISSP is widely considered to be the de facto certification for information security professionals, it has also been criticized by some parties:
1) Being an "inch deep and a mile wide" means that the test has little or no depth, and passing it may prove only that a person is good at memorizing facts and passing examinations.
2) It sometimes tests on outdated information (for instance, the CISSP exam as of 2006 still sometimes asks questions about 10BASE2 Ethernet, which has not been widely used since the 1990s).
3) The test is formulated so that testees are to choose the best answer from among a group, rather than an actual correct answer. Some feel that this is a form of "trick" question, and really just tests attention to detail, rather than the subject matter.
4) Some questions given on CISSP tests, and information in the CBK® itself, is technically inaccurate, skewed, or incomplete. For instance, the Official (ISC)2 Guide to the CISSP Exam, based on the CBK®, says that all host-based intrusion detection systems work by reading audit logs -- completely ignoring the fact that the most common such system used today is probably Tripwire, which does not read audit logs. Critics charge that inaccuracies and wild blanket statements such as this are too common within the CBK®.
---but if it looks good on a CV...
Comment