Sunday, June 22, 2003

Problems with CISSP Questions

The June 2003 Information Security Magazine offered some great reading too. It reminded me of a Gartner statistic saying between 60 to 70 percent of Windows Server users run NT 4. Writing about his experience taking the CISSP exam, Andrew Briney nails the problem with CISSP questions:


"There's a chunk of questions that are difficult for all the wrong reasons. They're poorly worded, misleading or simply evasive. Evasive: that's the word that first came to mind when I walked out of the exam. It just seems like these questions serve no purpose other than to confuse and frustrate you.

It's because of these questions that you won't have an intuitive sense if you passed the exam. And it's because of these questions that the CISSP exam often gets a bad rap. Even though these questions comprise a comparatively small part of the exam, they're the ones that stick in your craw as you walk out the door."


I learned while reading Thomas Ptacek's commentaries of this article blasting the CISSP. I maintain that the main redeeming aspect of the CISSP is its code of ethics, which moves digital security closer to being a true profession with a code of ethics that matters.

No comments: