"Bryan J. Smith" <[EMAIL PROTECTED]> writes:
> From: G. Matthew Rice <[EMAIL PROTECTED]>
> > Dang and I was already attached to the previous mapping.
>
> I brought this up back in 2004-2005 IIRC. ;)
Yeah, I just misremembered/misunderstood the posts as the full CISSP and not
the SSCP.
> > I'll attempt a mapping to these, too, but I do like the
> > 'marketing' spin on the CISSP side.
>
> ...
> That's why the SSCP is more appropriate, technically.
> ...
> Same deal on the CISSP. Are we going to test based on a
> book of knowledge that spends half of its time testing for
> networking concepts that are generic to OSes? Or one that
> really really focuses on system details and their services,
> which could be well-mapped and adapted for a specific
> platform like Linux?
In fact, neither :)
I think that we've done a commendable job of flushing out what is really
importent to Linux admins. Not just on this list but at the TAC (Technical
Advisory Committee) meetings and other ones I've attended.
We definitely won't be covering everything in the SSCP CBK. However, it's
nice to see a lot of commonality with the (ISC)2's CBK and I think that the
marketing guys would love to see the 'mapping'. Now if I could just get one
of the execs/management to listen to me and make a call to (ISC)2 about some
joint PR/marketing, I think it would be really cool.
Bah. I think I'll just do it myself. Anyone know whom I should call at
(ISC)2? :)
> > Besdies, who's ever heard of the SSCP? I can't even get the acronym
> > correct when I speak of it. Always ends up as CSSP, SCCP, CCCP, ... :)
>
> I know it's a joke, but ...
>
> It's still the (ISC)2. If you ask them, I'm sure some
> would even agree it's more applicable.
>
> Again, it's not about marketing, but reality in my view.
Agreed. I think, to most on the list, marketability is not the primary
objective.
> > No doubt on that. We seem to have picked some token and
> > ubiquitous services but people want to seem to focus that
> > way.
>
> My point was that the tasks can probably be broken out better.
I'm open to suggestions but don't save it for the last hour.
> > Ah, I wasn't thinking a total mapping but an
> > 'applied subset' (by applied, I mean non-theory).
>
> The CISSP really gets into conceptual things, not applied
> tasks, for half the exam. The SSCP does that somewhat too
> in its CBK, but it really does map well to actual, system
> tasks.
Agreed. I only managed to map to 5 of the CISSP topics. And one or two were
pretty light coverage.
> Again, "System Security Certified Practitioner."
Well, why didn't you say that before? ;)
> But for system security, no, SSCP is better in my view.
Umm, we are covering some network security topics, too. OpenVPN, IDS,
monitoring, scanning and hardening of important network services.
> Hell, say it's "based on the (ISC)2 CISSP and SSCP CBKs"
> in marketing, but map to the SSCP.
> Change the objectives to be generic, but you'll find the SSCP maps far more
> to actual tasks that can be accomplished for system and service security of
> a Linux system.
If you've got the time, take a look at the objectives so far:
https://group.lpi.org/publicwiki/bin/view/Examdev/LPIC-303
and send some suggestions on reformatting them.
With today's addition of EAs/ACLs and encrypted filesystems, I think that we
have all of the actual content listed now. I realize that it needs a
little clean up and, as always, I'm impressionable.
Regards,
--
g. matthew rice <[EMAIL PROTECTED]> starnix care, toronto, ontario, ca
phone: 647.722.5301 x242 gpg id: EF9AAD20
http://www.starnix.com professional linux services & products
_______________________________________________
lpi-examdev mailing list
[email protected]
http://list.lpi.org/cgi-bin/mailman/listinfo/lpi-examdev
