Wednesday, March 08, 2006

SANS 2006 - CISSP - Final Thoughts

After being in class for approximately 72 hrs in 6 days, I am a little burned out. The class was excellent. It really gave me an appreciation for security management. The CISSP certification is certainly designed for managers although industry and HR personnel don't seem to realize this. The more interesting parts were dealing with policy and cryptography. I really didn't know too much about cryptography before taking the class, but after a full day of it, I can say I have a good grasp on the subject. As for policy, I used to seriously dislike anything related to policy, especially, meetings that dealt with the semantics of policy. Looking at it from a managerial standpoint, it is crucial to the inner workings, efficiency and effectiveness of an IT organization. I look forward to actively participating in policy committees in the future.

I was able to attend several technical sessions during lunch and after class in the evenings. The majority of them were top-notch. I really enjoyed Joe Stewart's presentation on his tool TRUMAN for creating sandnets to accomplish behavioral malware analysis. Great presentation and I look forward to implementing this in the lab for our own testing. I also made contacts with numerous vendors regarding current work projects.

Overall, it was a fantastic, but exhausting experience. If Dr. Eric Cole had not been the instructor, I'm not sure I could have made it through. He is one of the best instructors I have had. Now, I need to continue studying and pass the CISSP exam in April.


Martin McKeay said...


I can't agree with you more about policy, but as you move up in the world into management (or is that down into the deeper layers of hell?) policy becomes more and more an integral part of your job. There are few things I dread more about my job than having to write policy, but it is the foundation your future decisions are going to be based on.


-->j said...

You left out the part about you throwing a Snort Pig at Martin Roesch during dinner on Wednesday...

A classic moment...


John H. Sawyer said...

It was a classic moment that I felt I would keep private among those 8 of us that were there to witness the sushi/sake madness that engulfed Kimono's. Oddly enough, several people in my CISSP class must have witnessed or overheard stories and happily conveyed them to my wife at dinner Thursday night. I'm certainly glad there were no cameras present for that evening.

Anyways, not sure if I mentioned it, but I certainly did meet a number of great people that I hope to stay in touch with. Thanks, jason.

Also, the blog entry was copied from my "summary" that had to be given to my boss which definitely did not include me getting drunk with the Sourcefire crew, singing karaoke and hitting Marty with a foam Snort pig. Now, I am outed. ;-)