I'm starting my study routine now for the CISA. Just registered for the June exam. I've picked up a couple of books, and am going to hit up the big bosses for a boot camp when the time gets closer. Nothing like an intense brain beating right before hand to add a little insurance.

Hey there everybody. Been a while since I've been very active 'round these parts, but trust me, I didn't forget about you. That pesky real world (job changes, married life, remodeling a home) keeps getting in the way of my fun!

I'm starting this thread just to try to get some opinions from any grey-beards out there, and to hopefully help out some of the folks trying to find their way in this crazy little infosec world.

Those of you who have already gone through a transisiton from technical to less so, how did you feel about it? Was it by choice, or was it forced upon you? Maybe it just happened naturally?

The reason I'm asking, is that I've found myself thrown in that direction. For a while now, my career has been taking a turn more and more to the less technical side of things. I've been dealing more with policy and procedure, with compliance, with C&A. And I'm good at it. Probably better at it than at most other things, honestly. I just didn't see this as the direction I'd be heading when I got into the infosec world. Suddenly, I'm a C&A consultant. Not a bad gig, don't get me wrong, but certainly not the sexiest

What say you EHNetters?

I didn't know that Intense School shut down. I went to them, too, but only after studying for about 4 months. I was pretty confident from my own reading and use of cccure, but then the in-laws decided to surprise me and buy the boot camp for me (a little insurance).
Larry Greenblatt was my instructor, and I thought he was one of the best I've had. Could I have passed without the camp? Probably. Was it worth it for the added confidence? Absolutely. I kept in touch with about 20 of the 30 folks from my class, and all but one passed on the first try. The ones who claimed to have had the hardest time were the ones who'd been in the business the longest. That whole real world vs. ideal world conflict in the brain.

Good luck on the retest. I'm not a huge fan of certs in general...at least as a way of flaunting what you (claim to) know, but having it has certainly opened doors for me. Living in the Baltimore/DC area, all the gov't contractors want folks with letters after their names.

The abacus was vulnerable to data corruption if it was shaken 

I'll be at Shmoo hanging out with all the other geeks. See you all there!

I've been thinking of rebranding. OneEyedCarmen came about b/c I used to tend bar at a place called One Eyed Mike's, and Carmen is my last name...makes it a little hard to be anonymous, but it's stuck for so long, I think the risks do not outweigh the rewards.

And vijay2, if you send my your email address and password, I'll gladly explain how this is exactly NOT like social engineering 

My liver and I survived my first Shmoocon (though my bank card may not have http://tinyurl.com/aedh9l).

I'm going through my notes and trying to put together a summary, along with links to some of the talks. It was great finally getting to meet CG, as we'd corresponded via email and the boards here and on LSO for a few years now. I also got to meet Ed Skoudis who's teaching the SANS @Home course that I'm taking.

I was able to get quite a few flyers for ChicagoCon 2009s passed out, and saw that Johnny Long had allowed a stack to be placed on his table in the vendor section (be sure to check out and support Hackers for Charity).

It was a lot of fun, but I've decided that next year, I'll suck it up and get a room at the hotel instead of trekking to and from Baltimore each day.

Supposedly they do now. They've also implemented a timeout. We'll see.

Thanks guys! So far I'm really enjoying the class. Ed and John are great instructors and do a good job of keeping things entertaining.

Sorry for the late reply to the congrats (and for my absence from the forum). Work and a new puppy have kept me more occupied than I'd prefer. Hell, who'm I kidding, the puppy can take up the time, it's work that's keeping me away more than I'd like. Although, I don't want to complain about too much work when so many have the opposite problem right now.

Once the course is complete, I'll be sure to post a full review (we have class Tuesdays and Thursdays through Feb). Now I just have to convince the wife that the cost of the exam is worth it!

Thanks again, Don. I really appreciate it.

The US DoD was offering free certs through their Defense University (or something like that) a while ago. I took one of the tests and got some piece of paper. Highly unlikely that it's worth anything, and it was ricockulously easy...so that should say something.

I'll look through my stuff. If I can find it I'll post the link. Though it's not always true (especially with certs) the saying "you get what you pay for" does have some merit.

Really looking forward to it. This is going to be my first Shmoo and the cast of characters attending is sure to keep things interesting.

I've got my barcode! Who else is going to be there?

Haven't had the opportunity (or time) to download it yet, but an acquaintance says it's not too bad. Like a lightweight Vista that has yet to break anything 

I'm in a "less-than-junior" role, and your description of what you've done and know made me feel, well, extra-junior 

*sigh