Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
(ISC)²
SSCP
NISTand FIPS documents for SSCP
jamesleecoleman
Hi there,
I'm going to start focusing on the SSCP soon. Would studying the NIST and FIPS documents be doing too much just to study for the SSCP? I enjoy reading the NIST documents but I don't wanna get way too much information that it could possibly hurt me when taking the SSCP.
Find more posts tagged with
Comments
JDMurray
I would guess that NIST docs are a major reference source for (ISC)2 exam items. However, the danger is pending too much time doing a deep dive for an exam that is the proverbial "mile wide and an inch deep." I would suggest looking at the stanard study guide for the SSCP and check what NIST docs they referenced.
I would say FIPS docs are only useful for the cryptography domain and only for AES, DES, and 3DES in particular. Like the NIST docs, they contain way more information than you need for the SSCP exam.
jamesleecoleman
Thanks for the response JDMurray.
I just really want to pass the test when I take it so I'm a little concerned.
exspiravit
The CISSP and I'm assuming the SSCP is to be country agnostic. The CISSP domains were derived from NIST SP800-12 but ISC has started to move away from being strictly US centric. My CISSP exam had a few questions on particular publications from the UK, USA, and an ISO but that was it. I don't think memorizing them would really help.
Now, reading them for the information they contain is another matter in itself. There is a lot of really good info that is broken down and some decent explanations such as quantitative versus qualitative in regards to IA/Cyber security concerns. So, as reference material you have a good source if you want something broken down for, say, an executive to understand.
JDMurray
I would stay with just the SSCP study materials and Google any topics that you still don't understand. Reading standards and RFCs will just be a waste of your study time.
TeKniques
I agree with what has been mentioned already, but just wanted to offer an opinion on study material. The Gibson book and a quality practice test bank will be enough to get through the exam if you understand the material. Myself, I just used the Gibson book (read it twice) and used the ISC2 test bank which in my opinion those questions were more difficult then the ones on the test.
jamesleecoleman
I've been reading Gibson's and Harris's book and googling things that I don't understand. I'll buy the studyiscope questions as soon as I can, I would really like to see what I need to work on in addition to the other subjects.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
