Passed SSCP today - materials used

jonwinterburn

Hi all.

Well, after 3 months of study, I passed the SSCP exam today. I know it's not as prestigious as the CISSP, but it was important to me, and I'm so pleased I passed! The exam was challenging, the 3 hours and 125 questions was exhausting - I can only imagine how bad the CISSP exam is going to be!

I've logged in to my Pearson Vue account and can see they've updated that with "Pass" but my ISC2.org account currently states "You are not enrolled in any (ISC)2 exams". Is this something I have to do, or will they update the profile in a few days? Until then, I can't continue with the endorsement process.

For anyone else interested in sitting SSCP, I definitely recommend it. There's no way I'm ready yet for CISSP, but as JD Murray has pointed out, SSCP is an excellent preparation for CISSP. I'd like to thank you JD; that piece of advice was right on

Now I know what format the questions are in, what the whole test experience is like (SO much more secure and regulated than my Microsoft exams a few years ago!) and I have covered half of the CISSP domains by studying for SSCP.

With regards to study, I didn't just gloss over material, but devoured every single bit of information I could find. With these type of exams, it's clear you can never over-prepare. I studied every available moment over the last 3 months, forgoing gaming, TV, social life, etc. The materials I used were:

• Darril Gibson's SSCP Study Guide
• SSCP Study course on PluralSight
• OWASP Top 10 course on PluralSight
• Professor Messer's Security+ course on YouTube
• The official ISC2 iPad app (4 sets of 25 questions)
• FIPS 200 Publication
• Security Risk Management: Building an Information Security Risk Management Program from the ground up
• Everyday Cryptography: Fundamental Principles and Applications
• My own copious study notes

Did I really need to do all that prep to pass the SSCP exam? Probably not. But I wanted to know that when I went in to that exam, I knew everything I had to. Besides, this is my job, and I want to be the very best I can be. If you are looking to sit the SSCP, I do recommend all the above materials, because not only does it prepare you for the exam, but it'll make the CISSP study that little bit easier on the old brain Plus it's cool when you can explain cipher-block chaining to a bored friend!

Darril's book is excellent. I read that 3 times, cover to cover. However, it only covers about 85% of the stuff needed. The SSCP video course filled in about another 10% and Professor Messer's Security+ videos filled in the remaining 5%. The risk book is an excellent read, and one I'm using in my job. The crypto book is an enjoyable read, and did help me with some crypto stuff, but is serious overkill for this exam. However, I will be revisiting it for CISSP, as it does explain in-depth crypto principles to math-challenged people like me, in an everyday, lay manner. The FIPS publication I felt was worth reading as Darril referred to it so often, and it's not long (17 pages). Taking the practice questions from ISC2 on my iPad helped highlight the 15% missing from Darril's book.

Regarding study notes - don't download and read someone else's! The study notes that are out there for SSCP are incomplete, poorly laid out and riddled with typos. Additionally, they're written from someone else's perspective. Your own notes are far more valuable, as taking notes is an integral part of understanding the subject matter.

So, a couple days' relaxing, and then I'm back in the game, preparing for CISSP, with a plan of 6 months' intense study.

Jon

EasyPeezy

Well done...!!!

jvrlopez

Congrats!

If SSCP is anything like CISSP, you'll get your membership log in updated (for CPEs, currency status, etc) once your endorsement is completed.

JasminLandry

Congrats on the pass!

jonwinterburn

Thanks everyone

Robicus

Congratulations, Jon!

How useful were the Pluralsight SSCP videos? Would the prove valuable for one studying for the CISSP?

jonwinterburn

Thanks!

The Pluralsight SSCP videos filled in some gaps in Gibson's book, but for CISSP, I don't think they'd help a huge amount. It depends on your knowledge, to be honest. They certainly wouldn't hurt, but you're better off with Keith Barker's CISSP CBT Nuggets. I tend to find video courses rush through the concepts, giving you everything you need to know, but in a very condensed format. Not enough on their own, but a great accompaniment to the books. I took a 7 day trial of CBT Nuggets and watched all those videos, and they're very good. So I'll likely get a month's sub's nearer exam date.

ksmaheshkumar

Congratulations

Robicus

Awesome-- thanks for the added info, Jon. I will definitely check into the CISSP CBT Nuggets.

samworthington

Can you tell us more regarding this exam? What did you use for exam preparation? I am currently at the final stage of my preparations for the exam but I am in a shaking mode. I did use most of the things you mentioned above and I am currently using this app from AppStore SSCP Systems Security Certified Practitioner – Exam Prep.
Thanks in Advance.
SW

jonwinterburn

samworthington wrote: »

Can you tell us more regarding this exam? What did you use for exam preparation? I am currently at the final stage of my preparations for the exam but I am in a shaking mode. I did use most of the things you mentioned above and I am currently using this app from AppStore SSCP Systems Security Certified Practitioner – Exam Prep.
Thanks in Advance.
SW

I cannot tell you anything about the exam itself, as that would be in violation of the NDA. As for exam prep, I used all the materials I mentioned, and at the very end of my studies, I went over my notes again and again.

jonwinterburn

Oh, and another useful resource is the free SSCP Webcasts from ISC2: http://education.isc2.org/sscp-webcasts

MSP-IT

Congrats on the pass!

You shouldn't have much of a problem with the CISSP. Like you, I decided to pursue the CISSP 6 months after the SSCP. Though in that timeframe I did complete around 40 credits at WGU and the capstone. As far as difficulty goes, if the SSCP was a 5/10, I'd place the CISSP somewhere around a 6.5/10. I'd give yourself another solid 3 months on the CISSP material and go for it; I doubt it'd take you 6.

SuperISSO

Congratulations on the pass.

papadoc

Congrats on the pass, it's nice to feel that immense weight off your shoulders..

jonwinterburn

Thanks guys! Although it may be a weight off, it's only replaced with the even heavier weight of CISSP!

newjack

MSP-IT wrote: »

Congrats on the pass!

You shouldn't have much of a problem with the CISSP. Like you, I decided to pursue the CISSP 6 months after the SSCP. Though in that timeframe I did complete around 40 credits at WGU and the capstone. As far as difficulty goes, if the SSCP was a 5/10, I'd place the CISSP somewhere around a 6.5/10. I'd give yourself another solid 3 months on the CISSP material and go for it; I doubt it'd take you 6.

I am currently studying for my Sec+ and it seems like a great foundation. For my pre-test I got a 78/100 and I quickly thought that this test should be breeze and have pretty much convinced my self to go for the SSCP/CISSP combo afterwords.

I only have about 1.5 years experience but have went to school for security. What is your experience if you don't mind me asking? Trying to see if I should focus more on experience before I dive into SSCP/CISSP or I should go right back into studying and get these certs.

blackkite

congrats and thanks for this advice.