Options
Recently passed CISSP exam - questions about what happens now?
magician300
Member Posts: 27 ■□□□□□□□□□
in SSCP
I posted in a different thread that this past Saturday I passed the CISSP exam. Now it's onto the certification process and I'm curious about a couple of things:
1.) I'm worried (albeit only slightly..) about getting the official certification. I have done primarily IT support for my career up to this point and don't have much of any experience in quite a few of the domains; examples would be legal, SDS, cryptography, BCP/DRP, etc. I would say my two biggest domains of experience would be Access Control (all of my previous roles have involved using AD in some form or another; beginner level "basic" administration type stuff early on to more advanced usage and full administration in my current role) and Telecommunications and Network Security (have done physical network implementations in previous roles). I could loosely put Operations Security in the mix as well if I really dug deep.
My question is: exactly *how* strict/exact is ISC2 typically with this? I mean - should I expect them to take a fine-tooth comb to every single detail on my resume? I'm certainly 100% truthful about what is on there but I guess a small part of me worries because unlike a lot of folks that I know who have this certification I do not have a ton of experience in the security world except on an intermediate level. Obviously I want to do more since I got this cert but really just want to make sure I didn't do all of this (or hope..) to *not* become certified!
2.) Approximately how long does this process take? I have my endorsement form ready to go and am waiting on one last piece for my resume before submitting it to ISC2 tomorrow. Any rough estimate on how long I should wait for a response?
Thanks in advance!
1.) I'm worried (albeit only slightly..) about getting the official certification. I have done primarily IT support for my career up to this point and don't have much of any experience in quite a few of the domains; examples would be legal, SDS, cryptography, BCP/DRP, etc. I would say my two biggest domains of experience would be Access Control (all of my previous roles have involved using AD in some form or another; beginner level "basic" administration type stuff early on to more advanced usage and full administration in my current role) and Telecommunications and Network Security (have done physical network implementations in previous roles). I could loosely put Operations Security in the mix as well if I really dug deep.
My question is: exactly *how* strict/exact is ISC2 typically with this? I mean - should I expect them to take a fine-tooth comb to every single detail on my resume? I'm certainly 100% truthful about what is on there but I guess a small part of me worries because unlike a lot of folks that I know who have this certification I do not have a ton of experience in the security world except on an intermediate level. Obviously I want to do more since I got this cert but really just want to make sure I didn't do all of this (or hope..) to *not* become certified!
2.) Approximately how long does this process take? I have my endorsement form ready to go and am waiting on one last piece for my resume before submitting it to ISC2 tomorrow. Any rough estimate on how long I should wait for a response?
Thanks in advance!
Comments
-
Optionsmokaz
Member Posts: 172
Hi there,
According to (ISC)² website here are the facts:
Candidates must have a minimum of five (5) years cumulative paid full-time work experience in two or more of the ten domains of the (ISC)² CISSP CBK®.
Original Here
Personally, I think that the 10 CBK domains are pretty broad in an IT point of view. Touching a wide wide range of security related items as well as day to day IT routine subjects/jobs/issues... So i guess that as long as you're staying truthful and that the years of experience referenced in your documents effectively reflects the cumulated 5 years of experience needed in at least 2 of the 10 CBK domains you're good to go.
Process for me took a little less than a month.
Good luck,
regards,
m. -
Optionsmagician300
Member Posts: 27 ■□□□□□□□□□
Having my Security+ certification I read will drop that number down to four. I am definitely truthful in my resume and with all of the information on there that's for sure - I guess I just worry a bit because of the "experience" factor but was more or less curious if they kind of view the 10 domains in a more broad sense. If that's the case then it should be no problem at all!
Appreciate the feedback. -
Options
aftereffector
Member Posts: 525 ■■■■□□□□□□
Three to five weeks seems pretty standard - I think mine came in right around a month. It will take some additional time if you are randomly audited. As far as experience, you will be fine. You have more relevant security experience than some CISSPs I know.
Physical Security is a great domain for experience. I guarantee that you've done something related to that domain for years.CCIE Security - this one might take a while...