SSCP difficulty for CCNA: Security and Security+ certified?
G'day all!
Now that the Christmas break is over, time for me to move on to my next certification, the SSCP.
I passed my Security+ recently, and CCNA: Security a month prior, and I have been looking over the Gibson and OCG for SSCP, despairing that I haven't wisely spent my hard-earned money.
From what I can tell based upon the textbooks, SSCP doesn't cover much more than the Security+, meaning that I'm not going to need more than a couple of weeks to digest this and cover the gaps (mostly BCP and DR processes). The long-term plan is to obtain my CISSP within the next year and go the associate route (as I only have two years' worth of "experience", despite being a security-as-a-hobby geek for the better part of a decade).
My question is thus: For those of you with both the Security+ and SSCP, did you find the SSCP covered much more than the Security+ coursework? The only person I've seen on here with both is JDMurray, though I'm sure there's lots of other certified people lurking around in these forums that had one and considered the other.
I'm starting to go a little bit mad as I'm collecting certs but seeing no traction with them, career-wise.... It's all starting to become rather academic, in the grand scheme of things. Getting impossible to get out of Level1 in the NOC.
Cheers,
NrKy.
Now that the Christmas break is over, time for me to move on to my next certification, the SSCP.
I passed my Security+ recently, and CCNA: Security a month prior, and I have been looking over the Gibson and OCG for SSCP, despairing that I haven't wisely spent my hard-earned money.
From what I can tell based upon the textbooks, SSCP doesn't cover much more than the Security+, meaning that I'm not going to need more than a couple of weeks to digest this and cover the gaps (mostly BCP and DR processes). The long-term plan is to obtain my CISSP within the next year and go the associate route (as I only have two years' worth of "experience", despite being a security-as-a-hobby geek for the better part of a decade).
My question is thus: For those of you with both the Security+ and SSCP, did you find the SSCP covered much more than the Security+ coursework? The only person I've seen on here with both is JDMurray, though I'm sure there's lots of other certified people lurking around in these forums that had one and considered the other.
I'm starting to go a little bit mad as I'm collecting certs but seeing no traction with them, career-wise.... It's all starting to become rather academic, in the grand scheme of things. Getting impossible to get out of Level1 in the NOC.
Cheers,
NrKy.
Comments
-
Remedymp Member Posts: 834 ■■■■□□□□□□As someone who has taken both. If you already have SY0-401 and CCNA: Security, it doesn't really make sense to get the SSCP. If you didn't have either of the previous, then it would make sense to obtain SSCP by itself.
However, with the two certs you have, you may be better off focusing on the CISA for 2015 if you meet those requirements.
To answer your question about difficulty between SY0-401 and SSCP. The SY0-401 was the more challenging exam. The CASP exam was by far the most difficult for me and force me back to referring to resources. -
H3||scr3am Member Posts: 564 ■■■■□□□□□□As stated above, the SSCP doesn't make much sense, I would jump straight to the CISSP (associate of ISC^2) if you lack the experience for endorsement.
CISM and/or CISA would also be another route. you could also consider doing the GISP (CISSP exam prep course SANS) and then do the CISSP -
nrky Member Posts: 16 ■□□□□□□□□□Thanks for your advice, much appreciated!
I've been going through the Gibson and AIO textbooks for the SSCP and have noticed that it seems even less of a challenge than the Security+ (SYO-401, not 301).
Given the miniscule cost of the CISSP examination compared to an equivalent vendor-specific exam (CCIE Security lab exam, typically taken by people with 5yrs+ experience, costs USD$1,600), the SSCP seems like a waste money and I should really go the Associate CISSP route.
Next question is thus: If you only have 1-2 years InfoSec experience and other certifications, do you need to go through the whole 'endorsement' process after passing the CISSP if you want to only get the Associate cert? Is the Associate even worth getting? I'm stuck in between a rock and a hard place, where in I only have Help Desk experience yet have the knowledge required to pass some well-respected certs (CCNP Security, CISSP, CASP, CEH, PMP, ITIL Service Design, etc.)
I feel that my current certs are getting me nowhere in Melbourne, Australia. We have a MASSIVE glut of paper-cert Indian workers, but they don't know anything beyond the certs that they paid someone to help them study, yet they have more success obtaining good jobs here than a local with the same certs. -
Remedymp Member Posts: 834 ■■■■□□□□□□Thanks for your advice, much appreciated!
I've been going through the Gibson and AIO textbooks for the SSCP and have noticed that it seems even less of a challenge than the Security+ (SYO-401, not 301).
Given the miniscule cost of the CISSP examination compared to an equivalent vendor-specific exam (CCIE Security lab exam, typically taken by people with 5yrs+ experience, costs USD$1,600), the SSCP seems like a waste money and I should really go the Associate CISSP route.
Next question is thus: If you only have 1-2 years InfoSec experience and other certifications, do you need to go through the whole 'endorsement' process after passing the CISSP if you want to only get the Associate cert? Is the Associate even worth getting? I'm stuck in between a rock and a hard place, where in I only have Help Desk experience yet have the knowledge required to pass some well-respected certs (CCNP Security, CISSP, CASP, CEH, PMP, ITIL Service Design, etc.)
I feel that my current certs are getting me nowhere in Melbourne, Australia. We have a MASSIVE glut of paper-cert Indian workers, but they don't know anything beyond the certs that they paid someone to help them study, yet they have more success obtaining good jobs here than a local with the same certs.
Have you tried applying with the Australian or New Zealand government? -
DoubleNNs Member Posts: 2,015 ■■■■■□□□□□You say you can pass the CCNP Security. WHy not go for that? If you pass, you pass. No endorsement or experience requirement.Goals for 2018:
Certs: RHCSA, LFCS: Ubuntu, CNCF CKA, CNCF CKAD | AWS Certified DevOps Engineer, AWS Solutions Architect Pro, AWS Certified Security Specialist, GCP Professional Cloud Architect
Learn: Terraform, Kubernetes, Prometheus & Golang | Improve: Docker, Python Programming
To-do | In Progress | Completed -
nrky Member Posts: 16 ■□□□□□□□□□Have you tried applying with the Australian or New Zealand government?You say you can pass the CCNP Security. WHy not go for that? If you pass, you pass. No endorsement or experience requirement.
It's starting to make me want to go back to hacking, but legit pentesters are a dime a dozen in Australia.
Really making it hard for people to stay white-hat when it's nigh but impossible to get a real opportunity to prove yourself as someone who actually knows how to troubleshoot, even for technologies they've not studied. -
DoubleNNs Member Posts: 2,015 ■■■■■□□□□□if you're at the CCNP Security level, why does your "resume-friendly" experience matter? I think what is most important is that you can back up what you've put down on your resume.Goals for 2018:
Certs: RHCSA, LFCS: Ubuntu, CNCF CKA, CNCF CKAD | AWS Certified DevOps Engineer, AWS Solutions Architect Pro, AWS Certified Security Specialist, GCP Professional Cloud Architect
Learn: Terraform, Kubernetes, Prometheus & Golang | Improve: Docker, Python Programming
To-do | In Progress | Completed -
nrky Member Posts: 16 ■□□□□□□□□□if you're at the CCNP Security level, why does your "resume-friendly" experience matter? I think what is most important is that you can back up what you've put down on your resume.
-
Sscp1986 Member Posts: 27 ■□□□□□□□□□I know what you mean of being stuck!2015: CISSP[Working on it]
-
pandoso360 Member Posts: 16 ■□□□□□□□□□I dont know how it works in your country but unfortunately in Mexico, we have to impress those little trolls in the HR department, that rather hire more paper-cert Indian workers (btw you nailed it there) than give the local IT folk a chance, to land any position in the private sector.