SSCP difficulty for CCNA: Security and Security+ certified?

nrkynrky Posts: 16Member ■□□□□□□□□□
G'day all!
Now that the Christmas break is over, time for me to move on to my next certification, the SSCP.
I passed my Security+ recently, and CCNA: Security a month prior, and I have been looking over the Gibson and OCG for SSCP, despairing that I haven't wisely spent my hard-earned money.
From what I can tell based upon the textbooks, SSCP doesn't cover much more than the Security+, meaning that I'm not going to need more than a couple of weeks to digest this and cover the gaps (mostly BCP and DR processes). The long-term plan is to obtain my CISSP within the next year and go the associate route (as I only have two years' worth of "experience", despite being a security-as-a-hobby geek for the better part of a decade).

My question is thus: For those of you with both the Security+ and SSCP, did you find the SSCP covered much more than the Security+ coursework? The only person I've seen on here with both is JDMurray, though I'm sure there's lots of other certified people lurking around in these forums that had one and considered the other.

I'm starting to go a little bit mad as I'm collecting certs but seeing no traction with them, career-wise.... It's all starting to become rather academic, in the grand scheme of things. Getting impossible to get out of Level1 in the NOC.
Cheers,
NrKy.

Comments

  • RemedympRemedymp Posts: 834Member
    As someone who has taken both. If you already have SY0-401 and CCNA: Security, it doesn't really make sense to get the SSCP. If you didn't have either of the previous, then it would make sense to obtain SSCP by itself.

    However, with the two certs you have, you may be better off focusing on the CISA for 2015 if you meet those requirements.

    To answer your question about difficulty between SY0-401 and SSCP. The SY0-401 was the more challenging exam. The CASP exam was by far the most difficult for me and force me back to referring to resources.
  • H3||scr3amH3||scr3am Posts: 563Member
    As stated above, the SSCP doesn't make much sense, I would jump straight to the CISSP (associate of ISC^2) if you lack the experience for endorsement.

    CISM and/or CISA would also be another route. you could also consider doing the GISP (CISSP exam prep course SANS) and then do the CISSP
    WGU B.S. IT - Security Progress Start Date: Mar 1 2015 Transferred|Required|In Progress|Completed
    C176 C220 C221 C393 C394 C172 C178 C164 C457 C455 C456 C480 (42 CUs Xfered)
    C247 C299 (12 CUs Required to Graduate)
    C247
    C299 (12 CU In Progress)
    C182 ORA1 C459 C132 C168 C376 C483 C255 C278 C173 C169 C175 C484 C170 C179 C451 C100 C246
    C435 C436(68 CU Completed)
  • nrkynrky Posts: 16Member ■□□□□□□□□□
    Thanks for your advice, much appreciated!
    I've been going through the Gibson and AIO textbooks for the SSCP and have noticed that it seems even less of a challenge than the Security+ (SYO-401, not 301).
    Given the miniscule cost of the CISSP examination compared to an equivalent vendor-specific exam (CCIE Security lab exam, typically taken by people with 5yrs+ experience, costs USD$1,600), the SSCP seems like a waste money and I should really go the Associate CISSP route.

    Next question is thus: If you only have 1-2 years InfoSec experience and other certifications, do you need to go through the whole 'endorsement' process after passing the CISSP if you want to only get the Associate cert? Is the Associate even worth getting? I'm stuck in between a rock and a hard place, where in I only have Help Desk experience yet have the knowledge required to pass some well-respected certs (CCNP Security, CISSP, CASP, CEH, PMP, ITIL Service Design, etc.)
    I feel that my current certs are getting me nowhere in Melbourne, Australia. We have a MASSIVE glut of paper-cert Indian workers, but they don't know anything beyond the certs that they paid someone to help them study, yet they have more success obtaining good jobs here than a local with the same certs.
  • RemedympRemedymp Posts: 834Member
    nrky wrote: »
    Thanks for your advice, much appreciated!
    I've been going through the Gibson and AIO textbooks for the SSCP and have noticed that it seems even less of a challenge than the Security+ (SYO-401, not 301).
    Given the miniscule cost of the CISSP examination compared to an equivalent vendor-specific exam (CCIE Security lab exam, typically taken by people with 5yrs+ experience, costs USD$1,600), the SSCP seems like a waste money and I should really go the Associate CISSP route.

    Next question is thus: If you only have 1-2 years InfoSec experience and other certifications, do you need to go through the whole 'endorsement' process after passing the CISSP if you want to only get the Associate cert? Is the Associate even worth getting? I'm stuck in between a rock and a hard place, where in I only have Help Desk experience yet have the knowledge required to pass some well-respected certs (CCNP Security, CISSP, CASP, CEH, PMP, ITIL Service Design, etc.)
    I feel that my current certs are getting me nowhere in Melbourne, Australia. We have a MASSIVE glut of paper-cert Indian workers, but they don't know anything beyond the certs that they paid someone to help them study, yet they have more success obtaining good jobs here than a local with the same certs.

    Have you tried applying with the Australian or New Zealand government?
  • DoubleNNsDoubleNNs Posts: 2,013Member ■■■■■□□□□□
    You say you can pass the CCNP Security. WHy not go for that? If you pass, you pass. No endorsement or experience requirement.
    Goals for 2018:
    Certs: RHCSA, LFCS: Ubuntu, CNCF CKA, CNCF CKAD | AWS Certified DevOps Engineer, AWS Solutions Architect Pro, AWS Certified Security Specialist, GCP Professional Cloud Architect
    Learn: Terraform, Kubernetes, Prometheus & Golang | Improve: Docker, Python Programming
    To-do | In Progress | Completed
  • nrkynrky Posts: 16Member ■□□□□□□□□□
    Remedymp wrote: »
    Have you tried applying with the Australian or New Zealand government?
    Have been applying for ICT roles with all three levels of government (federal, state, council) for the better part of a decade now, with no luck whatsoever. It seems like all the people here with full citizenship status end up in government IT jobs, because they certainly aren't working in the private sector anymore (almost 100% Indian now).
    DoubleNNs wrote: »
    You say you can pass the CCNP Security. WHy not go for that? If you pass, you pass. No endorsement or experience requirement.
    I only have just under two years' experience in resume-friendly work. I've been talking to the dozen+ people in the NOC where I work and the general idea tends to be that CCNP is really only for people with several years' experience as a Network Engineer/Technician, otherwise it looks utterly ridiculous. I'm starting to wonder at which point it starts to look silly and somewhat 'paper-tiger' when your certifications exceed your professional experience.

    It's starting to make me want to go back to hacking, but legit pentesters are a dime a dozen in Australia.

    Really making it hard for people to stay white-hat when it's nigh but impossible to get a real opportunity to prove yourself as someone who actually knows how to troubleshoot, even for technologies they've not studied.
  • DoubleNNsDoubleNNs Posts: 2,013Member ■■■■■□□□□□
    if you're at the CCNP Security level, why does your "resume-friendly" experience matter? I think what is most important is that you can back up what you've put down on your resume.
    Goals for 2018:
    Certs: RHCSA, LFCS: Ubuntu, CNCF CKA, CNCF CKAD | AWS Certified DevOps Engineer, AWS Solutions Architect Pro, AWS Certified Security Specialist, GCP Professional Cloud Architect
    Learn: Terraform, Kubernetes, Prometheus & Golang | Improve: Docker, Python Programming
    To-do | In Progress | Completed
  • nrkynrky Posts: 16Member ■□□□□□□□□□
    DoubleNNs wrote: »
    if you're at the CCNP Security level, why does your "resume-friendly" experience matter? I think what is most important is that you can back up what you've put down on your resume.
    My studies and lab experience are at the point where I can pass the CCNP Security within the next few months (need to brush up on the new coursework), but I have almost no experience in actually configuring or troubleshooting networks at work, because I've been stuck in Level1 Helpdesk roles and haven't been successful in finding better employment, despite gaining certification and significantly adding to my knowledge base.
  • Sscp1986Sscp1986 Posts: 27Member ■□□□□□□□□□
    I know what you mean of being stuck!
    2015: CISSP[Working on it]
  • pandoso360pandoso360 Posts: 16Member ■□□□□□□□□□
    I dont know how it works in your country but unfortunately in Mexico, we have to impress those little trolls in the HR department, that rather hire more paper-cert Indian workers (btw you nailed it there) than give the local IT folk a chance, to land any position in the private sector.
Sign In or Register to comment.