Planning for CISSP Associate - Need help

in SSCP
Hi,
I have been reviewing threads in this section for quite a few days now. After reading these many experiences and inputs from test takers, I am a bit confused on what preparation strategy to follow. I have the Shon Harris 6th edition which I just started, but would it be the right path considering the change in the CBK?
I have 2+years of experience in InfoSec industry. I also have a Master's degree (MS) in Computer Security.
One more question I have is, if I pass the CISSP today and get a ' Associate of (ISC)2', will I need to submit the CPE's for the next 2 years until I become a complete CISSP (not an (ISC)2 associate)?
I have been reviewing threads in this section for quite a few days now. After reading these many experiences and inputs from test takers, I am a bit confused on what preparation strategy to follow. I have the Shon Harris 6th edition which I just started, but would it be the right path considering the change in the CBK?
I have 2+years of experience in InfoSec industry. I also have a Master's degree (MS) in Computer Security.
One more question I have is, if I pass the CISSP today and get a ' Associate of (ISC)2', will I need to submit the CPE's for the next 2 years until I become a complete CISSP (not an (ISC)2 associate)?
Comments
*************
Step 2
If you currently have the required number of years of experience to be endorsed, you must complete the endorsement process within nine (9) months of your exam date. You may begin the endorsement process by submitting a completed endorsement form to (ISC)². For detailed information about the professional experience requirement for the CISSP certification, please visit www.isc2.org/cissp-professional-experience.aspx.
If you do not have the required number of years of professional experience, you can become an Associate of (ISC)². However, it is your responsibility to contact (ISC)² within nine (9) months of your exam date to tell us your intent.
****************
Also I think you need to get requred CPE per year even for Associate of CISSP
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
I thought going for this prestigious exam would do me good knowledge-wise and career-wise as well. And if I maintain the required CPEs till I get the required experience, I will then become a CISSP. Correct me if I'm wrong?
Furthermore, CISSP is all knowledge and judgement questions and scenarios where you are making decisions as a Security Manager or CISO. It has technical content but does not test an individual's hands on technical skills and the technical content of the CISSP is more basic than other security certs, therefore if I'm looking for a guy (or gal) who I know can identify intrusions or lead incident response or test for vulnerabilities or identify root cause of an incident or do security engineering work with MCSE/CCIE guys then I'd rather see more technical certs not solely assoc of isc2. Don't get me wrong, I don't see assoc of ISC2 as having no value, just saying that it may not serve you as well in your career as technical certs will because to be honest until you have enough experience to qualify for mid-level management positions it's not very helpful other than demonstrating that you want to be a CISO someday. Just my opinion, good luck with the exam.
Makes sense. Thanks. I think I'm being over-aggressive when it comes to my career. As said, I need to concentrate on more technical certifications that might provide more value to my career right now.
Badly need to find a mentor!
I'd like to offer you my advice just based on the very little that I've learned about you in this thread. Maybe some food for thought that might be helpful.
You have an MS in Computer Security, that alone shows you are committed to the field and that's all the *formal education* you'd need and then some to be the CIO/CISO of a major corporation, so that's awesome you've already knocked that out.
You're already working in infosec, though you didn't mention what specifically you're doing. But whatever you decide, the foundation of any career in security should be a solid understanding of networking and servers (datacenter, cloud, virtual, mobile, all of it).
You do learn some of this in computer security books and classes but the experience of working on technical problems, understanding how the stuff works in a real environment, this is extremely useful knowledge that we call upon all the time to do our security jobs. Learn as much of this stuff as you can by whatever resources you have at your disposal: on the job, home lab, video courses, books, classroom training, etc.
Beyond that, the development paths fork off in somewhat different directions depending on what roles you have or are heading toward. Security Ops, Audit, Assessment and Testing, Forensics, Engineering, or a combination of those.
This is where the Assoc of ISC2 is *not as* valuable as something more technical and concentrated. Each of the areas above has focused, highly-technical and/or hands-on exams and certifications for those specific skill sets, whereas the CISSP exam is broad in scope and more about applying knowledge along with professional judgement to shape and manage a security program and processes.
Hopefully this helps somewhat, but you seem to be well on your way toward a successful career.
How much depends on what you do now and what your goals are.
Not sure about the CPE's but I'm thinking it would be a requirement, as well as the yearly $85 fee to ISC2.
Thats actually solid advice. This board in particular has been too focused on the means to an end than the ethical or moral right or wrong of passing an exam - no matter the cost. People see the CISSP and dollar signs as interchangeable values for one another. Just makes a mess out of the career field and has lead lots of eager examinees to complete an exam they should have never sat for in the first place.
For those of you who doubt me you really should be reading some of the recent resume's that have crossed my desk.
Stunningly bad.
-b/eads
I am planing for the CISSP exam and I am looking for study partner to go through the chapter by chapter. I do have CBK ( 4th Edition ), Shon Harris ( AIO -6th ) and MP3 for the Shon Harris Lecture. I am studying CBK now and I will study Shon Harris (AIO - 6 the Edition ) later just to make sure I am not missing any topics. Listening MP3 in the car....
I believe discussing the chapter by chapter will help the catch the topics faster.
Thanks
Shahin
I have no clue if they will accept his internship experience, but I told him to just shoot an email ISC2.I personally think he should be ok, it was a paid internship position and he average 40 hours a week, but I'm not sure how ISC2 would approach that. Your thoughts?
Really appreciate the advice - priceless at this stage of career. Feels good when experienced professionals approve of my career plan
Hey Shahin, yes I would love to have a chat. P.m. me.
Amazon.com: CISSP In 3 Weeks: The Only Step-by-Step CISSP - DIY Instruction Manual eBook: Nichel James: Kindle Store
Can't make the exam any easier than that! As an added bonus the author indicates you only need 2 years experience. Wooohooo!
Personally, I believe additional investigation may be in some order.
-b/eads