Co worker CISSP 1st certification/competition

[Deleted User][Deleted User] Senior MemberPosts: 0 ■■□□□□□□□□
So I have a co worker (I won't say their name) but he works on the blue team for our company and he is planning on taking the CISSP certification as his first certification hoping that he can move to the red team. He is also doing his Master's degree currently as well where I am not. Now although I don't work on the blue team, I do work in security and hope to get to the red team as well so it is kinda like a competition to get there between the 2 of us. When I asked him basic stuff about requirements to take the exam, he was telling me that I was wrong. Now I mean this is basic stuff like if you have a 4 year degree, you get a 1 year waiver and you still need 4 years of experience in 2 of the 8 domains. He was telling me I was wrong and got pissed off and changed the subject when talking to me. Now I don't know about you guys, but personally I think taking the CISSP as your first certification exam ever is a bit of a challenge. I don't think he knows what he is getting into with this being his first cert. He says all he plans on doing is just "taking adderall and cramming for it over the timespan of a week" I really wanted to tell him well just take $600 and light it on fire. There is no way he can cram for it in 1 week and take the CISSP. He only has about 2-3 years of experience working and no previous certs. Now is it possible for him to do it or is he getting far in over his head? I don't want to be a dick and ruin our relationship but at the same time I want to guide him and be helpful and being practical by telling him you can't cram this exam in during a week or should I just stay out of it and just mind my own and just do my certs and drop the subject with him and let the universe unfold as it should? I hope to move over to the red team within the next year or so and during that timeframe, I plan on doing my CEH,CCNP and my SSCP or CISSP depending on money but I will probably do SSCP. In reality, out of the 2 of us, who do you think would have the better chance of getting to the red team?


  • jt2929jt2929 Member Posts: 244 ■■■□□□□□□□
    Stay out of it. He is obviously dead set on taking this exam and cramming for it. Worry about passing the exam yourself. Even if he passes the exam, it sounds like he won't be able to get the endorsement. Frankly, I'd be more concerned about his prescription drug abuse.
  • Mike7Mike7 Member Posts: 1,107 ■■■■□□□□□□
    He can get another CISSP to endorse him..
    Why bother? Stay out of it. Make friends, not enemies.
  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    Absolutely not worth picking up this fight. He will most likely crumble under his own weight. Who gets the position? Hard to say. If he interviews better than you, he may get it. It all depends on what they are looking for.
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
    Never know, he could be a great test taker, understand the CISSP logic on the test, and ace the test right away. Either way it his money... if he wants to attempt it and can afford to lose the money if he fails more power to him. Wouldn't give a second thought about it.

    As far as getting the position, certs only get you so far, and usually don't matter as much in interviews (not saying they don't like nice). Like cyberguypr said, it depends what they are looking for and who is better at interviews though. Good luck!
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    I don't think the prior certs line of thinking should come into play at all. Not understanding the material and thinking you can cram it all in a week though... not so much. Not sure why he's even going for a CISSP to get into the red team in the first place.
  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    That is a good point. Red teams generally spit on the CISSP and most certs for that matter.
  • CyberscumCyberscum Member Posts: 795 ■■■■■□□□□□
    Its a test....nothing more. If you understand the material and how to take the test you will pass.

    Will you really gain anything doing it his way? NO
  • JebjebJebjeb Member Posts: 83 ■■■□□□□□□□
    You'll have a better chance at a red team with the OSCP cert
  • iBrokeITiBrokeIT Member Posts: 1,317 ■■■■■■■■■□
    You can only help those that want it and clearly he views you as an adversary during this competition.

    If he is going to crash and burn, let him. You don't need to keep offering your unsolicited advice because it probably comes off as snarky even though he doesn't know any better.

    I think you have a good plan for your development so you should pour your energy into that plan.

    Best of luck!
    2019: GPEN | GCFE | GXPN | GICSP | CySA+ 
    2020: GCIP | GCIA 
    2021: GRID | GDSA | Pentest+ 
    2022: GMON | GDAT
    2023: GREM | GCWN | GSE

    WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops
  • JebjebJebjeb Member Posts: 83 ■■■□□□□□□□
    Another approach ( in the spirit of the Red team) is to hack him, and oh replace his study material with a different test subject.
Sign In or Register to comment.