CISSP done....now Security+ ??

sunnysysadm · March 2006

I posted in the Security+ section and only received a response from the webmaster, so I thought I would post here too. I just recently passed the CISSP, and just found out after taking the exam that the Security+ exam can be used towards the MCSE Security exams as an elective. I already have my MCSE in Windows NT and 2000, but was thinking of upgrading to the Windows 2003 MCSE: Security level.
I wanted to know if anyone that has their CISSP has ever taken the Security+ after achieving their CISSP ? I am not looking for a braindump, but merely some information as to the exam differences. I have ordered the Syngress book and will most likely take the exam soon because I think most of it I already know. One main difference that I can tell between the CISSP and the Security+ exams based on postings here on the forum and other forums is that I was not required to memorize port numbers (kinda stupid to me, why memorize them when you can just as easily look them up !!) and secondly, the CISSP no longer requires you to memorize U.S. law....is this still required for the Security+ ?? Any input would be appreciated.
Sunny

keatron · March 2006

Well, I've taken both tests and they are like day and night. Some of the content is slightly overlapping but the difficulty level of the questions and the way they are presented are in no way similar.

Read the Security+ objectives here. http://www.comptia.org/certification/Security/objectives.aspx?sent=1

Since you've already taken the CISSP there's no need to point out the CBK domains at this point. Is Security+ easier? Yes. Does that mean that because you've passed the CISSP you wont have to study for Security+? Absolutely not. Even though it's a lower level certification that does not cover nearly as much material as the CISSP, it is still a formidable exam that you should prepare for properly. You've been down the MCSE tracks so you can understand my point here. Just because you passed 70-216 (the beast) doesn't mean you can take the others without studying. Remember to post back after you test and let us know how it went.

Good luck.

sart · March 2006

CISSP?
Don't waste time, money, or effort on the strictly-entry level Security+.

If your only goal is for an elective, get a book fill in the blanks and study for a half week. You're way above this stuff.

JDMurray · March 2006

sart wrote:

CISSP?
Don't waste time, money, or effort on the strictly-entry level Security+.

sunnysysadm's rationale is that the Security+ is necessary for upgrading to MCSE+Security. I'd also say it's necessary if sunnysysadm were going to teach a class on the Security+ certification.

keatron · March 2006

sart wrote:

CISSP?
Don't waste time, money, or effort on the strictly-entry level Security+.

If your only goal is for an elective, get a book fill in the blanks and study for a half week. You're way above this stuff.

I have to disagree with this advice. First of all, no one is ever "above" a certification examination. Having taught many classes for Security+ and now teaching a few for CISSP, I would advise against getting a book, filling in the blanks and studying for half a week. And for future reference, don't take any exam lightly because of any certification you already have.

HHHTheGame · March 2006

OK, I partially agree and disagree with the above comments. The main question has to be...

What is your end goal? If you're looking for a job in the security field, then the CISSP is one of the highest certs that shows your knowledge. If you JUST had the Security+ going for the same job, you wouldn't get it. On the other hand, if you just have a thirst for knowledge and must get every cert possible, then there's no harm in the Security+.

keatron · March 2006

HHHTheGame wrote:

OK, I partially agree and disagree with the above comments. The main question has to be...

What is your end goal? If you're looking for a job in the security field, then the CISSP is one of the highest certs that shows your knowledge. If you JUST had the Security+ going for the same job, you wouldn't get it. On the other hand, if you just have a thirst for knowledge and must get every cert possible, then there's no harm in the Security+.

You should read his original post entirely. His purpose for taking Security+ is to serve as an elective for his MCSE Security requirements. I'm not attempting to say whether or not he needs it, I'm simply advising him that he should prepare for the exam properly since he's already decided he needs it for his MCSE Security

sunnysysadm · March 2006

Thank you all for your responses. Another twist on this topic is this....unfortunately, not every organization is aware of the CISSP certification or possibly even the Security+ certification. If you take the time to do a search on monster.com based on a search criteria of either CISSP or Security+ , you most likely would get two entirely different lists of available jobs. So, I figure by picking up the Security+ cert, not only could I gain the elective needed towards the MCSE:Security cert, but also avail myself to a job I might not have gotten for only having the CISSP. Make sense ?? I will definitely take the time to study for the Security+ exam and not take anything for granted. Another thing I like about the Comptia exams is once you have them, they are good for life...no renewing and no CPE's to worry about.
Thanks again,
Sunny

mikeyoung · March 2006

sunnysysadm wrote:

Thank you all for your responses. Another twist on this topic is this....unfortunately, not every organization is aware of the CISSP certification or possibly even the Security+ certification. If you take the time to do a search on monster.com based on a search criteria of either CISSP or Security+ , you most likely would get two entirely different lists of available jobs. So, I figure by picking up the Security+ cert, not only could I gain the elective needed towards the MCSE:Security cert, but also avail myself to a job I might not have gotten for only having the CISSP. Make sense ?? I will definitely take the time to study for the Security+ exam and not take anything for granted. Another thing I like about the Comptia exams is once you have them, they are good for life...no renewing and no CPE's to worry about.
Thanks again,
Sunny

Sunny: Welcome over to Techexams. I have been away from here for a couple of weeks and it was good to see your name and good to have another CISSP (i know you don't have the cert in your hand yet).

I think you are right about the limited visability for CISSPs out there, but I want to tell you that it is so much better than it was, just six months ago and getting better every day.

Info Sec is the HOTTEST area of computers/networking/programming right now. If you go to careerbuilder.com right now and search just on CISSP. you will get pages of hits [i just got 482 nation wide. some of the qualifications these people ask for are quited comical too and i don't put a lot of stock in actually getting a job from these boards, but that would be another post]

Granted not all employers really understand what they are asking for and the term "CISSP" is often lumped in with other security certs, but a LOT of employers do understand the cert and it's value. And with all of the compliance and security issues these days, there are a tons of folks needing our expertise. Heck soon there will be more people auditing and "assuring" than there will be actually doing the work that needs to audited and "assured."

I am not looking for job, but I would be encourgaed if I was. If you are looking, you should be encouraged too. You have an MCSE and a CISSP, man. YOU might be the next HOTTEST thing in Info Sec.

Keatron: I love your new icon/avatar. It is really sharp.

Thanks for reading,

Mike

keatron · March 2006

Mike!!! There you are!!! We've definitely missed you around here man. Glad to have you back. And thanks for the compliments.

CISSP done....now Security+ ??

Comments