Security+ SY0-401 exam

just passed the exam couple of hours ago score of 835. exam was pretty hard. study material i used was
Darril Gibsons study, and CBT nugget security+ by Keith Barker. studied about 1month for this at least 4-6hours a day.

[removed exam discussion]

Not sure what to study next.

Find more posts tagged with

Comments

alfred06

what do you guys think of SSCP? I want to try and get CISSP. I've seen alot in this forum they just go straight to CISSP. is SSCP any good?

tedjames

At Darrill Gibson's suggestion, I went right to work studying for the SSCP exam. I was going to start on CISSP, but then I looked at the SSCP exam objectives. SSCP is a kind of in-between certification. It covers a lot of aspects of both Security+ and CISSP, and I felt it would benefit me to earn it first. Also, I don't have enough experience to satisify the CISSP requirements. After earning Security+, I studied for about 8 months (hour or so a day) for SSCP. I probably could have taken it 2-3 months sooner, but I just didn't feel confident enough to take the test that soon. I took the SSCP exam in early April 2015. They changed the test about a week after I took it, so I guess that was motivation for me to get it done. I'm happy that I chose to go this way. Passing this exam opened some doors for me. I was going to go right into CISSP, but I started a new job and my boss felt (and I agreed) that I should focus on growing my technical skills and learn, among other things, penetration testing. I'll get back to CISSP eventually. But for now, I'm going to learn as much as I can on the technical side.

For you, it depends on where you want to go. If you want to be on the technical side, I would look into eLearnSecurity's penetration testing courses and certifications or possibly the CASP certification. If you want to be on the management/governance/risk side, you may consider studying risk management and similar topics and then work toward CISSP and eventually CISM (or CISA). Or you could look into working both sides. My last boss was equally good at both, being a former penetration tester and an attorney.

alfred06

tedjames wrote: »

For you, it depends on where you want to go. If you want to be on the technical side, I would look into eLearnSecurity's penetration testing courses and certifications or possibly the CASP certification. If you want to be on the management/governance/risk side, you may consider studying risk management and similar topics and then work toward CISSP and eventually CISM (or CISA). Or you could look into working both sides. My last boss was equally good at both, being a former penetration tester and an attorney.

Thank you Tedjames, that made it clear for me on what path I want to take. SSCP then look into what you suggested, Pentest/CASP Technical side sounds like the one I would like to pursue in the next few years or so. Thanks again, appreciate it

tedjames

Excellent! A lot of people start with the eLearnSecurity courses and then move on to OSCP for more advanced training and certification.

There are lots of free and low cost online training sources such as Cybrary, Udemy, Professor Messer, Security Tube, Eli the Computer Guy (check out his YouTube channel). It might be a good idea to get your feet wet with these sources before moving on to more expensive training, depending on your experience level.