Worth going for Associate of (ISC) ?
I have about 5yrs of IT experience but not in Security. With Security+ I can get a 1yr waiver towards required experience. Is it worth pursuing associates or should I be looking at something else instead?
Certs: CISSP, CySA+, Security+, Network+ and others | 2019 Goals: Cloud Sec/Scripting/Linux
Comments
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
lol, the more I hear stuff like this, the less I think the value of some certifications are. Misses the point of the certification and is against ISC2's code of ethics.
I just explained this to a colleague today.
'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil
WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
*****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****
Connect With Me || My Blog Site || Follow Me
Honestly if you have done anything related to two or more domains you will be fine, just make sure to word your resume correctly. IT is closely related by hardening systems, account management, and many other duties. Also, if you have Security+ or a degree...you get 6 years to acquire the 4 needed (the waiver removes one year). I would not take the exam until around 2.5-3 years experience or more though because you don't benefit much in the short term by taking the exam early but at that experience level you shouldn't be hurt much by the study time.
For the comment on the ISC2 Chapter Rep...unless it is somebody paid by ISC2, I would take what they say with a grain of salt but most tech jobs that we all have should be applicable to the requirements.
The individual was an employee of (ISC)2 but you do make a valid point about due diligence. Always take the advice given with a grain of salt as one person, even a competent endorser, may get the process wrong. Getting someone to review your resume before you sit for the exam should only be used for peace of mind, honestly, as TechGuru80 is spot on with his advice. If you have the necessary experience and you word your resume correctly, you shouldn't have any issues getting through the system. Even if they audit your application you would be golden. If you know you don't have the experience, then don't try to get the full endorsement and just take your Associate status and build the necessary experience to fulfill the requirements. Too easy, in my opinion.
I think, given the rather busy schedule I have to the end of the year, that I will start my studying for CISSP after the New Year and aim for end of first quarter, beginning of second quarter testing.
Connect With Me || My Blog Site || Follow Me
Not sure if you're in the Navy but anyone in the military can knock out one domain just by having to stand watch (Physical Security) which will count as a check in the box. If you recall they speak about physical security within the CBK. All you need to do is find something else in your experience that covers one of the other 7 domains.
~Unknown
Or just post it here. You might find tougher critics on TE
The reason for this was to answer the increasing (perceived) demand for certified analysts. Wish I had saved the articles from that time but a number of interviews were given to primarily Federal computing publications outlining the new regimen. Old timers howled at the moon about it but eventually gave up.
We want bodies not well qualified bodies. Just the bodies, thanks.
Yes, please go ahead and report me to the ISC(2) again. LOL
- b/eads
Exception are not the rules... there are some very good 23yo and some 50yo smuck with 30 year of experience who shouldnt be allowed near a computer. However by asking an exam and verifiable experience, it mitigate the risk of a having 14yo CISSP, with 3 MCSE and all Comptia certs. This discredit the certification and dont help anybody. I would not have said this at 20yo, but knowledge is something important, but at 41yo, I can tell you that experience, networking(people) and knowledge make you a career (order of those criteria is not of importance).
I wouldn't expect a certification body to go anymore in depth then what they do now. Are supposed try and judge the difficult of people's positions now?
'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil
Done and done
CISSP - live n' kickin'
My CISSP study apps
My CISSP study advice blog
You can always go for SSCP & Security + first.