Path to achieve CISSP

Good Afternoon,

I have been working in IT for 16+ years doing both roles (Network Admin and System Admin), I am tired of these areas and want to get in to something new like cyber-security as a nice change from what I do now.

I have a bachelor’s degree in Management Information Systems, but I do not have any certifications.

Even though I play the role as a Network administrator, I find my strengths are more in System Administration. My networking skills are more at an intermediate level, compared to my system administration skills which I would rate as advanced level.

I would like to pursue the CISSP, but am not sure on the path I should take. At the moment after reading several articles on the net I am considering the below path:

CompTIA Network+
CompTIA Security+
SSCP
CISSP

However I am not sure whether this path is OK or not with the background I stated above.

Can you please help me with the questions below:

1. Is my certification path a good one to achieve the CISSP?

2. Should I do the Network+ certification or the CCNA? From what I have read CCNA is more on Cisco products compared to the Network+ which I hear is more of a broader scope on networking.

3. Which should be done first, Network+ or Security+?

4. I have read that before sitting the SSCP and CISSP that I must have so many years work experience in information systems security. Would I be eligible for this as I do not really understand what they mean by “information systems security”. If you can list some examples of this I could see if I qualify.

I appreciate any information that can be given to me to help me with this new career path.

Thanks and Kind Regards,

Kevin

Find more posts tagged with

Comments

yoba222

I'd skip the Network+ and SSCP. I'd consider skipping the Security+ too, but it might help simply in buffing your test-taking skills. CCNA is good to have, but it will expire in 3 years unless you take more Cisco exams--Cisco doesn't do CPEs/CEUs.
Sysadmin does enough security stuff that I'd imagine you're good on the 5 year experience requirement.

callevieja

Hi Yoba,

Thank you for your time, I appreciate your input very much.

Kind Regards,
Kevin

mikey88

The certification path you listed is good for padding your resume but is probably not necessary. In fact, the ones you listed are entry level certs and won't do much for you career wise. If your goal is to get CISSP, just read a book or two and take the exam. Not much to it.

triplea

The sscp and sec+ can be used to knock a year off of your experience requirements

duta74

If your goal is CISSP, IMHO Network+ and Security+ not needed.
Go to SSCP to enter Security side of IT and after that go to CISSP.

LonerVamp

From your work experience, the path to CISSP should be:
- study
- study
- study
- take the exam and pass!

If you're looking for another job, feel free to do the other certs in your path, but if not, I'd honestly just jump into the deep end right away and study directly for the CISSP.

For the work experience, look at the domains covered in the CISSP. Have you done anything in any of those domains before? I bet you have: account management in AD, permissions, encryption certificates, managing devices and systems to some standard configuration, local and network firewall configuration, antivirus installation and maintenance, and so on.

alan2308

mikey88 wrote: »

If your goal is to get CISSP, just read a book or two and take the exam. Not much to it.

That's spoken like someone who's never actually taken the CISSP.

mikey88

It's spoken like someone with an opinion on a subject. Like I said, not much to it. Read a book, answer some multiple choice questions. Get the cert.

-_-*,,|,

Info_Sec_Wannabe

callevieja wrote: »

I would like to pursue the CISSP, but am not sure on the path I should take. At the moment after reading several articles on the net I am considering the below path:

CompTIA Network+
CompTIA Security+
SSCP
CISSP

However I am not sure whether this path is OK or not with the background I stated above.

Given your experience, I would suggest, as what most have stated here, to simply go directly for the CISSP certification.

However, when you say "get into cybersecurity", are you referring to the technical or management aspect of it? CISSP (is always a good addition to one's credentials) is geared towards the management side of things and I've seen people who attempted to transition from technical to management who found it boring (depends on the environment I guess).