quick question

SoulreaverSoulreaver Member Posts: 74 ■■□□□□□□□□
ive been reading about the requirements for the cissp and sscp certification exams, and it said i needed 5 years work experience or a masters in information security in order to be certified.

on the website it also said that in order to become an associates i had to pass one of the cissp sscp exams and it was an entry level certification.

im a little confused by this, does this mean i can take either exam whenever i want and if i pass i would only become an associates?

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,671 Admin
    The CISSP requires five years of work-related experience in at least two of the ten domains of the CBK. You can knock one year off for having a specific IT certification (like Security+ or MCSE), and a second year off for having a 4-year college degree. You also need an endorsement from an (ISC)² credential holder that knows your work and experience (see CISSP Applicant Requirements).

    The SSCP Applicant Requirements include at least one year of cumulative work experience in one or more of the seven domains in information security covered by the SSCP exam. There are many experiences listed which are accepted, but IT certifications aren't among them. Review the SSCP Work Experience Requirements page to see if you meet the requirements in other ways. The SSCP cert also requires an endorsement from an (ISC)² credential holder that knows your work and experience.

    If you do not meet the requires for the CISSP or SSCP, you can still take and pass the CISSP or SSCP exam to become an Associate of the (ISC)². Later, when you have gained the necessary experience, you can be promoted to be fully CISSP-certified.
  • SchluepSchluep Member Posts: 346
    Actually, you can become an Associate of (ISC)² by taking the SSCP exam as well if you do not meet the one year work experience requirement. This is stated at How to certify SSCP and also on the page JDMurray linked regarding the Associate of (ISC)².

    If you sit for the CISSP or SSCP exam with the intent to become an Associate of (ISC)² since you do not meet the work experience requirement you will still need to notify (ISC)² before the Associate of (ISC)² designation expires when you have completed the work experience requirement. You will then be provided with the endorsement forms to be endorsed by an (ISC)² credential holder that knows your experience. The Associate of (ISC)² designation is valid for 2 years for SSCP (which has a 1 year work experience requirement) and 6 years for CISSP (which has a 5 year work experience requirement).
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,671 Admin
    Schluep wrote:
    Actually, you can become an Associate of (ISC)² by taking the SSCP exam as well.
    Whoa, I never noticed that there is an Associate of (ISC)² for SSCP. I updated my previous posting and stand corrected.
  • SoulreaverSoulreaver Member Posts: 74 ■■□□□□□□□□
    thank you for clearing it up :)
Sign In or Register to comment.