SSCP study and endorsement question

KakKak Member Posts: 2 ■□□□□□□□□□
Hi all,

I am a security engineer [mainly firewalls/AV etc] for an ISP with over 5 years experience. I passed the Security + 2 years ago. I have also passed the CISMP which is the British Computer Societies equivalent to the Security+/SSCP. I meet all the relevant criteia to take the CISSP exam, but I have decided to take the SSCP intially and once completed I will move over to the CISSP. The reason for this is a confidence thing. Plus I suspect once I have passed the SSCP I will continue straight onto the CISSP so the progression should be much easier!

My questions:

1) Study material? I will use cccure.org, but I do a lot of running so ideally would like a MP3 version of a SSCP book I can stick on my player. Any suggestions? If not, I was considering recording my reading from a book, but this takes time. The forum has recomended CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One). Would this be recommended reading for the SSCP too?
2) I am aware that I require endoresment exclusively from an (ISC)²-certified professional in good standing. I do not know anybody! Our Business & Security Manager is not SSCP/CISSP qualified. Suggestions?

Regards

Kak

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,892 Admin
    Kak wrote:
    1) Study material? I will use cccure.org, but I do a lot of running so ideally would like a MP3 version of a SSCP book I can stick on my player. Any suggestions? If not, I was considering recording my reading from a book, but this takes time. The forum has recomended CISSP Certification All-in-One Exam Guide, 4th Ed. (All-in-One). Would this be recommended reading for the SSCP too?
    Besides the Official (ISC)2 SSCP Study Guide, Shon Harris' AIO CISSP is the one to study for the SSCP as well. I'm taking the SSCP on April 27th and those are my two primary texts. The Information Security Management Handbook by Tipton et al. is my third.
    Kak wrote:
    2) I am aware that I require endoresment exclusively from an (ISC)²-certified professional in good standing. I do not know anybody! Our Business & Security Manager is not SSCP/CISSP qualified. Suggestions?
    The SSCP certification does require an endorsement, but not until after you pass the exam (the same is true of the CISSP and CAP). Just sign up for the exam on line, agree to the ethics code, state your professional qualifications, upload a copy of your resume, submit a credit card payment ($369USD), and wait for approval. Make sure that you familiarize yourself with the SSCP How to Certify page and read this posting.

    UPDATE: Fixed info about SSCP cert endorsement.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,892 Admin
    Uh-oh, my bad. I just found a link on the (ISC)2 Web site that indicate an endorsement is necessary after passing the SSCP exam to be awarded the SSCP certification. I find it very strange that this important fact isn't mentioned in the FAQ referenced by the CISSP/SSCP/CAP exam registration form itself. I registered for the SSCP on the Web site and never fully read the printed form.
  • KakKak Member Posts: 2 ■□□□□□□□□□
    Hi JD,

    Many thanks for your response.

    Their strapline is 'Examination, Certification, Endorsement and Maintenance.'

    Even after reading a number of posts on here and reading the ISC site it is not completely clear. I will endeavour to dig a little further.

    Regards

    Kak
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,892 Admin
    It can be difficult to find information on the (ISC)2 Web site. I noticed that after the changes in 2007 to the CISSP experience requirements, endorsements, and how CPEs are to be reported, not all of the relevant pages on the (ISC)2 Web site were updated, and this has created some confusion.
  • sherryInPhillysherryInPhilly Member Posts: 3 ■□□□□□□□□□
    Hi there,

    I used only the SSCP Official Study Guide and passed the exam last March 1st. I started prepping about a month beforehand. Most of the material was basically a review of what I had learned in my several Info Sec grad classes at Iowa State University. (BTW, they have a good online program if anyone's interested.)

    I didn't pursue the CISSP because I wasn't sure I met the experience qualifications. I work as a software developer on security-related networking & telecomm projects.

    cheers!
    Sherry
    SSCP & Sun Certified Java Programmer
  • nangananga Member Posts: 201
    I would suggest... AIO and then go through the offical guide. I am not a big fan of official guide.
    Stick to the domains in AIO ...would b helpful.Its a easy read and concepts are very well explained in AIO. Skimp through the official guide.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,892 Admin
    I'm using the SSCP and CISSP Official (Gold) books and the AIO to study for the SSCP. I have to admit that I'm a bit frustrated of how poorly the SSCP Gold book (2007 edition) is formatted and edited. It is really a difficult read and learning experience. The editor missed numerous cut-and-paste errors and didn't seem to comprehend the proper use of tables and bullet lists. This is surprising to me, as the structure and content CISSP Gold book is much more sound. I've decided to drop the SSCP Gold book and just use the CISSP books and their CDs to study for the SSCP.
  • nangananga Member Posts: 201
    just to confirm...I passed by SSCP Associate exam last week. Do I still have to find an edorser. Or i should wait till i gather 1 yr of exp before I endorse and get my certification.

    Are there any other formalities I have to complete after the fact that I have got my SSCP Associate !!!!

    Thanks again for all your help and suggestions
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,892 Admin
    nanga wrote:
    Are there any other formalities I have to complete after the fact that I have got my SSCP Associate !!!!
    https://www.isc2.org/cgi-bin/content.cgi?page=1276
  • sherryInPhillysherryInPhilly Member Posts: 3 ■□□□□□□□□□
    Nanga:
    I think the answer to your question can be found at the link below...Here's the relevant passage:
    The Associate of (ISC)² for SSCP designation is valid for two (2) years from the date (ISC)² issues the "pass" email. Associates of (ISC)² for SSCP have a maximum of two (2) years to obtain the required experience and submit the required endorsement form for certification as a SSCP.

    from : https://www.isc2.org/cgi-bin/content.cgi?category=1330

    BTW, congrats on your SSCP certification! I'm newly certified as well.
  • nangananga Member Posts: 201
    hey sherry,
    thanks...so what I interpret is
    1) I have to 2 years from the email received day to gain the required exp and an endorser to submit it to ISC

    [:D]

    thanks again
Sign In or Register to comment.