SSCP

2»

Comments

  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Here is the home page of a guy in Chicago named Bill Slater who has both the CISSP and SSCP. I know that I've seen him posting on a certification or security web board somewhere. Anyone know him? Is he on TechExams?

    Anyway, maybe we could get him to hop on to this thread and put his $0.02US in about the SSCP.

    http://****.com/capella/wfs_bio.htm
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    Although it is somewhat like mentioning both MCSA and MCSE, when you eventually go for CISSP, the SSCP will look good with it and when you get choosen for a job over someone with only CISSP, it will be worth the $369.

    Because I don't have a degree, I need the full 4 years, while I can only get to 2 and maybe 2.5 depending a bit on how strict they take the job title. I was usually contracted for short periods (2 to 6 months), and in longer cases I often did different things under different job titles such as sys admin, net admin, consultant, project manager, trainer, even infrastructure architect (always liked that one, although it sounds much more complicated than it is) and several others that companies felt the need to make up when IT got booming. Anyway, most security related work I did as a consultant or project manager clearly counts as experience that falls under those CISSP domain (i.e. implementing viruswalls, securing internet connections, secure email, single sign on via netscape directory server and exchange 5.5, lots of virus protection related to email, mostly in environments of 1000+ users), but, as a sys admin and network admin, I implemented auditing controls, access lists, lots of monitoring and reporting, os hardening, distaster recovery plans and have experience with many items from the telecommunications and network security domain. However, when I read the requirements on the ISC2 site it seems the things I did as a sys/net admin don't count. What bothers me with this is that, at least on this side of the pond, security was usually a part of some IT job, not a job by itself. I hope to be able to get those remaining years mainly by writing and hopefully teaching security related certs, starting with the entry-level...
    Here is the home page of a guy in Chicago named Bill Slater who has both the CISSP and SSCP. I know that I've seen him posting on a certification or security web board somewhere. Anyone know him? Is he on TechExams?
    I always thought Ten9t6 was the only one here with SSCP, but that page does look familiar...
  • /usr/usr Member Posts: 1,768
    I think I've decided to go with three SSCP books and NOT the CISSP book.

    One of the SSCP books is $3 from a seller on amazon, so I can't pass it up. The other two are the two which multiple people recommended on the site you referred me too. With these two, plus all material I can find online, I should be safe. (I hope)

    Any words of advice before I go ahead and buy these?

    Secured Computing: A SSCP Study Guide (recommended)
    SSCP Study Guide and DVD Training System (recommended)
    The SSCP Prep Guide: Mastering the Seven Key Areas of System Security ($3 one)
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    I think that should allow you to cover all exam objectives. I haven't been able to find much online SSCP stuff (apart from cccure.org), but there are plenty of docs and white papers on the individual items if you really need any info in addition to those books, although I doubt you'll need that with SSCP books and the knowledge you gained from Sec+ and CEH already. I noticed Hacking Exposed is also on the reference book list (in the Study guide/objectives).

    Do any of these books come with practice exams? I'm considering getting the preplogic CISSP practice exams for this and hopefully be able to practice per domain (and skip the CISSP-only domains). Please let me know which one of the three you think is best, I might pick up a SSCP book in addition to the CISSP guide afterall just to get a better idea of the scope of some topics.
  • /usr/usr Member Posts: 1,768
    They won't be shipping until the 30th or so. One was on backorder and since I got free shipping, they'll just send both at once.

    That's fine with me, I want to finish up 'Hacking: The Art of Exploitation'. Plus I'm going to make an attempt at learning Perl and I just got the books today.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    /usr wrote:
    Plus I'm going to make an attempt at learning Perl and I just got the books today.
    Don't wear out your finger typing all of those $. icon_wink.gif
  • Ten9t6Ten9t6 Member Posts: 691
    /usr wrote:
    They won't be shipping until the 30th or so. One was on backorder and since I got free shipping, they'll just send both at once.

    That's fine with me, I want to finish up 'Hacking: The Art of Exploitation'. Plus I'm going to make an attempt at learning Perl and I just got the books today.

    Perl is interesting...from what I have seen (little bit)...I just got out of a C class ...and I am currently in a Java class. Learning programming will improve your security skills....

    Have fun...
    Kenny

    A+, Network+, Linux+, Security+, MCSE+I, MCSE:Security, MCDBA, CCNP, CCDP, CCSP, CCVP, CCIE Written (R/S, Voice),INFOSEC, JNCIA (M and FWV), JNCIS (M and FWV), ENA, C|EH, ACA, ACS, ACE, CTP, CISSP, SSCP, MCIWD, CIWSA
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Ten9t6 wrote:
    Learning programming will improve your security skills....
    What you will learn is just how many computer and network security problems are caused by poor soft/firmware design and implementation.

    One day it will be a crime to release unsecured software. Until then the InfoSec people will have job security. icon_wink.gif
  • /usr/usr Member Posts: 1,768
    Is this SSCP a very technical exam? By technical I mean, do you have to know how to configure certain things, or know what certain commands do?

    If not, is it more theory, just more advanced than something such as Sec+?
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    /usr wrote:
    If not, is it more theory, just more advanced than something such as Sec+?
    Indeed, concepts and theory. The CISSP exam is sometimes referred to as a mile wide and an inch deep, and that goes for SSCP as well. Judging from the study material, I see SSCP as Security++. SSCP includes almost all the Security+ topics plus a bit more, and more detailed, and I think the exam itself is harder and more detailed as well. But you don't have to know any commands, code, or configs.
  • /usr/usr Member Posts: 1,768
    That's good. I really need to brush up on general security, as opposed to focusing on a vendor or OS.

    After this, I'll probably try to focus more on something specific.
Sign In or Register to comment.