Security ++ , New Certification?

wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6Member Posts: 1,011 ■■■■□□□□□□
From born to learn blog.

It looks like CompTIA has a big target this year.

Information Security Professionals needed! - Born to Learn - Born To Learn - Born to Learn
Information Security Professionals needed!

Posted by J. Seymour (Microsoft) on



Are you the “security guy/gal” in your company? Did you implement a multi-factor authentication protocol for your refrigerator? If security is what you “do” I have a favor to ask. Our friends over at CompTIA are developing a new advanced security certification exam to follow their Security+ exam and they’re looking for your input on the exam objectives. This is very similar to what MSL does with our “blueprinting” exercise when we develop an exam. It should take only 10 minutes to complete and can be found here:
https://s-xut5m-345723.sgizmo.com
As an added bonus, CompTIA is giving away a CompTIA T-shirt to every 10th person who completes the survey!
/B]cue the fast talking announcer[B CompTIA values your privacy. Results are completely anonymous and the data will only be viewed in the aggregate. The survey will be open until September 8, 2010. Please contact [email protected] if you have any trouble with the survey.
Thanks in advance for helping our friends out!
«13

Comments

  • apena7apena7 Member Posts: 351
    Interesting....
    Nice find!
    Usus magister est optimus
  • erpadminerpadmin Member Posts: 4,165
    wd40 wrote: »
    From born to learn blog.

    It looks like CompTIA has a big target this year.

    Information Security Professionals needed! - Born to Learn - Born To Learn - Born to Learn


    My guess is this will be the one that will be the cert that has to be done every three years after the next year rolls around.

    I'm not going to lose any sleep if I don't take this, but I won't mind doing a beta.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    cool! comptia is really on the move.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    erpadmin wrote: »
    My guess is this will be the one that will be the cert that has to be done every three years after the next year rolls around.

    Yea, that was my initial thought too. Now they've got a way for all the current Security+ holders to get stuck in a renewal cycle.

    I just have to ask, is it necessary? Why not just do an SSCP? It'll be interesting to see the objectives once they're released, but this seems kind of redundant.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    dynamik wrote: »
    Yea, that was my initial thought too. Now they've got a way for all the current Security+ holders to get stuck in a renewal cycle.

    I just have to ask, is it necessary? Why not just do an SSCP? It'll be interesting to see the objectives once they're released, but this seems kind of redundant.

    Grr, and to make our current certification worthless... icon_twisted.gif

    Ah well, I'm going to be working on the SSCP soon enough icon_cool.gif
    Currently working on: Linux and Python
  • erpadminerpadmin Member Posts: 4,165
    dynamik wrote: »
    I just have to ask, is it necessary? Why not just do an SSCP? It'll be interesting to see the objectives once they're released, but this seems kind of redundant.

    I am not really sure, but it sounds like CompTIA wants us IT professionals to go through too much trouble for their exams. It's not like you'd be going for the SSCP or CISSP when you sit for them.

    If beta exams are free, might not be a bad deal to take it, but I would wonder more if by getting this exam after this year-end will invalidate the lifetime cert some of us already have with regular Security+. If it does, then I personally wouldn't bother.
  • rwmidlrwmidl CISSP, CISM, MCSE, MCSA, MCPxAlot Worldwide AvailabilityMember Posts: 807 ■■■■■■□□□□
    I'd be interested in doing a beta. Then again I'd have to see what the scope of the final product is before deciding for certain.
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    I would be interested in taking this test. I already meet the prereq...
    Did you implement a multi-factor authentication protocol for your refrigerator?
    Decide what to be and go be it.
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,011 ■■■■□□□□□□
    dynamik wrote: »
    I just have to ask, is it necessary? Why not just do an SSCP?

    Because I, and others do not meet the experience requirements needed to get the SSCP.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    All you need is one year in one of the domains: https://www.isc2.org/sscp-professional-experience.aspx

    If you don't have that, why would you be trying for an advanced certification?

    You can also take it without the experience and be an associate if you're just looking for something to pad your resume and look competent for getting into an entry-level position.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    dynamik wrote: »
    All you need is one year in one of the domains: https://www.isc2.org/sscp-professional-experience.aspx

    If you don't have that, why would you be trying for an advanced certification?

    You can also take it without the experience and be an associate if you're just looking for something to pad your resume and look competent for getting into an entry-level position.

    I've worked with lots of those things, but it has never been my only task. I don't think it would qualify.
    Decide what to be and go be it.
  • erpadminerpadmin Member Posts: 4,165
    dynamik wrote: »
    All you need is one year in one of the domains: https://www.isc2.org/sscp-professional-experience.aspx

    I have 7 years of generating SSL certificates for Verisign Managed PKI. First part of that 7 years, I ran Managed PKI as well. Second part I just generate certs. Now we have EV certs, so based on that, I could sit for this exam.

    Having said that...it's a thought. :)
  • erpadminerpadmin Member Posts: 4,165
    Devilsbane wrote: »
    I've worked with lots of those things, but it has never been my only task. I don't think it would qualify.

    I wouldn't count yourself out of the running quite yet. I'm sure as with everything else there are loopholes upon loopholes, especially if you've done a lot of those.
  • wd40wd40 CISA, eJPT, MCP, MCTS, CompTIA x 6 Member Posts: 1,011 ■■■■□□□□□□
    dynamik wrote: »
    All you need is one year in one of the domains: https://www.isc2.org/sscp-professional-experience.aspx

    If you don't have that, why would you be trying for an advanced certification?

    You can also take it without the experience and be an associate if you're just looking for something to pad your resume and look competent for getting into an entry-level position.

    Good Point :D, I guess we will have to wait and see how advanced the new certificate will be :D.
  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    Their time estimate for the survey is way off as I took way longer than 10 minutes.
    I also wish they didn't want your personal info before saying if you won the t-shirt. It should be set up to submit and then if you won the t-shirt ask for your info.
    I'm with Devilsbane but to more of an extreme. The only experience I have is when setting up some home networks and the 2 offices that I've done now. I've done very little security related things so far. I may go after the SSCP eventually but would prefer to get the real thing if I'm going to have to study for it.
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • SephStormSephStorm Member Posts: 1,732
    dynamik wrote: »
    All you need is one year in one of the domains: https://www.isc2.org/sscp-professional-experience.aspx

    If you don't have that, why would you be trying for an advanced certification?

    Knowledge. I'm sure I am not the only younger person, who isn't looking to validate skills one has had for some time, but to learn a new technology, or to learn how to do something new. i.e, If I were to take the CWNA, it would be to learn wireless technologies, and certify my knowledge of them.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    SephStorm wrote: »
    Knowledge. I'm sure I am not the only younger person, who isn't looking to validate skills one has had for some time, but to learn a new technology, or to learn how to do something new. i.e, If I were to take the CWNA, it would be to learn wireless technologies, and certify my knowledge of them.

    Then study whatever you want. That argument makes no sense in choosing one certification over another when the content will likely be nearly identical.
  • SephStormSephStorm Member Posts: 1,732
    I disagree, How am I supposed to know the material is the same? Or what skills are necessary for me to learn what I want? All I have to go on (minus this and a few other forums) is the opinions of other individuals who have been doing this for longer than myself.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    SephStorm wrote: »
    I disagree, How am I supposed to know the material is the same?.

    By comparing the exam objectives?

    This will obviously remain to be seen, but the SSCP and CISSP are the next logical steps for these types of exams. They may go in another direction, but there are so many other infosec certs out there that I think CompTIA is going to have a very difficult time coming up with something that is completely unique.
    SephStorm wrote: »
    Or what skills are necessary for me to learn what I want? All I have to go on (minus this and a few other forums) is the opinions of other individuals who have been doing this for longer than myself.

    No, you need to figure out what you want. Your career and skill set are going to be a mess if you just rely on others to tell you want to do. There are too many disciplines within information security for someone to just provide you with a simple path to follow.

    This goes back to the point I was making about you learning whatever you want to and not worrying about obtaining certs. You're going to be spinning your wheels and wasting time and money if you're just obtaining certs for the sake of obtaining certs. I've been there, and it's not a good strategy. This is exactly why you shouldn't be obsessing over certs and instead should be researching and experimenting on your own to determine what you want to do.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    dynamik wrote: »
    By comparing the exam objectives?

    This will obviously remain to be seen, but the SSCP and CISSP are the next logical steps for these types of exams. They may go in another direction, but there are so many other infosec certs out there that I think CompTIA is going to have a very difficult time coming up with something that is completely unique.

    They really don't have to. All they have to do is get something that is relatively respected and get HR/IT managers to respect it. The + at the end of it may help out with that. Something with some sims and that touches on more than one OS (Windows/*NIX/IOS) would be awesome. I am not sure how they would have to deal with other vendors but if they would have sims from at least 3 major companies products, that would put this cert head and shoulders above most other advanced entry level certs. IMO they may need to team up with a smaller company on this one like Elearnsecurity or Offensive Security and build the cert in that manner. That would make it epic.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    knwminus wrote: »
    They really don't have to. All they have to do is get something that is relatively respected and get HR/IT managers to respect it. The + at the end of it may help out with that. Something with some sims and that touches on more than one OS (Windows/*NIX/IOS) would be awesome. I am not sure how they would have to deal with other vendors but if they would have sims from at least 3 major companies products, that would put this cert head and shoulders above most other advanced entry level certs. IMO they may need to team up with a smaller company on this one like Elearnsecurity or Offensive Security and build the cert in that manner. That would make it epic.

    Like I said, we'll have to wait and see. While CompTIA's popularity is unquestioned, they also have the stigma of being entry-level. I think you're being a bit optimistic if you're hoping for an "epic" exam from CompTIA, but you never know ;)
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    dynamik wrote: »
    Like I said, we'll have to wait and see. While CompTIA's popularity is unquestioned, they also have the stigma of being entry-level. I think you're being a bit optimistic if you're hoping for an "epic" exam from CompTIA, but you never know ;)

    To quote John Wayne, "That'll be the day" [The Searchers]
    Currently working on: Linux and Python
  • steve13adsteve13ad Member Posts: 398 ■■■■□□□□□□
    Just curious, did anyone win a T-shirt?

    Born to learn said it was every 5 questionnaires got a shirt, but Comptia said it was every 10.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    steve13ad wrote: »
    Just curious, did anyone win a T-shirt?

    Born to learn said it was every 5 questionnaires got a shirt, but Comptia said it was every 10.

    I haven't heard anything yet.
    Decide what to be and go be it.
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    Haven't heard a thing. I am hopeful :D
    Currently working on: Linux and Python
  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    seems with the # of people here who probably took it someone should have won the T-shirt. They should have just told you right then if you had won it or not.
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    earweed wrote: »
    seems with the # of people here who probably took it someone should have won the T-shirt. They should have just told you right then if you had won it or not.

    I was under the impression that it was every 20th person got one and you would know instantly. But they decided they wanted to collect all of our information first and then stick the names in a pool or something.
    Decide what to be and go be it.
  • erpadminerpadmin Member Posts: 4,165
    Devilsbane wrote: »
    I was under the impression that it was every 20th person got one and you would know instantly. But they decided they wanted to collect all of our information first and then stick the names in a pool or something.


    That makes sense. I filled out two of these things with CompTia and haven't heard anything back about the T-shirt.
  • shon541shon541 Member Posts: 136
    I just got an email stating that I got one.
    Thank you for your participation in the CompTIA Security+ JTA survey. You have been selected as a prize winner of an official CompTIA t-shirt. We will mail you the t-shirt within two weeks.
  • DevilsbaneDevilsbane Member Posts: 4,212 ■■■■■■■■□□
    shon541 wrote: »
    I just got an email stating that I got one.
    ***** **** ***** ******!!!!

    Just kidding, congratulations
    Decide what to be and go be it.
Sign In or Register to comment.