Starting studying for SSCP

lordmorgoth

Greetings,

A while ago I started to dive into the exciting and thrilling world of network security. I've been a network administrator for quite some time now, but I never had the opertunity to delve into the security aspect of network administration.

I'm currently certified as A+, Net+, Security+, MCSA, MCTIP:SA, JNCIA-FWV and EC-Council's ENSA.

Next on my list is the SSCP certification.

I've got the second edition Official ISC2 Guide to the SSCP CBK book. Quite 'dry' stuff in there.

Do any of you have any experience with the SSCP CBT's from CBT Nuggets or TestOut?

Also I'm not quite sure as to how much time I need to give myself for studying before taking the exam.

Any advise or personal experiance would be much appreciated.

Diggs3d

Hello,

I'm currently studying for the SSCP myself. I plan on taking mine on September 17 .

I using SSCP CBT Nuggets for Video Training which is pretty good. Michael Shannon does a pretty good job going each of the domains and all of the required information....

I also using Prep Logic SSCP Audio Training,SSCP CBK (ISC)2 1st Edition, and Ucertify.

Let me know if you have any more questions..........

JDMurray

Just in case either of you haven't read my blog article on this very subject: The SSCP Certification Experience | TechExams.net Blogs

lordmorgoth

I decided to go for the Testout CBT (LabSim - SSCP (Systems Security Certified Practitioner) Certification Training), mainly because Testout has got student discounts, whereas CBT Nuggets do not.

I've used ucertify in the past in preparation for EC-Councils ENSA exam, but I was really unimpressed with it. The questions were in no relation to the actual exam questions (neither in form and how the questions were formulated, nor in the content of the questions). So no ucertify for me this time!

In one week I've managed to work through the 'Cryptography' domain with the videos and the IC2 guide. Next up is 'Access Controls'.

Diggs3d

I do like the labs and training video bundle for SSCP study guide from Test Out.

I 'am taking my exam within 1 month so i don't think it's a enough time to get through all of the material to get my money's worth. I probably will check them out for when i'm preparing for CISSP Exam.

Thanks,

Diggs3d

Hello,

I received my results on Friday that i passed the SSCP Exam !!!

Bl8ckr0uter

Awesome news. Can you give a review of it?

TBRAYS

Diggs3d wrote: »

Hello,

I received my results on Friday that i passed the SSCP Exam !!!

We're you at the Westin Hotel?

JDMurray

Congratulations on passing the SSCP exam!

Diggs3d

Thanks alot,

Yup I took my exam at the Westin.

Bl8ckr0uter, Everyone take from exams are a little different but I think JDMurray wrote a great article on the SSCP Exam[h=2]The SSCP Certification Experience.[/h]
Prior to your exam it's best that you review as many questions as possible. Why? Personally I believe this approach help me with evaluating each individual question then making the appropriate response to the scenario presented. If you limited time to review I defiantly would recommend SSCP Video Mentor by Shon Harris and Prep Logic SSCP Audio Series which can played on MP3 Player or CD.

Additional study questions: Cccure.org, Freepracticetest.org

I hope this helps

JDMurray

And we have some free practice exam resources here at TE too: Practice Exams - Browse - TechExams.net

lordmorgoth

I've just attended a one-day CISSP review seminar:

The CISSP Clinic will review key principles every professional should understand about the two domains: Information Security Governance and Risk Management; and Cryptography. Presented by an (ISC)2 Authorised Instructor, this event will take you one step closer to your CISSP certification.

Information Security Governance and Risk Management.
The identification of an organisation's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines. Management tools such as data classification and risk assessment/analysis that are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented.

Cryptography.
The principles, means, and methods of disguisinginformation to ensure its integrity, confidentiality and authenticity. The emphasis is on imparting a high-level core understanding of this subject area for security managers, rather than the development of technical expertise.


The trainer was Graham Dobson and he really made the day. The was knowledgable and very entertaining. Since Crypography still is one of my weaker subjects, the day was really intressting.

lordmorgoth

Studying all the CBK's, I found that I have most difficulty with Cryptographic Attacks. Are there any good online resources (besides wikipedia) that I can use to dive futher into the matter?

Darril

lordmorgoth wrote: »

Studying all the CBK's, I found that I have most difficulty with Cryptographic Attacks. Are there any good online resources (besides wikipedia) that I can use to dive futher into the matter?

What type of cryptographic attacks are you having problems with?

I did find that a lot of the basic cryptographic knowledge went a long way for me on the SSCP exam. A couple of blogs that may be useful to you are:
Understanding a Digital Signature for Security Certifications
Security+ Cryptography - Encryption, Hashing, Digital Signatures

While writing this post, cryptanalysis attacks such as known plaintext attacks and cipher text attacks came to mind. If you don't like Wikipedia's information on these topics, this short paper may be useful: http://www.giac.org/cissp-papers/57.pdf

HTH,

Darril Gibson
Security+ blog
Security+ Tip Of Day

SecurityGuru23

Hello Everyone!


I was wondering how difficult is the SSCP exam compared to the Security+, any input and feedback from anyone who has passed both of the exams is greatly appreciated!

Darril

SecurityGuru23 wrote: »

Hello Everyone!
I was wondering how difficult is the SSCP exam compared to the Security+, any input and feedback from anyone who has passed both of the exams is greatly appreciated!

Hi, I've passed both and found that the SSCP exam is only slightly more difficult than the SSCP. Some of the content is different, but there is quite a bit of overlap and if you're considering going for the CISSP, the SSCP is a good stepping stone.

I recently wrote this blog on it: Systems Security Certified Practitioner (SSCP) Certification.

JDMurray wrote this blog about his experience with the exam in 2008, and it's still relevant today.
The SSCP Certification Experience - Blogs - TechExams.net IT Certification Forums

If you use older resources to study, you should be aware that the SSCP objectives are changing effective Feb 1, 2012. This book outlines some of the changes.
Changes to (ISC)2 SSCP

HTH,

Darril Gibson
Security+ blog
Security+ Tip Of Day

SecurityGuru23

Thank you Darril for your feedback and for writing such a GREAT book (Security+, Get Certified Get Ahead SY0-201 study-guide), the reason why I was successful in passing the Security+ exam on the first attempt was because of that book. It was easy to read, concise, precise and without any fluff.

I will be purchasing the SSCP (All-in-one exam guide) ASAP on Amazon.com once it's made available in a PDF format, I'm currently studying for the SSCP using only the Official (ISC)2 Guide to the SSCP CBK, Second Edition ((ISC)2 Press) by Harold F. Tipton for now.

I plan to take the SSCP exam in about 3-4 weeks from now which will total up to approximately 2 months of study time, do you think that amount of time is sufficient for me in successfully passing the SSCP exam in the first attempt considering that I'm only using the above as my only source to study for the exam? If not, any other recommendations and suggestions from you will be appreciated, thanks in advance!

Darril

SecurityGuru23 wrote: »

Thank you Darril for your feedback and for writing such a GREAT book (Security+, Get Certified Get Ahead SY0-201 study-guide), the reason why I was successful in passing the Security+ exam on the first attempt was because of that book. It was easy to read, concise, precise and without any fluff.

I will be purchasing the SSCP (All-in-one exam guide) ASAP on Amazon.com once it's made available in a PDF format, I'm currently studying for the SSCP using only the Official (ISC)2 Guide to the SSCP CBK, Second Edition ((ISC)2 Press) by Harold F. Tipton for now.

I plan to take the SSCP exam in about 3-4 weeks from now which will total up to approximately 2 months of study time, do you think that amount of time is sufficient for me in successfully passing the SSCP exam in the first attempt considering that I'm only using the above as my only source to study for the exam? If not, any other recommendations and suggestions from you will be appreciated, thanks in advance!

Thanks for the kind words on the Security+ book. Glad you liked it. The PDF version of the SSCP All In One book is available on CD with the hard cover book if that's what you want and it also includes a couple of banks of practice test questions. Is 2 months enough study time? Tough question to answer. If you spent 35 seconds a day studying, I'd say no. If you spent 2 hours a day and supplemented that book with other materials, I'd say yes. In general, it's rarely a good idea to use a single source of material to study for a certification exam.

HTH,

Darril Gibson
Security blog