Security Access Control worthy of applying for this exam?

N2IT

Security Guru's:

Would one year of access control give you the requirements for the SSCP? Also would it be worth it in your personal opinion to only have one year of access control and sit this exam? I'm very much against being a paper chump. But if you feel it's valid it might be something worth considering.

Thanks for your input.

N2IT

For your SSCP credential, your professional experience has to be in one or more of these seven SSCP CBK^® domains:

Access Controls
Cryptography
Malicious Code and Activity
Monitoring and Analysis
Networks and Communications
Risk, Response and Recovery
Security Operations and Administration





Don’t have the necessary years of experience? If you’re working on building your experience right now, you may earn the Associate of (ISC)² designation by passing the required SSCP examination.

Found the answer.

Sorry for the needless post.

JDMurray

An SSCP candidate only needs one year of experience in one of the domains of the SSCP CBK. One year of access control experience would qualify.

ivx502

N2IT I used four years of Physical Security Access control to qualify for the SSCP so it definitely counts

N2IT

Guys thanks for the replies. I appreciate it!

JDMurray

ivx502 wrote: »

N2IT I used four years of Physical Security Access control to qualify for the SSCP so it definitely counts

And there isn't even a Physical Security domain in the SSCP CBK. Maybe the (ISC)2 will (unofficially) allow experience in the CISSP CBK domains to quality for SSCP certification too.

N2IT

JD do you think having the minimal experience is enough to take the exam? Just wondering your take on this?

JDMurray

N2IT wrote: »

JD do you think having the minimal experience is enough to take the exam? Just wondering your take on this?

A person who has minimal experience (i.e., one year) in each of the seven SSCP CBK domains will still need to study for this exam. There are a lot of topics covered that no one person with one year--or even ten years--of experience will have. No one wanting to pass a cert exam on their first try should take an exam based solely on their currently knowledge and experience. Like taking a college course, going for a cert is an opportunity to learn more than you already know.

N2IT

Thanks for the reply I appreciate it.

NetworkingStudent

Doesn't this exam require continuing education credits to keep the cert current? Also, what are the continuing education requirements?

ptilsen

NetworkingStudent wrote: »

Doesn't this exam require continuing education credits to keep the cert current? Also, what are the continuing education requirements?

To maintain it does require CPEs, but they're well worth it and from what I've heard fairly easy to accomplish.

JDMurray

80 CPEs every three years and $65US AMF per year.

N2IT

JDMurray wrote: »

80 CPEs every three years and $65US AMF per year.

JD if I jumped into this would you both maintaining the security + CE? I mean to maintain two could be quite costly especially with the PMP requiring credits every 3 years.

JDMurray

N2IT wrote: »

JD if I jumped into this would you both maintaining the security + CE?

I'm not quite sure what you mean by this.

The idea is that you will pass the expense of maintaining your certs to your employer, who requires you to have the certs as part of the conditions of your employment. If you can't do this, you'll pay out-of-pocket like the rest of us.

ptilsen

N2IT wrote: »

JD if I jumped into this would you both maintaining the security + CE? I mean to maintain two could be quite costly especially with the PMP requiring credits every 3 years.

I would. It's only $50. HR tends to be clueless and might be misinformed, tossing out your resume due to no Security+. The CPEs you use for SSCP can generally also be used for Security+, since they are from different vendors, so it won't take any extra time -- in fact, I believe just taking SSCP qualifies as CPEs for Security+. Also, unless you just got Security+ it should be lifetime.

N2IT

My security + is CE. Network and A+ is lifetime.

JD or PT or Both

How does the auditing process work? I called my boss last night and he said he would absolutely vow for me. Is there anything I need to line up prior to applying for the SSCP?

I'm in PMP mode but this certification has peaked my interest. Everything I have read indicates that this is more of a management certification which interest me.

JDMurray

You need an (ISC)2 member in good standing to "endorse" you. It's best if your endorser is personally familiar with your work experience and career. You do not need to have an endorser before you take the exam. If you intend to go for the "Associate of the (ISC)2" designation, you don't need an endorser or the work experience.

ptilsen

What I read is that ISC2 will endorse you if you can't find one. Basically, an endorser makes the process go more smoothly, but you can get the certification without knowing one. Obviously they can't put the cart before the horse on this one -- if knowing a certified individual were a set-in-stone requirement it would be very difficult for people to get certified in the first place.

JDMurray

Having the (ISC)2 endorse you is the same as going through their auditing process prior to the introduction of member endorsement. And yes, having your own endorser usually makes the process a whole lot faster.