CISSP or SSCP advice

Hi-

I am currently a systems administrator with 4 years of who's aspiring to work in the infosec field. I am trying to decide which certification is appropriate for me, either SSCP or CISSP and would appreciate help determining whether I meet the appropriate requirements.

As a system administrator I am certainly involved with these areas of the CBK:
Access Controls - Granting permissions, managing ACLS, etc.
Operations Security: Patch management, vulnerability scanning and remediation, log monitoring
Telecommunications security: Network monitoring, firewall configuration

I also have 6 years experience working at a helpdesk, which I beleive would also qualify as Access Controls and Operations security.

I have a bachelors degree in Information Technology and hold the Security+ qualification.

In your opinion, do I meet the requirements for a CISSP? or should I sit the SSCP exam first?

Thanks in advance.

Luther

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

kalkan999

Four years experience with two domains, PLUS Security + is equal to the five years required to be a CISSP. Read the posts about both...both are a challenge, but CISSP definitely more challenging than the SSCP. Good luck to you with whatever road you choose.

JDMurray

Anyone can take the SSCP or CISSP exams at anytime. Only full certification requires having professional InfoSec experience plus an endorsement from a member of the (ISC)2 (that is, a current cert holder) in good standing. With your Security+ cert, you only need four years of InfoSec work experience in two domains to qualify for full CISSP certification. Because the CISSP will get you far more job market recognition than the SSCP, I always recommend going straight for the full CISSP if you already meet all of the qualifications.

LutherBliss

Appreciate your comments. I have read many of the threads here and reviewed the (ISC)2 site extensively. I was hoping to understand if my background as a system admin would meet the requirements to hold the CISSP. I do understand that anyone can take the exam at any time and become recognized as an associate of (ISC)2.

JDMurray wrote: »

Anyone can take the SSCP or CISSP exams at anytime. Only full certification requires having professional InfoSec experience plus an endorsement from a member of the (ISC)2 (that is, a current cert holder) in good standing. With your Security+ cert, you only need four years of InfoSec work experience in two domains to qualify for full CISSP certification. Because the CISSP will get you far more job market recognition than the SSCP, I always recommend going straight for the full CISSP if you already meet all of the qualifications.

JDMurray

Only the (ISC)2 itself can give your background an official evaluation of CISSP suitability. TE does not represent the (ISC)2, so anything you get from the TE community is just opinion. That being said, it is my opinion that you meet the qualifications for full CISSP certification.

secpro

New to this site and the forum...First off...congrats on recently writing your CISSP!...it's a big accomplishement and you should definitely be proud....I'm taking my CISSP exam at the end of the month and would like to know what specific prep exam materials you used, if any? I know there's a lot of material out there, but identifying prep exams that simulate or better yet compare to content you may encounter on the actual exam is difficult. I believe that prep exams are critical to help anyone preparing for any exam identify weak areas that require review or improvement. Any information would be greatly appreciated.