Application Security Experience

Chassidic1Chassidic1 Member Posts: 37 ■■□□□□□□□□
B"H

From people who passed CISSP without a background in programming or web development; did you feel like it was sufficient to know the application layer security concepts mentioned in CISSP books without too much external study? I wonder: is it worthwhile to maybe "get into" some lighter programming language like python or something web related to better relate to the security topics in this domain? I don't yet have much background in coding...

Thanks,
Dovid

Comments

  • broli720broli720 Member Posts: 394 ■■■■□□□□□□
    It was more than sufficient. I've took a few Java classes as a freshman in college and know a little python but by no means would I consider myself an expert. The book I read (Eric Conrad's) really only focused on core concepts of application security so you should be ok.
  • cyberguyprcyberguypr Senior Member Mod Posts: 6,882 Mod
    Absolutely overkill onless you really want to learn programming for other reasons. Keep in mind that the cert is oriented at management. Those peeps will not bother to learn any programming languages. I despise programming and wouldn't touch it with a 10 foot pole. Did fine on the test.
  • redzredz CISSP-ISSAP, ISSEP, ISSMP, CAP (& others) Member Posts: 265 ■■■□□□□□□□
    Cyber is right, like, 99% of the time. Here are two examples:
    cyberguypr wrote: »
    Absolutely overkill
    cyberguypr wrote: »
    despise programming

    Take his advice. If you decide not to listen to Cyber, then take my advice:

    Learning programming for the CISSP is like learning chess to prepare for a swim meet.
  • Chassidic1Chassidic1 Member Posts: 37 ■■□□□□□□□□
    B"H

    Thanks guys - much appreciated. I just spent what felt like an hour this morning looking at "Web Goat". I figured maybe to better understand the application layer attacks I could try them out on that Web Goat...

    Best Regards,
    Dovid
  • samurai86samurai86 Member Posts: 104 ■■□□□□□□□□
    Ya I think the books cover more than enough.
    Bachelor's of Applied Science in Technology Management - Information Security Assurance (St. Petersburg College)
    Masters of Science in Digital Forensics (University of Central Florida)
Sign In or Register to comment.