SSCP exam 3/31. So close but . . .

fvafva Member Posts: 13 ■□□□□□□□□□
not close enough.

I took the SSCP exam on March 31st and got my score today. A score of 700 or better was needed to pass and I got 690. Phooey.

There were 2 questions that I went back and forth on for a long time, stuff I should have know but didn't know well enough.

I finished the 125 questions in about 2 hours and went back over the questions to review my answers in the remaining hour. I probably changed 8 to 10 answers, which many have been a mistake.

After the first 10 questions the first time through I was sure I was not going to pass. The questions were vague and the answers choices even more vague. Its a very frustrating exam and I left at the end convinced that I had failed it. The 5 CISSPs where I work later explained that that's generally the way you feel when you finish taking an (ISC)2 exam.

My studying habits were reading the Wiley and Syngress SSCP books, going through the Skillsoft site training for the 7 domains, and using various study guides. The Banahatti guide on the cccure.org website was especially useful, as well as the different level SSCP practice exams on the cccure.org site. I studied off and on for 3 months, trying to really focus my studying efforts the final month. I was trying to re-read the Syngress SSCP exam the week before the exam, and really should have done so several weeks earlier. I also used the CISSP Ron Kuntz (approx 2001 published) Prep Guide and the Shon Harris All-in-One CISSP guide for additional resources.

I'm looking at this test as a character-building experience. Last November the management where I work had encouraged 10 people to pursue this exam for this particular test date. Weekly training sessions were held in January and February. I ended up being the only one of the 10 people who got registered in time for the exam, so at least I took it and gave it my best shot. I talked with the my supervisor the week before the exam and admitted I was nervous, and he assured me that if I did not pass the test I could take it again at a future date. My employer did pay for the exam.

If I take the exam again, I'll probably wait for a year or so, and get the Official (ISC)2 SSCP book that is coming out this month before I take the exam. Other things will be writing note cards for every vocabulary term related to SSCP, and to repeatedly take the hardest (Pro level) SSCP tests on the cccure.org site.

I just started the SANS Institute Security Essentials course on my employer's dime, so I'll focus on that and use that and my additional on-the-job training to prepare for the SSCP exam the next time.

Frank

Comments

  • drakhan2002drakhan2002 Member Posts: 111
    If you failed the exam, they should give you a break down of your weak points. I don' t know if this is true or not - I've never taken the SSCP...but I've been told they do so for the CISSP. It might be worth looking into.

    I'm not sure if I would wait a whole year. You have most of the knowledge now. If you just brush up on your trouble areas, you'll like pass.
    It's not the moments of pleasure, it's the hours of pursuit...
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,940 Admin
    fva wrote:
    I took the SSCP exam on March 31st and got my score today. A score of 700 or better was needed to pass and I got 690. Phooey.
    I'm real sorry about that. I say this a lot, but now that you've taken the exam, the chances of you passing on your second try are excellent, especially having such a close failing score.
    fva wrote:
    I finished the 125 questions in about 2 hours and went back over the questions to review my answers in the remaining hour. I probably changed 8 to 10 answers, which many have been a mistake.
    I feel this. I know that I've missed questions on cert exams because I went back and changed answers. While reviewing the questions I'll start to second-guess the exam writers and what the "trick" of the question might be. This is very difficult for me not to do, and it's a good thing some cert exams do not allow you to review your answers.
    fva wrote:
    If I take the exam again, I'll probably wait for a year or so, and get the Official (ISC)2 SSCP book that is coming out this month before I take the exam.
    That's exactly what I am doing. I've already got my copy pre-ordered at Amazon.com.
    fva wrote:
    My employer did pay for the exam.

    I just started the SANS Institute Security Essentials course on my employer's dime, so I'll focus on that and use that and my additional on-the-job training to prepare for the SSCP exam the next time.
    You are very lucky to have an employer footing your education and certification bill. I don't have such a resource, and I'm looking at years of educational loan payments. Take heart in that you are in a better financial position to obtain education than many of us here.
  • drakhan2002drakhan2002 Member Posts: 111
    JDMurray wrote:
    You are very lucky to have an employer footing your education and certification bill. I don't have such a resource, and I'm looking at years of educational loan payments. Take heart in that you are in a better financial position to obtain education than many of us here.

    I am suprised that employers don't pay for, at least, the certification exam. I say this because many of the regulated enviroments - financial services, medical, government and legal practices all have certain regulatory requirements to meet. Many times, the only way they can "prove" they have qualified people working on their IT infrastructure is to show certification numbers of their employees. Every year at the bank in which I work, we are asked to list our certifications for just that purpose. Although my employer pays for 1 attempt at an exam, there is a very restricted list of certs - SANS, Security+, CISSP, etc. They also pay for a portion of my Masters (but not all of it). We are required to show certified individuals to the Federal Reserve Bank on a yearly basis. Anyway, I found you statement suprising JD. I doubt I would take a job at a place that didn't reimburse me in some fashion...I put skin in the game, they should to...if they want to keep me on staff. Otherwise, I'd go out and pay for the cert's myself and move on to greener pastures where the company values my interest in self-improvement.
    It's not the moments of pleasure, it's the hours of pursuit...
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    It depends on what other compensation he gets. If I made $10k more per year than average for my position, I wouldn't mind paying for a few certs. I actually get about $20k per year less than average for what I do lol. My employer does cover my certification costs and covers most of my training. I actually work at a sign company that only has about 20 employees. At this point, I'd rather just let them take that money and purchase servers and software for me to get working experience on. They're going to let me roll out Exchange and Sharepoint this year, and that experience will be worth it's weight in gold (that doesn't make sense, but you get what I'm saying).

    I also get a really flexible schedule, which is nice while I'm wrapping up college. I figure I can handle another 9 months or so, and finish up my MCSE+S, CCNA, and get a few of the new MS certs, then start looking for a job with three solid years of experience. I don't think I'll do too bad in the end :D
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,940 Admin
    Anyway, I found you statement suprising JD. I doubt I would take a job at a place that didn't reimburse me in some fashion...I put skin in the game, they should to...if they want to keep me on staff. Otherwise, I'd go out and pay for the cert's myself and move on to greener pastures where the company values my interest in self-improvement.
    I typically work at small, entrepreneurial shops that attempt to produce a killer product, generate lots of publicity, make an IPO, and then sell the company for millions (billions?) of dollars to make the venture capitol investors rich(er). The upside of such business ventures is the possibility of becoming a "paper millionaire" overnight. But until that happens--which it rarely does--you get minimal benefits, no raises, no bonuses, no training, lots and lots of working nights and weekends, and only a paycheck.

    I would have get a job at a "real" business to get my education and certs paid for. That would be nice, but not nearly as an exciting place to work.
  • fvafva Member Posts: 13 ■□□□□□□□□□
    I did get a list of my best to worse SSCP domains based on my test, so that did help. I also know what I plan to do differently for next time, both in terms of studying/preparing and how to handle the test.

    I just started the SANS Institute Security Essentials course and am a bit overwhelmed about the about of reading material that this course covers, so that will be my focus for the next several months. At least this exam is open book.

    After I finish that course I will need some time off from studying for security examinations. Nearly drove myself crazy in March while preparing for the SSCP exam. I'm hoping that what I learn from the SANS class will help with my future SSCP preparation.

    Frank
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,940 Admin
    You really should start off with the Security+ certification to get your feet wet in the basic areas of computer security before moving on to the bigger information security certs. You'll feel a lot less overwhelmed that way.
  • bigbluetickbigbluetick Member Posts: 1 ■□□□□□□□□□
    fva wrote: »
    not close enough.
    My studying habits were reading the Wiley and Syngress SSCP books, going through the Skillsoft site training for the 7 domains, and using various study guides.

    fva... I am also using Skillsoft as one of my training tools but I haven't taken the SSCP test yet. I have it scheduled already. Can I ask you if you think that the Skillsoft training was a good source for training and for prep for the test? Thanks.
  • tpatt100tpatt100 Member Posts: 2,991 ■■■■■■■■■□
    I failed the CISSP the first time I took it. I waited a year because ISC2 did not offer the test near my area for a long time. Eventually they did. I would study again but focus more on what you did weak on but don't slack on what you did fine on
  • botbillbotbill Member Posts: 48 ■■□□□□□□□□
    I am sorry to hear that you did not pass. But your score is so close to 700, dude. It is not a good feeling when u did not pass an exam.

    If I were you, keep your head high, review the domains that you are weak at, go back to your notes, books ..... Hammer them harder. I think u will be fine for next exam.

    good luck Dude.
    Cheers,
    working on cissp, ceh and pmp
  • malcolmcatmalcolmcat Member Posts: 12 ■■■□□□□□□□
    fva... I am also using Skillsoft as one of my training tools but I haven't taken the SSCP test yet. I have it scheduled already. Can I ask you if you think that the Skillsoft training was a good source for training and for prep for the test? Thanks.

    I didn't realize that this thread was still out here. I just started looking at this forum again after being away for a few years.

    I don't really remember whether or not the Skillsoft materials helped or not with my training for the SSCP exam. I took that exam at the end of March 2007 and missed passing by 10 points.

    My employer paid for me to take the Sans Security Essentials class in the spring/summer of 2007 and I did pass that certification that summer but I have not pursued any certification since then.

    I still work at the same employer and for the same department. I now have 5 years on-the-job experience working in Security, mainly in the Access Control domain, so I'm going to pursue the CISSP exam next. Upper management has changed so there isn't as much emphasis on pursuing certifications but I think they would still pay for the exam if I pass it.

    I have the Shon Harris AIO CISSP book, 4th Edition, and the Official ISC2 CISSP (Yellow Book) published 2007. I have an account on the cccure.org site and my account on here, and a few other resources, including joining the Shon Harris supported CISSP Study group on LI. I don't have a fixed date in mind to take the exam, but probably would take it in the spring of 2011 or 2012.

    At this point my plan is to read through the 10 domains in the Shon Harris book, 1 domain every two weeks starting in August, through the rest of the year. I have lots of note cards, vocabulary to learn, would cross reference topics between the Harris book and the Offical ISC2 book, and just see how it goes and if I can stick with it through the end of the year.
  • TarunkuTarunku Registered Users Posts: 1 ■□□□□□□□□□
    Hi I am also planning for SSCP Exam (this year oct,2010), please let me how I will do my preparation for this EXAM.I have already ordered ISC2 official guide for SSCP .icon_confused.gif:
Sign In or Register to comment.