CISSP Exam Requirements

CyberCelineCyberCeline Member Posts: 13 ■□□□□□□□□□
Hello everyone,

I'm thinking to go for the CISSP in two or three months (start the big study).
Bevore I go for it, I've got some questions:

1) Is it true that I need (new) 5 years experience in information security according to the 10 domains of the CBK? or 4 years?
2) Am I right that the CompTIA Security+ certification counts for 1 year experience?
3) Do I have to show/let ISC2 know about my real world experience BEVORE I take the exam?

Its just that the infoSec so the CISSP stuff is very interessting and I would like to study and write the exam...
My main problem is my real world experience... I work in the IT/Telco environment but have not got a job as a security professional or in a security project.

I've heard of the ISC2 Associate Certificate (after somebody passed the CISSP exam but have not the real world experiences required to be a CISSP) and that would also be great for me =))

Are these things right that I'm writing in my poor english here? icon_wink.gif

Thanks for advice

.CyberCeline
Apple ACSP 10.5, Apple ACHDS v10.4, Apple ACTC v10.4, CWNP Wireless#, CompTIA Security+, CISSP Associate of (ISC)2

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,720 Admin
    1) Is it true that I need (new) 5 years experience in information security according to the 10 domains of the CBK? or 4 years?
    As of October 1, 2007, the requirement will change from four years of required experience to five years. https://www.isc2.org/cgi-bin/content.cgi?page=1227
    2) Am I right that the CompTIA Security+ certification counts for 1 year experience?
    Yes. https://www.isc2.org/cgi-bin/content.cgi?page=1016
    3) Do I have to show/let ISC2 know about my real world experience BEVORE I take the exam?
    Yes. You will basically attest to the education, certification, and experince that you have which is relevant to meeting the CISSP exam requirements. https://www.isc2.org/cgi-bin/content.cgi?category=1187

    If you don't yet meet all of the requirements, you may still be award the Associate of (ISC)² status for passing the CISSP exam. https://www.isc2.org/cgi-bin/content.cgi?category=1334
    I've heard of the ISC2 Associate Certificate (after somebody passed the CISSP exam but have not the real world experiences required to be a CISSP) and that would also be great for me =))
    Yes, I'm going this route as well.
    Are these things right that I'm writing in my poor english here? icon_wink.gif
    Your English is perfectly understandable. And it's nice to see someone with the Wireless# certification too. ;)
  • CyberCelineCyberCeline Member Posts: 13 ■□□□□□□□□□
    Many thanks for your fast and detailed response JDMurray.

    That's great! icon_wink.gif
    Apple ACSP 10.5, Apple ACHDS v10.4, Apple ACTC v10.4, CWNP Wireless#, CompTIA Security+, CISSP Associate of (ISC)2
  • CyberCelineCyberCeline Member Posts: 13 ■□□□□□□□□□
    Another question came up...

    Is it true when I'm looking for a job that a CISSP certificate is more worth than a BSc degree? Can I say a CISSP certificate is more respected than a BSc degree in the IT/telco/security industry?
    Apple ACSP 10.5, Apple ACHDS v10.4, Apple ACTC v10.4, CWNP Wireless#, CompTIA Security+, CISSP Associate of (ISC)2
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,720 Admin
    Is it true when I'm looking for a job that a CISSP certificate is more worth than a BSc degree? Can I say a CISSP certificate is more respected than a BSc degree in the IT/telco/security industry?
    No, this is completely false. IT certification and degreed education are not the same thing and cannot be compared in this way. A degree is acquired through several years of intense academic study, while an IT certification is obtain by passing only one (or more) exams. Yes, there is actual work experience required for some IT certifications, but this not always verified by the certification agency.

    Having a CISSP certification with no education and minimal experience will not get you a very good job. The CISSP is only one of many credentials that you will need for a successful career in information security, and is by no means a substitute for an academic degree. Education, certification, and experience; you need all three.
Sign In or Register to comment.