SSCP - March 12

2

Comments

  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Don't know if I am going to be able to take it. Money issues....icon_sad.gif (I know I won't have the money to spare in May and I might not have it the next time they Plus I was looking at the Military CND chart and the GCIA and CEH meet the "analyst" role (which is my goal). I have seen quite a few cisco admin jobs so my CCDA studies might turn into quasi CCNP studies. Next up is wireshark though..
  • AmcoAmco Member Posts: 73 ■■□□□□□□□□
    Taking mine May 7 icon_cheers.gif
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Amco wrote: »
    Taking mine May 7 icon_cheers.gif


    Good luck. I am going to have to really pinch some pennies to get it paid for at that time (paying for classes out of pocket and so on).
  • KasorKasor Member Posts: 933 ■■■■□□□□□□
    This is the latest I saw at Amazon.

    Official (ISC)2 Guide to the SSCP CBK, Second Edition ((ISC)2 Press) by Harold F. Tipton (Dec 15, 2010)

    SSCP Systems Security Certified Certification Exam Preparation Course in a Book for Passing the SSCP Systems Security Certified Exam - The How To Pass on Your First Try Certification Study Guide

    Look like that I will not make it to the June, possible for Aug.
    Kill All Suffer T "o" ReBorn
  • AmcoAmco Member Posts: 73 ■■□□□□□□□□
    Good luck. I am going to have to really pinch some pennies to get it paid for at that time (paying for classes out of pocket and so on).

    All my test I've taken is out of my pocket, I'm still looking for a job in the IT field currently. Hopefully I get a call soon to gain some experience. icon_thumright.gif
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Amco wrote: »
    All my test I've taken is out of my pocket, I'm still looking for a job in the IT field currently. Hopefully I get a call soon to gain some experience. icon_thumright.gif


    I am sure you will with that list of creds.


    I am probably going to try to go for it in July. I will have to take off school if I want to take it in May and I probably won't be able to miss that class (that will be during my finals). WCNA is on my radar next. I might swap the WCNA to July and the SSCP to May just so I can get my "full" SSCP done as quickly as possible. I am just wondering how much the cert is going to really add to my resume. My heart isn't in certs right now (18 credits and full time work for the next 6 months) but school will be over soon.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    I am sure you will with that list of creds.


    I am probably going to try to go for it in July. I will have to take off school if I want to take it in May and I probably won't be able to miss that class (that will be during my finals). WCNA is on my radar next.

    Looks like you and I are taking very similar paths. I plan to go after the WCNA after the SSCP... icon_lol.gif
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    Looks like you and I are taking very similar paths. I plan to go after the WCNA after the SSCP... icon_lol.gif

    Awesome lol. I really, really, really want to do the WCNA. I honestly feel like it is going to be the most important certification I do this year. Not because of the job prospects that are looking at the WCNA but because I believe that packet level analysis, knowledge and troubleshooting is going to differ me from all of the other JR Security Analyst/Network Analyst/Network Admins.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Awesome lol. I really, really, really want to do the WCNA. I honestly feel like it is going to be the most important certification I do this year. Not because of the job prospects that are looking at the WCNA but because I believe that packet level analysis, knowledge and troubleshooting is going to differ me from all of the other JR Security Analyst/Network Analyst/Network Admins.

    Agreed, for me it's important that I understand things at the Packet level. I know the certification is not all that popular with the HR goons but for me it's worth it.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    After talking with my wife and doing some budgeting, I realized that I will certainly have the money. After doing some more research into the exam and reading a bit more of the gold book, I think I can shoot to kill this test on May 21st (in Columbus, Ohio). I will have to miss a day of English class but I should be alright (I thought it was a test day, it isn't). I'll have all of April and 20 days in May to get ready which leaves me 51 days which I thing *should* be enough. My material is the same as before:


    Network Security Bible (Purchased)
    SSCP CBK Gold Book - (Purchased)
    Prep Logic MP3s - (Purchased)
    Prep Logic Review Guide - Purchased)
    SSCP CBT Nuggets - (Purchased)
    CCcure Test - (Need to buy)


    I am not going to be able to rack up 300 hours as I previous though. I may be able to get about 150-200 quality hours (due to school life). Hopefully my next projects will help with the SSCP studies:

    New Firewalls (2 virtual and 1 physical)
    Build new Web Servers (including securing)
    Tuning WAF
    Tuning IDS/IPS

    Hopefully these projects will help me "study" for the SSCP. I think I have plenty of time. Now I just need to carve out time to study for it. The last thing I want to do is turn this into another Security+ fiasco (LUPEND!!!)
  • xopitoxopito Member Posts: 20 ■□□□□□□□□□
    Well I am back on the SSCP wagon officially. I will take the test May 21st! I will pass using this material:

    Network Security Bible (Purchased)
    SSCP CBK Gold Book - (Purchased)
    Prep Logic MP3s - (Purchased)
    Prep Logic Review Guide - Purchased)
    SSCP CBT Nuggets - (Purchased)
    Transcender Test - (Need to buy)

    I want to rack up 300-350 hours for this exam although I don't know if I will need that much. We will see.

    I would recommend you the Computer and Information Security Handbook
    istand than the network security bible
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    xopito wrote: »
    I would recommend you the Computer and Information Security Handbook
    istand than the network security bible

    Just took a look at it on Amazon. Looks like a good read but largely a rehash of the NSB material. It's also pretty expensive at 100 bucks. I might pick up a used copy when I do my next batch of book purchasing (won't be before May).
  • xopitoxopito Member Posts: 20 ■□□□□□□□□□
    Just took a look at it on Amazon. Looks like a good read but largely a rehash of the NSB material. It's also pretty expensive at 100 bucks. I might pick up a used copy when I do my next batch of book purchasing (won't be before May).

    I am reading it on safari book yea book is quite expensive but I highly recommend it don't buy it just read it from safari books
  • contentproscontentpros Member Posts: 115 ■■■■□□□□□□
    Don't forget to check out the NIST guides. Without saying too much about the SSCP exam, unlike the Security+ which is more fact based the SSCP is going to present more items where you would be much better armed understanding "best practices". There is a lot of good guidance in the NIST 800 series guides and best of all they are free (but the reading is a little dry).

    Nist guides can be found here http://csrc.nist.gov/publications/PubsSPs.html

    You may want to look at the following guides:

    800-12 An Introduction to Computer Security: The NIST Handbook

    800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems

    800-30 Risk Management Guide for Information Technology Systems

    800-35 Guide to Information Technology Security Services

    800-61 Computer Security Incident Handling Guide

    800-100 Information Security Handbook: A Guide for Managers

    You don't need to know these front to back but being familiar with the concepts in these may just help you select the "best" answer.

    Good luck on your test!

    ~CP
  • AmcoAmco Member Posts: 73 ■■□□□□□□□□
    After talking with my wife and doing some budgeting, I realized that I will certainly have the money.

    That's great news! I just registered for the exam ($250 icon_twisted.gif) :P
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    So after talking with a recruiter for a MAJOR security company about an incredible position, I made a decision to go ahead and skip Sscp in favor of its big brother the cissp. I have mixed feelings about it but ultimately I am trying to get paid and not played. Associate of cissp here I come.....

    Obviously I won't be able to do it next month but I think September is doable. Between now and then? I am going to do lpic (for school) I am thinking about ceh and wcna. My heart is back set for gcia and with some money magic I might be able to make it happen. Gcia cissp and ceh (and linux+) would be awesome if I can get them. We will see..
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    I'm thinking that I will do SSCP and then the CISSP when I have enough years of experience. I'll probably just let the SSCP retire after I get the CISSP.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    I'm thinking that I will do SSCP and then the CISSP when I have enough years of experience. I'll probably just let the SSCP retire after I get the CISSP.
    But that will mean you are no longer "a member in good standing." Unless employers are really insistent on having an active CISSP certification, you might as well let them both lapse.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    JDMurray wrote: »
    But that will mean you are no longer "a member in good standing." Unless employers are really insistent on having an active CISSP certification, you might as well let them both lapse.

    Just because I let SSCP expire after I did the CISSP icon_scratch.gif
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    I'm thinking that I will do SSCP and then the CISSP when I have enough years of experience. I'll probably just let the SSCP retire after I get the CISSP.

    You can do it before you have 4-5 years of exp.

    Honestly for me what it is coming down to is exposure. Lets say X is cost SSCP and Y is the exposure (how well it is known). Like you can pay X and get Y or you can pay 2X and get 10Y lol:) Its a no brainer. Like I am still having doubts because I don't want to give the impression I have a ton of exp when I don't. There is still a ton of stuff I don't know. I might change my mind back friday when I have a sit down with someone. I don't know. SSCP matches up with my current duties and TBH CISSP just doesn't. That's something else to consider. Plus I could go for SSCP next month (or July at the latest) and pass. CISSP I would need quite a bit more time get the info down. Truth be told I really don't give a care about either. GCIA my real goal lol
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Just because I let SSCP expire after I did the CISSP icon_scratch.gif
    The SSCP is a separate cert from the CISSP, not a junior-grade cert that is superseded when you get the CISSP. They are two of the possible certs in your (ISC)2 certification portfolio. (My term, not the (ISC)2's). Letting any cert in your portfolio lapse would something to bring you into bad standing. What you want is your SSCP to be de-certified, and I'm not sure if there is a policy/procedure for doing this.

    Lemme email the (ISC)2 and get the official word on all this.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    JDMurray wrote: »
    The SSCP is a separate cert from the CISSP, not a junior-grade cert that is superseded when you get the CISSP. They are two of the possible certs in your (ISC)2 certification portfolio. (My term, not the (ISC)2's). Letting any cert in your portfolio lapse would something to bring you into bad standing. What you want is your SSCP to be de-certified, and I'm not sure if there is a policy/procedure for doing this.

    Lemme email the (ISC)2 and get the official word on all this.

    Yeah, because that seems a little odd. I'm interested to hear what you find out.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Yeah, because that seems a little odd. I'm interested to hear what you find out.
    I just sent off an email to my contact. They've already closed shop on the East Coast for today, so hopefully I'll have an answer for us all tomorrow. :)
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    I am curious to see what they say. I basically had a conversation and it seems like they see it like this:


    CISSP+GAIC High level
    SSCP+CEH Mid
    Security+ Entry

    Plus if CISSP wasn't higher than SSCP why does SSCP only require 1 year of exp? I personally think they should get rid of the CISSP associate (if you don't have the proper amount of exp). It just makes it harder for the SSCP to gain any traction.
  • rwmidlrwmidl Member Posts: 807 ■■■■■■□□□□
    I'm thinking that I will do SSCP and then the CISSP when I have enough years of experience. I'll probably just let the SSCP retire after I get the CISSP.

    Not to pull the d!ck card, but why would you go through the process of studying, getting endorsed for the SSCP if you know you won't do what is required to maintain it? To me that seems like a lot of time, effort and money wasted.
    CISSP | CISM | ACSS | ACIS | MCSA:2008 | MCITP:SA | MCSE:Security | MCSA:Security | Security + | MCTS
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Plus if CISSP wasn't higher than SSCP why does SSCP only require 1 year of exp? I personally think they should get rid of the CISSP associate (if you don't have the proper amount of exp). It just makes it harder for the SSCP to gain any traction.
    The CISSP is a professional-level cert, while the SSCP is more entry-level (different cert vendors have a difference concept of what "entry-level" is). The SSCP is marketed to people that are just out of college with only a year or so of InfoSec work experience (hence one year, one domain). My point is that the SSCP and CISSP are two independent certs, and is not a necessary step to achieve the other.

    The "Associate" designation--like Microsoft's MCP--is not an actual certification. Both only indicate you have passed an exam, but have not necessarily completed the full certification requirements. People are sometimes confused by this because it is far more common to see certs that are acquired by only passing a single exam and nothing more.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    rwmidl wrote: »
    Not to pull the d!ck card, but why would you go through the process of studying, getting endorsed for the SSCP if you know you won't do what is required to maintain it? To me that seems like a lot of time, effort and money wasted.

    Yes, but long in longer scheme of things why would you work/pay to maintain that cert when you have the CISSP? It would kind of be like me having a higher level GIAC cert and than go out of my way to pay for the GSEC or Security+.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    One could look at paying your SSCP's AMF as a way of donating to the (ISC)2 as an organization that helps maintain the interests of the fields you work in. I don;t want to say they are "union dues," but you get the idea.

    Also, the AMF are professional association fees that are (supposedly) tax-deducible. I don't claim it as a deduction myself, but maybe other people here do.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    JDMurray wrote: »
    One could look at paying your SSCP's AMF as a way of donating to the (ISC)2 as an organization that helps maintain the interests of the fields you work in. I don;t want to say they are "union dues," but you get the idea.

    Also, the AMF are professional association fees that are (supposedly) tax-deducible. I don't claim it as a deduction myself, but maybe other people here do.

    LOL, if you are correct you have sold me. You are making good points and I'm not opposed to supporting a good organization. I'm an active ISSA member and I will probably be an active ISC(2) member. I just didn't see any reason to keep the SSCP active if I had the CISSP.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
Sign In or Register to comment.