Anyone done the SSCP or CISSP from ICS2?

Discussion in 'Other IT certifications' started by Kitkatninja, Jan 9, 2010.

  1. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,140
    555
    383
    Hi Guy's,

    Was thinking about the SSCP from the ICS2, has anyone done this? What material did you use?

    Both myself & Modey deal with IT security at our place, and I've already done the Security+ and Microsoft Security exams.

    -Ken
     
    Last edited: Jan 9, 2010
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
  2. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,140
    555
    383
    Do we have any SSCP or CISSP holders here? Preferably around the Northants area?

    -Ken
     
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
  3. JK2447
    Highly Decorated Member Award 500 Likes Award

    JK2447 Petabyte Poster Administrator Premium Member

    Top Poster
    of the Month

    7,191
    945
    318
    I think Bri is a CISSP, he's on my friend list thingy
     
    Certifications: VCP4, 5, 6, 6.5, 6.7, 7, 8, VCAP DCV Design, VMConAWS Skill, Google Cloud Digital Leader, BSc (Hons), HND IT, HND Computing, ITIL-F, MBCS CITP, MCP (270,290,291,293,294,298,299,410,411,412) MCTS (401,620,624,652) MCSA:Security, MCSE: Security, Security+, CPTS, CCA (XenApp6.5), MCSA 2012, VSP, VTSP
    WIP: Google Cloud Certs
  4. Bri1981

    Bri1981 Byte Poster

    207
    21
    27
    Hi Ken, I did the CISSP last year. I used the Shon Harris book (4th edition), the 5th edition is out soon - linky
    It goes into alot of detail and took me a while to get through. The exam is a 6 hour, 250 multiple choice jobby, almost everything on there was covered in the book.

    The CISSP exam schedule is shown here

    If you want to know anything else give me a shout.
     
    Certifications: See signature
    WIP: MBA entry diploma
  5. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,140
    555
    383
    Thanks mate, any info on the SSCP exam and credntial? While the CISSP would be a better option, the SSCP suits my needs at the moment - plus I don't have 5-6 year of pure IT security, IT Security is incorporated into my job along with alot of other things :( Plus from what I understand the SSCP is easier :)

    The another thing I was wondering about is the endorsement, what I know is that while I can do the SSCP exam and become an Associate of (ISC)², I'm considering the full SSCP credential. I do not know anyone who holds the (ISC)² credentials that can endorse/validate my work, however I've been told that (ISC)² themselves can endorse my application. Do you know how that works?

    Sorry for all the questions

    -Ken
     
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
  6. Bri1981

    Bri1981 Byte Poster

    207
    21
    27
    Hi Ken, sorry I don't know anything about the SSCP, however check this out.
    A year can be waved depending on your other certs, so you would only need 4 years for the CISSP. My background isn't pure IT security either but you just need the experience in 2 or 3 of the 10 domains shown below:
    ■Access Control
    Concepts, terms of subjects and objects, implementation of authentication techniques
    ■Application Security
    Security and controls of the systems development process, life cycle, application controls, change controls, data warehousing, data mining, knowledgebased systems, program interfaces, and concepts used to ensure data and application integrity, security, and availability
    ■Business Continuity and Disaster Recovery Planning
    Preservation of the business in the face of major disruptions to normal business operations
    ■Cryptography
    Business and security requirements for cryptography, principles of certificates and key management, secure protocols
    ■Information Security and Risk Management
    Identification of an organization’s information assets and the development, documentation, and implementation of policies, standards, procedures and guidelines that ensure confidentiality, integrity, and availability
    ■Legal, Regulations, Compliance and Investigations
    Computer crime laws and regulations, the investigative measures and techniques which can be used to determine if a crime has been committed, methods to gather evidence if it has, as well as the ethical issues and code of conduct for the security professional
    ■Operations Security
    Identify the controls over hardware, media, and the operators with access privileges to any of these resources
    ■Physical (Environmental) Security
    Threats, vulnerabilities, and countermeasures that can be utilized to physically protect an enterprise’s resources and sensitive information
    ■Security Architecture and Design
    Concepts, principles, structures, and standards used to design, implement, monitor, and secure, operating systems, equipment, networks, applications, and those controls used to enforce various levels of confidentiality, integrity, and availability
    ■Telecommunications and Network Security
    Structures, transmission methods, transport formats, and security measures used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media

    I think you will be fine to go for it, it is difficult but just like a more indepth version of the Security+.
    For the endorsement you don't have to know someone with the cert, you can send the ISC2 your CV after you pass listing all your experience and the contact details of your employer and previous employers.

    No problem at all for the questions, give me a shout if you need anything else.
     
    Certifications: See signature
    WIP: MBA entry diploma
  7. Kitkatninja
    Highly Decorated Member Award 500 Likes Award

    Kitkatninja aka me, myself & I Moderator

    11,140
    555
    383
    Excellent, thanks mate :)

    -ken
     
    Certifications: MSc, PGDip, PGCert, BSc, HNC, LCGI, MBCS CITP, MCP, MCSA, MCSE, MCE, A+, N+, S+, Server+
    WIP: MSc Cyber Security
  8. PPD2387

    PPD2387 Byte Poster

    149
    9
    37
    Hi Bri,

    Did you purely do self study for the CISSP? If so, how long did it take you?


    Pete
     
  9. Bri1981

    Bri1981 Byte Poster

    207
    21
    27
    Hi Pete, I self studied for around 1 month, was a massive rush though, from the exam schedule on the ISC2 site it was either try and do it in 1 month (meant driving to Amsterdam) or wait until a slot was available in the UK 3 months later which would of cost me a flight and hotel.
    It was a struggle though and I reckon I only just passed, are you thinking of having a go at it?
     
    Certifications: See signature
    WIP: MBA entry diploma
  10. PPD2387

    PPD2387 Byte Poster

    149
    9
    37
    Yeah I think I may at least buy the Schon Harris book and have a look at the material. Looking on ISC2's site they only hold UK examinations in Bedford and London. Thanks for all the info Bri.
     
  11. sunn

    sunn Gigabyte Poster

    1,562
    24
    79
    I prepared for it a few years ago. I thought I was just about ready, but then my child was born and there were complications - studying for an exam was a very low priority.

    I used the Shon Harris book as the main resource & complimented it with material from this site.
     
  12. PPD2387

    PPD2387 Byte Poster

    149
    9
    37
    Thanks for that sunn - it looks like a really useful site.

    Sunn/Bri: Can I ask, how do you earn your CPE's? I appreciate the necessity for ISC2 to ensure that the candidates holding their cert are up-to-date with the latest technologies and developments but it seems a little much to demand 120 CPE's every three years, with a minimum of 20 needed per year after becoming certified.

    I searched on ISC2's site for upcoming events in the UK and for attending a security conference in London gained you 8 CPE's per day! At that rate you'd have to attend 15 conferences in three years, which for people living outside of London isn't really feasible and would cost a fortune in hotels and transport etc (on top of the annual $85 admin fee to ISC2).
     
  13. sunn

    sunn Gigabyte Poster

    1,562
    24
    79
    Retaining the CISSP does seem a bit daunting, but I haven't looked into it much since I stopped preparing.
    From what I remember CPEs could be gathered via various routes:
    - Classes
    - Conferences
    - Teaching / Lecturing / Presenting
    - Publishing *

    The general rule was 1 hour of direct training in at least one of the CBK topics earned 1 CPE. This doesn't apply to publishing materials.

    Note: * - A different weight system is applied to earning CPE's when preparing presentations; publishing articles and books.

    I think they have e-learinng programs, and quizzes, and other workshops that let you earn CPE's. A 5-day conference would earn 40 CPE's, maybe that's the best route.
     

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.