topic Re: SSCP or CISSP? in Exam Preparation

SSCP or CISSP?

Bravo — Sun, 05 Nov 2017 14:36:14 GMT

Is it a good idea the get your SSCP first and then go for the CISSP or should I go directly for the CISSP and not bother with the SSCP? What do you recommend and why? Thanks in advance.

Re: SSCP or CISSP?

fortean — Sun, 05 Nov 2017 16:17:39 GMT

Hard to say. It depends on your ability to learn, what you already know, the amount of time you have available and the date on which you want to have achieved something. SSCP requires less experience (1 year versus 5 years), in less domains (1 out of 7 versus 2 out of 😎 and the domains are not quite the same either. SSCP is more "down to earth", practical, more technical, CISSP is more abstract and has more focus on processes, law / legalese.

If you are already employed for a longer time in the IT/Infosec business and have or aim for a leadership role, given sufficient talent and other resources, I'd go straight for the CISSP. If you are relatively new in our field and aim to (at least for now) do more practical security work, go for the SSCP first.

Another option, especially if you don't have sufficient experience but still aim for a leadership role is to go for Associate first, e.g. study for your CISSP, sit (and pass...) the exam, then acquire sufficient experience to become a CISSP. However, in practice not too many HR departments, headhunters etc. will filter on "associate", probably you'd stand a better chance of being hired if you held the SSCP credential and published that in/on CV's and profiles.

Re: SSCP or CISSP?

Gunner — Mon, 06 Nov 2017 12:13:03 GMT

Heinrich is dead on right. I couldn't say it any better if I tried! Great advice.

Re: SSCP or CISSP?

ZippFire — Mon, 06 Nov 2017 14:16:38 GMT

For your idea..

In March 2017 I had one week, 5 days, SSCPcourse. I did the exam on 31 October and passed.
I have 5 years experience as a system administrator, but not in security.

In the meanwhile I read the study book and made notes, then I learned the slides from the course, learned the notes from the book and did practice questions.

If you are not familiar with the terms of security, like the CIA triad, I would not do SSCP first, but do a beginners course and then SSCP or CISSP depending on your work experience.

Re: SSCP or CISSP?

zaib — Mon, 06 Nov 2017 14:41:43 GMT

testing

Re: SSCP or CISSP?

duchess — Mon, 06 Nov 2017 17:21:20 GMT

Zaib, your "testing" post are good (both the new posting and on this reply..), man.

Re: SSCP or CISSP?

duchess — Mon, 06 Nov 2017 17:27:58 GMT

Why not both? If you can dedicate the time and effort to write both exams, you should aim for that. Unless there's a specific reason for either/or (i.e., you've found yourself a posting for a position looking for a particular certification, etc.).

In my opinion, the idea behind testing is to ensure you have a firm grasp of the respective topic(s) and being able to complete the examination should only reinforce this fact to potential employers (and of course yourself - boost self-esteem if you need that).

There's a myriad of variables that would dictate one certificate or the other that you can check for yourself. Maybe doing a "pro/con" list for the SSCP and CISSP, then moving forward with what you see?

**EDIT**

In either case good luck!

Re: SSCP or CISSP?

webeha — Mon, 06 Nov 2017 22:27:49 GMT

I think several good points were made regarding requirements and the differences between the SSCP and the CISSP. Personally, I hold the CISSP and the GIAC-GSEC. I had the GIAC-GSEC prior to gaining the CISSP. I think from a senior management level the CISSP has been very beneficial. Also, looking at Information Assurance positions with government related entities such as the DoD, the CISSP will open more doors. The GIAC-GSEC was a great benefit to me as I started in the security realm of IT, and continues to hold respect with the "boots on the ground". I think both certifications compliment each other very well. I've looked a numerous opportunties that prioritized security certifications, and had the CISSP number one with the GIAC-GSEC right behind it. I think that you can't go wrong with getting the CISSP but the SSCP could be a benefit as well. That said, it might be worth your while to branch out as well. At a high-level the CISSP is great, but at some point you'll have to be or work with the guys in the trenches doing the work. The more detail, knowledge and experience you can have in getting the job done, the more respect you'll earn at multiple levels. Something like the GIAC-GSEC or the SSCP can help with that.

Re: SSCP or CISSP?

TankerT — Tue, 07 Nov 2017 22:37:23 GMT

My question to that question is always:

"What are your career goals?"

The CISSP is great, as it is well recognized. I do think some HR departments don't understand it, requiring it for lower level positions.

SSCP is a good practitioner certification. CISSP is a management level certification.

Without knowing more about your background and goals, it is hard to provide an answer.

Re: SSCP or CISSP?

kevinkidder — Fri, 02 Feb 2018 21:35:52 GMT

I agree with both Heinrich and Duchess.

Your ability and experience in the field will of course dictate where you are and which test you should take. That being stated though, one could assume that the reason you are reviewing these two is for the ultimate goal of a security management position. Unless you are already working in the security field, and are just one cert away from making the jump to a management position, both certs can be useful.

In my case, I have taken the SSCP to advance my career in the security arena, and will then take the CISSP to help me move up the ladder to security manager/CISO position.

Good luck

Kevin

Re: SSCP or CISSP?

LAJensen — Wed, 07 Feb 2018 05:56:15 GMT

Hi Bravo

When I finally decided to get serious about adding cyber security certs to my resume I eased myself into the field by taking the SSCP even tho' I qualified to take the CISSP. The SSCP cert provides a great foundation in cyber security and it isn't as big of a bite of information to absorb as the CISSP.

I followed up the SSCP cert with the CompTIA Security + CE cert. It's right in line with the SSCP material but adds more technical information to the exam. I continued on the techie end of cyber security by taking the SANS/GIAC GSEC. And finally, I took the CISSP.

I don't see a lot of people taking the cert route that I have but I wanted a well-rounded grounding in cyber security.

LA Jensen

CISSP, SSCP, GSEC

Security+CE, CVI, MCP, MCTS

Re: SSCP or CISSP?

n_vyas1 — Tue, 27 Mar 2018 15:56:56 GMT

Hello,

I failed in CISSP today although all CISSP OFFICIAL book contents are already recorded in my mind.

Unfortunately, only 2 technical questions were asked in CISSP Exam and rest of all based on concepts and experience. I'm working in information Security Domain, working as a system analyst since 6 years.

So, I'd like to know if SSCP suits and fits as per my expectations because I want to give pure technical exam rather than concept based just i had in CISSP.

What kind of exam pattern SSCP has? Is it relevant to CISSP?

Re: SSCP or CISSP?

n_vyas1 — Sat, 31 Mar 2018 06:24:03 GMT

Hello Kevin,

You're absolutely right. Last week, I've got failed in CISSP because I have to managerial cadre kind of experience with CISO,CIO,COO tag line.

My Bad to select CISSP first.... 😞

Once failed, I've gone thru. SSCP course & observed that CISSP & SSCP has almost 80% same content & SSCP is more about technical, on which I'm working.

So, without wasting more time & to read entire SSCP book thoroughly, I'm going to appear in SSCP within a month as I've memorized CISSP official book in my mind with all cleared technical concepts.

Even I'm confident that I can conduct CISSP batch without reading the book.... 🙂

Any suggestions & correction, feel free to respond.

-N. Vyas

Re: SSCP or CISSP?

LAJensen — Sun, 20 May 2018 19:28:07 GMT

Hi n_vyas1

Sorry to take so long to reply to you. The CISSP is a pretty tough exam these days. I highly recommend the SSCP as well as the CompTIA Security+. The SSCP provides you with a very good grounding in InfoSec, introduction to ISC(2) Domains, and a taste for what you will need to accomplish, or to become accomplished, within the InfoSec profession to tackle the CISSP once again. Please don't become discouraged! This profession isn't as easy as it was 10 years ago. The demands on the knowledge we must accumulate as well as the technologies and experience we have to learn to be successful as an InfoSec professional have increased exponentially over the past few years. As to whether or not one industry exam is better to achieve over or versus another? Whereas some certifications are definitely more prestigious than others (CISSP), any and all InfoSec exams you decide to accumulate on your resume will show, at the very least, that you are dedicated to the profession through continued education and certification.

LA Jensen

CISSP SSCP GSEC CVI

Security+ CE MCP MCTS

Re: SSCP or CISSP?

sophia_cart — Thu, 28 Jun 2018 03:13:46 GMT

The CISSP certification is designed for Chief Information Security Officers, Security Managers, Consultants and Analysts, as well as, Directors of Security. In short: information security professionals working in senior managerial security roles.

The SSCP is aimed at those who want to build and prove their essential cyber security skills and are currently in a hands-on information security role. The SSCP is a great certification for Network Security Engineers, Security Administrators and Systems Engineers.

Re: SSCP or CISSP?

n_vyas1 — Mon, 02 Jul 2018 11:48:26 GMT

Hello,

Finally, I've cleared SSCP Certification & going for endorsement process. Now, I'm quiet confident that there'll be very less learning curve to clear CISSP as SSCP covers almost 70%+ of CISSP if I compare the course contents.

My opinion is, SSCP is more about technical if you compare same topic in SSCP & CISSP Book, you'll come to know that SSCP describes it in a broad matter. I'm not arguing that CISSP gives you less knowledge but I honest opinion for ongoing candidates is, prepare yourself for SSCP first & then CISSP if you have a pure technical background.

Now, CCSP & CISSP is my next targets.

Enjoy,

N.Vyas

Re: SSCP or CISSP?

n_vyas1 — Mon, 02 Jul 2018 11:53:48 GMT

Hello,

I've also cleared SSCP yesterday & I completely agree with you to stick with SSCP, CompTIA Sec+ as both certifications will prove individual's technical competency.

Now, my target is CISSP & CCSP.

Re: SSCP or CISSP?

n_vyas1 — Mon, 02 Jul 2018 12:15:21 GMT

Hello,

Cleared SSCP yesterday. Now, CCSP & CISSP are the next.