If you have CompTia Security+ Certificate and had worked with it for 6 years, do you stand the chance to get the CISSP Certificate? And then again is it necessary to have CompTia Security+ Certificate before embarking on your CISSP CERTIFICATION journey?
I'd like to know the answer to this one. It seems pretty hard to get the required experience to qualify for CISSP enrollment, if you haven't got a CISSP!
I did not have any other security related certificates but 10+ years IT related jobs before attempting the CISSP.
I spent some hours during the summer (few calendar months) reading the CISSP study book, attended a bootcamp, made my practice tests and passed the actual with no problems.
So I guess just do your studies and when practice tests show you know >80%, I think you are good to go...
Quick response 🙂 thanks for the advice, very useful mate!
It's certainly not necessary to have the CompTIA (or any other) qualification prior to starting on CISSP.
Many people come to broad ranging security roles from either technical security (i.e. firewall or network admin) or from general IT. Others come in from more general employment in high-security environments (e.g. military and some government) or from specialist roles such as risk, audit or forensics, where they gain a degree of security experience.
Others come straight from college?
Personally, I was a systems engineer in a (very) high-security environment, and my last role project managing a secure communications system. I then transitioned in to security testing and then in to more general security work.
It is possible to take the test and pass with good preparation. However, if you are just getting into security it may be a good idea to do the Security+ or SSCP first. The requirements for the SSCP are must less stringent than the CISSP and once you pass it you can join ISC2. Either way Good Luck!!!
I don't have a degree in any security field.
Neither did I. I have a degree in electrical and electronic engineering. No security content whatsoever.
Taking the CISSP course straight without any knowledge in security, is it a good start?
For people without any academic background in computer security, I've always recommended Dieter Gollman's "Computer Security" book. It covers all the dull stuff (formal security models etc) that you are highly unlikely to have to think about after the exam. However, BoK revisions may have made this less important. Security Engineering (Ross Anderson) is also a solid background.