I am studying for the SSCP and don't see a lot on it. I have a book by CRC Press Official (ISC) Guide to the SSCP CBK. I want to take and also take the CISSP later but am in the thick of working in the systems and want to incorporate strong security practices. What are some recommendations? I also wonder what have other s used to train for and pass the SSCP. Has anyone found any good free resources to help get ready for the certification? Please share the wealth and your success.
Never let the Fear of striking out stop you from playing!!! - Babe Ruth
Every Strike out brings me closer to the next Home Run!!! - Babe Ruth
I recommend the book titled "SSCP Systems Security Certified Practitioner All-in-One Exam Guide" by Darril Gibson, and as an additional read the book "SSCP (ISC)2 Systems Security Certified Practitioner Official Study Guide" by George Murphy.
I know of a couple of people at my company with an SSCP, and have pondered obtaining it myself. However, there is a vastly larger number of people, including myself, that have opted for CompTIA's Security+ certification. These two are similar certs from what I hear, and the latter being far more popular. If federal work is in scope for you, then both have been approved for the DoD 8570 information assurance baseline certifications.
You deffo need both of the above books to pass SSCP and even then it was still a hard exam to pass.
I have Sec+ and would say theres on 40-45% crossover. Would say the SSCP requires more knowledge but Sec+ is broader.
I told my Employer that I was looking into it. They replied don't worry about we will just take your CISSP, besides its extra cost involved, and more CPE's to obtain, and there is no opportunity to move forward in the field. Its a new testing sequence and material is very hard to obtain.
I have taught the CISSP and the CASP. I have the SSCP, CISSP, Sec+, and CASP certifications.
Again, the CISSP is a mile wide, and an inch deep. It is a very comprehensive test geared towards MANAGEMENT.
The SSCP is more "hands-on", and more technical. However, it is often overshadowed by CompTIA's Sec+ course, which was the go-to cert for the Dept. of Defense in meeting 8570. The SSCP is now recognized as well, but it's still slow on the uptake. Why? Because not a lot of instructors have their SSCP.
I have the SSCP, but there is NOT a lot of presentation material out there for it.
I always recommend people take the SSCP to a. get a feel for ISC2 testing, b. get their feet wet, c. knock off a year of the 5 years normally required for the CISSP. Also, it's 1/2 cost of the CISSP, and only 4 hrs vs 6.
Yes I work for the DoD and had to get my Security+. Looking at the book myself it looks like the SSCP is more in depth than the Security+. Please let me know what anyone else thinks that have both or on or the other. Thank you!!!!
That is strage as my understanding is the 2 have some of the same but ar different also as the CISSP is more of a management and the SSCP is more of an Admin hands on. Please correct me if I am wrong. I like to do more than monitor. so the admin SSCP would be more to my liking. but the CISSP is for management and monitoring. I want to go into managing CISSP and I look to obtain it but I want to know both as when people work for me. I can be at their level and explain why I am asking for the info and what I need them to do and can step in if we have an incident that needs more hands on deck and be able to help support them and our client.
Please share your thoughts