Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Roger
Newcomer III
‎10-29-2017 09:17 AM
‎10-29-2017 09:17 AM

Getting CISSP Certified

I'm now embarking on my CISSP CERTIFICATION journey and I've decided to go in for CompTia Security+ CERTIFICATION first in order to understand the basic concepts of security and work with it for more experience. Any recommendations please.

Labels
Reply
16 Replies
rjaldins
Viewer III
‎10-29-2017 10:17 AM
‎10-29-2017 10:17 AM

you better start soon , remember SY O41 will end on July 2018 , i recomended prepare for SY 051 , 🙂 good Luck !!!
Reply
Roger
Newcomer III
‎10-29-2017 10:21 AM
‎10-29-2017 10:21 AM

Exactly what I was thinking.........
Reply
0 Kudos
bwalker
Viewer II
‎10-30-2017 07:36 AM
‎10-30-2017 07:36 AM

Thanks for the reminder ITGuy.  I viewed Prof Messer Security+ information a view months ago and forgot about it.

Reply
lorcan
Viewer
‎10-30-2017 09:39 AM
‎10-30-2017 09:39 AM

The best instructor I've found so far, for both test topics and real world advice, is Mike Chapple on Lynda.com. Start with Insights from a Cybersecurity Professional, then move on to his Security+ Series and finally, his CISSP series. I have free access to Lynda through my employer, but if you don't and have the time and discipline, you can get the free 30 day trial and get through all the videos, saving your CISSP notes for when you're ready. 

 

Another thing you can do is introduce yourself to the information security department and your own employer and those of friends and family. I guarantee the majority of them will offer help, to borrow books, study notes, give you a mock interview (or a real interview once you're ready). 

 

I'd also recommend getting some general background info across all areas of IT. Pick up an introductory book on Python. It's a clean, simple language to learn and a lot of security tools are written in that language. Get Wireshark and capture packets on your own machine. Set up a VM environment for Kali Linux and Metasploitable (both free) and follow some labs. Make sure you read the instructions about how to set up the networking for the VMs so you don't accidentally use the Kali tools on the open network. 

 

The most important advice is to learn something every day. Even if you spend only 15 minutes, keep the incremental progress going. 

 

-Paul

Reply
0 Kudos
Kbarrack
Viewer
‎10-30-2017 10:49 AM
‎10-30-2017 10:49 AM

The primary difference Between the CISSP and Security+ Exams is scope. Security Plus is a yard wide and 200 yards deep. CISSP is 20 yards wide and 50 yards deep. Also, Security+ asks questions on topics that are outdated and there are usually a couple of questions, the answers to which, that cannot be found in any known literature. My advice is to get practice exams and go though then until you are confident in the material.
Reply
0 Kudos
John
Newcomer III
‎10-30-2017 11:10 AM
‎10-30-2017 11:10 AM

If you don't want a career in security, don't waste your time and money on a CISSP.  The CompTIA Security+ is more than you'll need.  Focus on project management and compliance.  Project management will give you skills you'll use throughout your career.  Compliance will make you an asset to your team on Day 1, especially with GDPR right around the corner.

 

The bigger question is:  what do you want to do with your career?  Are you new to the field?  If so, find a path you like and get better acquainted with it.  Networking?  Network+, CCNA, JNCIA are all great.  Development?  Forget certs.  Nobody uses them.  Make projects that show you can do testing and documentation.  Ops?  Grab a VMWare and Microsoft cert.  Even if it's security, the CISSP is what you get after a few years in the industry.  I actually would find it a terrible way to enter the market.

---
You only say it's impossible because nobody's done it and lived.
Reply
dbohlmann
Newcomer I
‎11-10-2017 08:05 AM
‎11-10-2017 08:05 AM

Though I've been a system engineer doing networks for a couple decades, I never had to time to get a cert.  CISSP was my first one.  I took a boot camp, studied hard during it (just do everything the instructor says), then waited a couple months to take the exam (usually not a good idea)... and still passed first time around.

But when they say it is a "mile wide and an inch deep", that's about the gist of it.  There are ten domains of knowledge, half of which relate to IT or software... meaning the rest of them do not pertain to "IT security", basically.  So certainly work on the COMPTIA cert, too (you will gain more in-depth knowledge), just be aware that you'd have about half of the CISSP domains covered.  If you have the budget, I'd go with a bootcamp for CISSP training.

Reply
0 Kudos