Hello everyone,,
I just finished grad school with a major in information assurance and cybersecurity and i'm confused whether to take the CAP or CISSP. There is very little information on cap and a lot of information on SSCP and CISSP. I have 5 year of experience working in an IT field. Also there is a clause about an expert endorsing your after you've taking the exams. Can someone please help me?
CAP is aligned very tightly to the RMF which is mandated for use in US federal agencies:
https://www.isc2.org/Certifications/CAP
CISSP is seen as the gold standard for Information Security professionals so has a much wider ranging appeal in terms of job roles for which it may be required / desired:
https://www.isc2.org/Certifications/CISSP
Choose which one fits with your aspirations if you only want to earn one - there's nothing stopping you from earning both!
The endorsement process requires that an existing ISC2 member vouches for your experience. If you don't know any ISC2 members then ISC2 themselves can act as your endorser:
https://www.isc2.org/Endorsement
If you are fairly new to the infosec world you might want to consider the SSCP, as you do mention it. Some of the guys who work with me are taking this route as they are just starting out on their careers. The SSCP gives them a great foundation and is an achievable certification for both job satisfaction and professional development while they are building up those required 5 years needed for CISSP certification.
To me all the certifications have their own value. As someone who has interviewed a lot of job applicants over the years, seeing you holding any certification tells me you are serious about investing time in your personal development but I always ask what your motivation was for a certification as well. Interview candidates who are successful articulate they did it to improve themselves and learn, those that did it to improve their job chances typically fail the interview.
wrote:Hello everyone,,
I just finished grad school with a major in information assurance and cybersecurity and i'm confused whether to take the CAP or CISSP. There is very little information on cap and a lot of information on SSCP and CISSP. I have 5 year of experience working in an IT field. Also there is a clause about an expert endorsing your after you've taking the exams. Can someone please help me?
https://besttoasterovenguides.com/best-large-toaster-oven/
CAP and CISSP certification revolve around different themes: CAP focuses on security audits and compliance, while CISSP is completely related to network security. Compared with the five years required by CISSP, CAP certification candidates only need two years of experience.
> sandra854 (Viewer) edited a reply in Exams on 01-25-2021 02:53 PM in the (ISC)²
> I just
> finished grad school with a major in information assurance and cybersecurity and
> i'm confused whether to take the CAP or CISSP.
If you are specifically pursuing an infosec job with the US federal government, then you might want to sit the CAP, but you probably want to sit the CISSP first in any case.