cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
lechehebsamia
Viewer II

URGENT! Need help !

I failed the free exam of certif cc ISC2.

So, i would to retake it .

Can I apply for another free voucher or retake with same old promocode?

 

Please i help me , i don't understand what i will do ?

25 Replies
Early_Adopter
Community Champion

@dcontesti agreed, I mean we'd take on folk with zero experience as interns, however those mostly come through programs with university and other institutions. I've only seen one privately arranged in the last five years.

 

Firewall jockey, IPS wrangler, ID management inputter, Endpoint security agent herder, Professional Proxy Bypasser - all these are good places to start off - but to really grok, unless you are a really, really exceptional candidate (careful prodigy's, humans are nearly completely fungible in nearly all scenarios that hire people) you must have the adjacent experience, and with that comes the security experience needed...

 

It's not that CC is bad to have, it could be an interesting interview story to compare and contrast it's just that there are more effective things to do when starting out, and unless you're on skid row, you're going Security+ first.

 

To fix CC for the now I think these three make sense:

 

  • It should be a certificate rather than a certification - SSCP is just better and also entry level.
  • So it doesn't look like ISC2 is running an expensive subscription service, scrap AMF/CPE for it - if you take over a year then you still need to pay the fifty bucks(one million free exams assuming a 100% conversion rate is 50 million dollars - PUPY).
  • Do a lot of work to market it properly - that should be at Security/IT/HR people to create demand rather than candidates, once it has acceptance and vacancies clamoring for it then go to candidates.

 

 

JoePete
Advocate I


@Early_Adopter wrote:

 

... in nearly all scenarios that hire people) you must have the adjacent experience ...

I like that "adjacent experience" phrase. The analogy I sometimes use is that there is no such thing as an entry level judge. You have to start as a lawyer, learn the system, find you have an aptitude for judicial work, and then get noticed/be appointed.

 

While there are junior level jobs in security, they all have certain requisite skills. Do you know directories, networking, system administration etc.? While these tasks may not have "security" in their title, they most certainly are (or should be) security related. You're following procedures intended to perform those tasks securely, and what happens when you transition to a security role is you move from the person following those procedures to the one confirming them or writing them.

 

In that regard, I am not sure the CC is a gateway to the industry. I think what it is really about is that it was designed to be a gateway to the (ISC)2, a way of growing the membership. Admittedly marketing "cybersecurity" has become a highly competitive industry. Everyone is offering some sort of cert or training these days.

brainybits
Newcomer I

brainybits_0-1689816153044.png

 

Sorry but you only get one free try. 

 

If you took the Post-Course Assessment, it should have given you a very clear idea of how you would do on the actual test. After all these courses are designed by the very same folks that designed the test. 

 

denbesten
Community Champion


@brainybits wrote:

After all these courses are designed by the very same folks that designed the test. 


This is not true. The education department has no involvement with exam development, nor do they have access to exam questions. (ISC)² staff do not even write the exam questions. See this post and this post and this blog.  

 

 

JoePete
Advocate I


@denbesten wrote:

The education department has no involvement with exam development, nor do they have access to exam questions. (ISC)² staff do not even write the exam questions. See this post and this post and this blog.  


This is one of the challenges I have. It would be nice to have more detail about what's on the exam or input into its nature. It should have been a no-brainer: Likely, the people a CC would be applying to for a job are CISSPs or otherwise (ISC)2 members. There was this great (missed) opportunity to educate security hiring managers about this cert.

Early_Adopter
Community Champion

I don't think any of that separation can/will change, and that's a good thing.

 

I think the main problem with CC isn't so much around content/questions just that the industry really hasn't been primed with any demand for it before offering it out to candidates as a perceived freebie, it's more like a succulent fifty-dollar meal that you pay for at the end. Well at least you don't need to tip!

brainybits
Newcomer I

Well while that may be true that’s not very reassuring to know the prep materials provided by isc2 are not enough to ensure exam passag as the second poster referenced in your comment suggests. 😕

I speak of course with a tone of sarcasm because I would have never guessed that. I took the CISSP 14 years immediately taken after boot camp administered onsite at my company (Symantec, a leading cybersecurity company at the time) and and many of the questions were virtually straight out of the ISC2 CBK book we had all gone through.

But I’ll take your word for it. It’s quite interesting to see elements of separation of duties between authors and administrators. Because everything I assume falls under the ISC2 umbrella, cbk and exam, that it is unavoidable (and expected) that exam material, no matter if it is not directly based on the CBK, uses information directly referenced in the CBK. Like I said it was quite evident having taken the CISSP years ago and more recently taking the CC exam had questions that were eerily similar to questions from the post-course assessment test, which was basis of my assumptions.  But am genuinely glad to see this separation for the reasons explained. 

Early_Adopter
Community Champion

@brainybits 

 

I think you can be confident that the materials/references are consistent, as well as that the exam questions are constructed in the same way as the test questions are constructed, even to the point of looking similar but they won't be the same ones.

 

However, to pass you're going to need to comprehend and interpret information in the exam scenarios and questions and try to work out what the most good/least bad option is so it's not enough to just memorize the CBK and exam references, you need to be in the habit of applying reason to them.

 

Of course if you certify as CISSP you might go behind the curtain as an exam writer on a voluntary basis, but then you'd be NDA's up so in that sense it's a bit like crossing a black hole's event horizon in that you couldn't tell anyone left of the other side...

tldutton
ISC2 Team

Spot on! 

 

As the person responsible for the Exam Content Development Team, I can assure everyone on this board that there is a "wall" between my team and the education/publication teams. 

 

My team facilitates workshops where members, not us, create/update exam content (questions) as well as create updated exam outlines every three years. 

 

I like to say our exams are by peers for peers. 

 

Additionally, my entire team are members; we all had to have at least the CISSP to even apply for one of our positions and we have to maintain our certs through CPEs just like every other member does.

tldutton
ISC2 Team

Over the past few years, we have moved away from allowing our volunteer SMEs to use any of the CBKs as references when creating new content.  We're trying to stay away from a self-feeding loop between exam content development and publication.