@rslade 

>You got at least one parent who is a CISSP?

>That could come in very handy. You

>planning on doing work study or volunteer work while you do your baccalaueate?

Well, no. My mom is about to give CISSP and my dad doesn't want to because he was gifted certs like CISO because of his experience and says he doesn't need a certification to prove himself when he has all his experience. My parents' coworkers are all CISSPs.

I probably won't have time for anything because I'm going to be doing 17-19 credits per semester.

---

@denbesten wrote:

---

@om wrote
I have all the required credits for graduation. 

Congratulations and good work!  Two other things I might suggest.  First, consider leaving time for an internship.  They can be great for bridging the gap between "too much book knowledge" and "not enough real-world experience".  Plus, it can potentially accrue towards the experience requirement.

 

Second, leave some time to have a life.  College is also about building friendships, learning to maturely interact with others with whom you disagree, exploring subjects beyond just that which you think you want today, and to a degree kicking back and learning how to live a balanced life.

 

AlecTrevelyan  properly addressed your other questions.  Do keep in mind that there is a 6 year limit for gaining the required 4 additional years of experience (beyond the one you already have for passing Security+), so don't waste your time "trying" too early.

---

I don't think I'm eligible for internships. I'm on a dependent visa that doesn't allow me to work 😞 (I would be working as a Network Administrator right now if my visa allowed it). I don't know if student internships are an exception.

But I have the rest of my life to relax. If I work hard till 30 it'll make my life much easier down the road, right?

You're right that I'm trying too early. But I'm also doing a PhD program with a concentration in digital forensics (after the accelerated masters; there's some overlap in courses from my bachelors, masters, and PhD so my PhD will only take 1.5-2 years). My dad said that by the time I finish my PhD I will have the work experience for a CISSP but it won't matter because a PhD completely shadows a CISSP.

Can you confirm this analogy?:

CISSP is to Security+ as PhD is to CISSP

---

@amandavanceISC2 wrote:

@om Congratulations on the steps you are taking to start your career! 

 

To answer your original question, no, you may not list CISSP anywhere on your LinkedIn profile, any social media, email signatures, or anything else in writing. If you take and pass the exam and do not have the experience requirements, we do have the Associate of (ISC)2 status. I have provided the link to that page. What this does is provides the candidate with 6 years to obtain the 5 years of work experience in at least 2 of the 8 CISSP domains. Although you have 6 years, you do have to maintain the status by paying an annual maintenance fee of $50.00 and submit CPEs by the expiration date each year. As long as you maintain your status each year, you will renew for the full 6 years. 

 

If you do not meet requirements, the status will be suspended and later terminated. To get back in good standing, you would have to retake the exam (full price). If you hold the status for the full 6 years and do not submit the endorsement application in that time frame, and the status terminates, you will also have to retake the exam at that time. The goal is to submit the endorsement application (confirms work experience) by year 6. If you don't think you'll be able to get the 5 year work requirement by the end of 6 years, I would suggest waiting on taking the exam.

 

Once you pass the exam and become an Associate of (ISC)2, the only thing you can list on anything is "Associate of (ISC)2". By listing the CISSP, this makes it look like you hold the CISSP certification and violates policy. By being an Associate, you will also be provided an Acclaim badge that you can list on your LinkedIn profile. 

 

In regards to waiving experience, candidates can only waive a maximum of one (1) year either by holding a bachelors degree or higher, or an approved certificate. This means that if one year is waived, you will need to have at least 4 years in 2 of the 8 domains to meet the work experience requirements.

 

Best Regards,

Amanda Vance

---

What is a CPE? I think I'll go with the exam and renew the associate every year.

---

@om wrote:

What is a CPE? I think I'll go with the exam and renew the associate every year.

---

Continuing Professional Education.  See https://www.isc2.org/-/media/ISC2/Certifications/CPE/CPE---Handbook-Digital-V2.ashx

> om (Viewer) posted a new reply in Member Support on 05-14-2019 01:03 PM

> Why specifically is it a bad idea?

Mostly socially. I mean, it won't kill you. My career has been bizarre ever since *I* took "early entrance," but it probably would have been messed up anyway--I'm weird.

But, I never knew which alumni class reunion to attend, so I didn't bother with any of them. When people talk about grad year, I can't: I just don't know what went on. (All my other social stuff outside of school hit a bump as well: all my friends were still in school doing grad year stuff, and I was actually working at university. It made for a bit of a disconnect.)

> In my mind I don't want to sit around doing
> normal classes.

So do abnormal ones. Those are the only ones worth taking anyway. (Do they have Latin? I always wish I'd taken Latin ...)

> I've exhausted all possible cyber security classes at my high
> school so the only thing left is to sit in English class all day.

Yuck. OK, if the only option is extra English, then go to uni. I *always* hated English classes. Nothing but centuries old in-jokes ... (Weird that I ended up writing books ...)

>   No, I have
> not read that book. I am ordering right now though. Gotta learn everything.

That's the spirit ...

======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

@om A CPE is "Continuing Professional Education" or "Continuing Education Credits". You will need to obtain a certain number of credits each year (activities that are domain related), to maintain the status.

Best Regards,

Amanda Vance

>But, I never knew which alumni class reunion to attend, so I didn't bother with any of them. When people talk about grad year, I can't: I just don't know what went on. (All my other social stuff outside of school hit a bump as well: all my friends were still in school doing grad year stuff, and I was actually working at university. It made for a bit of a disconnect.)

that's basically me in high school right now. I'm getting put in the class of 2019 so when I look back in year books I won't be with any of my friends. I don't even wanna know what HS reunion is going to be like. Are they gonna even email me for class of 2020? or 2019? Both?

>So do abnormal ones. Those are the only ones worth taking anyway. (Do they have Latin? I always wish I'd taken Latin ...)

Anything outside of IT, math, and physics is a big no from me. It's excruciatingly painful.

I haven't actually ordered the book yet because I saw that it was published in 2001. Are there other books similar to that but more recent?