CISSP vs SSCP 2

[cslk]

Hi,
I'm looking to obtain security certification and have narrowed it down to CISSP or SSCP, but can't decide between the two. Which certification is better CISSP or SSCP?

I am CISA, have over 7 years IT experience and a BSc in Computer and Electronic.

Any insight would be great.
Thanks!

 

[lgarner]

From my understanding, SSCP is more of a hands-on certification in implementing security systems and policies, while CISSP targets those at a senior level who the policies. CISSP also involves a bit of disaster recovery planning and facilities security.

Which is better depends on your position and goals. I do not know if the SSCP applies in any way toward the CISSP.

 

[abcissp]

If a person has 3 years(2 yr in Network Security Firm ) of IT experience and holds a masters and bachelors degree in computer science, which is the best stepping stone SSCP or CISSP for getting global recognition in the field of Network Security?

 

[schofs]

Always go for the Cissp if you can because SSCP is just the stepping stone to a CISSP.

2years in network security and a degree will just be enough for a cissp but security must be 100% of your time


regards
simon CISSP

 

[iownroot]

My understanding is that the A degree and 3 years is the requirement minimum requirement. Here's the text from ISC2

Have a minimum of four years of direct full-time security professional work experience in one or more of the ten domains of the (ISC)² CISSP® CBK® or three years of direct full-time security professional work experience in one or more of the ten domains of the CISSP® CBK® with a college degree. Additionally, a Master's Degree in Information Security from a National Center of Excellence can substitute for one year toward the four-year requirement.

Valid professional experience includes information systems security-related work performed as a practitioner, auditor, consultant, vendor, investigator or instructor, or that which requires IS security knowledge and involves direct application of that knowledge.

 

[iownroot]

There's really no way around getting the experience. The best way to do this, is obtain a job that will give you the requirements. Trying to do any type of shortcut is flirting with disaster.

CISSP, MCT, MCSE2K/2K3, MCSA, CEH, Security+, Network+, CTT+, A+

 

[schofs]

All please remember that the CISSP experience is cumulative so if you have an IT Job for 8 years and 50% of your time is in one of the CISSP domains, which are far reaching this would count as 4 years:
For ease the domains are as follows:

Security Management Practices.

Access Control Systems and Methodology.

Telecommunications and Network Security.

Cryptography.

Security Architecture and Models.

Operations Security.

Applications and Systems Development.

Business Continuity Planning Disaster Recovery Planning.

Law, Investigation, and Ethics.

Physical Security.


As far as I am aware Management of Security Professionals, Project lifecycles and System development all count.

If you can Justify the experience and you have a degree then all is well.
The key to the matter is passing the exam and getting a CISSP to testify tour experience instead of your line manager.

My advise work towards your experience with all the domains by working out days a year you actually work on the domains. Get A CISSP to check then take the exam


Regards

Schofs

CISSP, CiISMP, MCP, CCNA