+ Reply to Thread
Page 1 of 2 1 2 Last
Results 1 to 25 of 32
  1. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #1

    Default How hard is the CISSP compared to the Security+?

    How hard is the CISSP compared to the Security+?

    TIA
    Reply With Quote Quote  


  2. Login/register to remove this advertisement.
  3. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #2
    I'm not sure what kind of scale I can use to express the difference. Maybe a comparison of an 8th-grade education to a Masters degree.

    The CISSP has a much greater degree of difficulty because it requires having a practical understanding of InfoSec concepts and not just the rote memorization of facts. There are also more concepts covered by the CISSP CBK than in the objectives of the Security+ cert. And the pencil-and-paper CISSP exam is a very long and grueling process, while the Security+ exam is pretty much like any other computer-based cert exam that you've taken.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #3
    Quote Originally Posted by JDMurray View Post
    I'm not sure what kind of scale I can use to express the difference. Maybe a comparison of an 8th-grade education to a Masters degree.

    The CISSP has a much greater degree of difficulty because it requires having a practical understanding of InfoSec concepts and not just the rote memorization of facts. There are also more concepts covered by the CISSP CBK than in the objectives of the Security+ cert. And the pencil-and-paper CISSP exam is a very long and grueling process, while the Security+ exam is pretty much like any other computer-based cert exam that you've taken.
    Sounds like at least 3-4 times harder than.

    Pencil and paper exam?

    Is the test all multiple choice? Are are there other formats of questions too?

    TIA
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #4
    Yes, its all multiple choice.

    Does anyone know what percent of people pass the CISSP?
    Reply With Quote Quote  

  6. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #5
    Quote Originally Posted by abefroman View Post
    Does anyone know what percent of people pass the CISSP?
    Many of the testing statistics of the (ISC)2 exams are not officially published, but I have heard speculation that the pass rate may be as high as 66-70%.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #6
    Quote Originally Posted by JDMurray View Post
    Many of the testing statistics of the (ISC)2 exams are not officially published, but I have heard speculation that the pass rate may be as high as 66-70%.
    That doesn't sound too too bad.

    I tried some of the practice questions from the Shon Harris book a lot of them seem rather easy, should I prepare for a lot harder questions on the actual test?
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Aug 2009
    Location
    Fort Gordon, GA
    Posts
    219

    Certifications
    A+, Net+, Sec +, CCNA, CCNA:S, CISSP, MCP
    #7
    Quote Originally Posted by abefroman View Post
    That doesn't sound too too bad.

    I tried some of the practice questions from the Shon Harris book a lot of them seem rather easy, should I prepare for a lot harder questions on the actual test?
    As with any Certification exam, I would use more than one source. I use at least 3 or 4 different sources when I study for an exam, and the CISSP is no different.

    I have not found a certification study book yet that has the entire exam covered. So it's your best bet to find other sources...
    Reply With Quote Quote  

  9. Network Security tpatt100's Avatar
    Join Date
    Aug 2009
    Location
    Ypsilanti, MI
    Posts
    2,495

    Certifications
    CISSP, GIAC G2700, CEH, CHFI, Security+, CCENT, N+, A+
    #8
    The only thing I found hard about the CISSP was staying focused for so many questions.
    Reply With Quote Quote  

  10. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Location
    Melbourne, Australia
    Posts
    1,910

    Certifications
    B.Sc, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #9
    Quote Originally Posted by tpatt100 View Post
    The only thing I found hard about the CISSP was staying focused for so many questions.
    Can you share with us your experience and background ? It'll be helpful because I want to take CISSP but I lack direct InfoSec experience, I'm wondering if it'll make my studying time very difficult.
    ‎"After the earth dies, some 5 billion years from now, after it’s burned to a crisp, or even swallowed by the Sun, there will be other worlds and stars and galaxies coming into being — and they will know nothing of a place once called Earth." - Carl Sagan.
    Reply With Quote Quote  

  11. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #10
    Quote Originally Posted by UnixGuy View Post
    ... I want to take CISSP but I lack direct InfoSec experience, I'm wondering if it'll make my studying time very difficult.
    Every InfoSec professional has problems studying for the CISSP exam because no InfoSec professional has significant experiences in all ten domains covered by the CISSP CBK. Therefore, having no InfoSec experience at all makes understanding the entire CISSP CBK all the more difficult.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  12. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Location
    Melbourne, Australia
    Posts
    1,910

    Certifications
    B.Sc, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #11
    Quote Originally Posted by JDMurray View Post
    Every InfoSec professional has problems studying for the CISSP exam because no InfoSec professional has significant experiences in all ten domains covered by the CISSP CBK. Therefore, having no InfoSec experience at all makes understanding the entire CISSP CBK all the more difficult.
    interesting...I hope by next year I can start with this cert
    ‎"After the earth dies, some 5 billion years from now, after it’s burned to a crisp, or even swallowed by the Sun, there will be other worlds and stars and galaxies coming into being — and they will know nothing of a place once called Earth." - Carl Sagan.
    Reply With Quote Quote  

  13. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,455

    Certifications
    GCIH, CCNA, MCTS
    #12
    @JDMurray: I thought you had to have InfoSec experience to be able to take the exam?
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Sep 2009
    Posts
    103
    #13
    No, you can take it whenever you want. You'll just be an associate until you meet the eligibility requirements (if you pass, of course).
    Reply With Quote Quote  

  15. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #14
    Quote Originally Posted by veritas_libertas View Post
    @JDMurray: I thought you had to have InfoSec experience to be able to take the exam?
    Anyone can take the CISSP (or SSCP) exam anytime and as many times as they want. To become fully CISSP-certified you must both pass the exam and have verifiable InfoSec work experience (and have an endorser...and pass the audit...and pay the money...).
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  16. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,455

    Certifications
    GCIH, CCNA, MCTS
    #15
    So I could take the exam and then later down the line just send in paperwork showing I meet all the requirements?
    Reply With Quote Quote  

  17. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #16
    Quote Originally Posted by veritas_libertas View Post
    So I could take the exam and then later down the line just send in paperwork showing I meet all the requirements?
    Yes. When you pass the CISSP exam, you become an "Associate of the (ISC)2 for CISSP." As an (ISC)2 Associate, you are not a fully-certified CISSP (or SSCP) and may not market yourself as such until you meet all of the qualifications.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  18. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #17
    Quote Originally Posted by JDMurray View Post
    Anyone can take the CISSP (or SSCP) exam anytime and as many times as they want. To become fully CISSP-certified you must both pass the exam and have verifiable InfoSec work experience (and have an endorser...and pass the audit...and pay the money...).
    If my work is not strictly security do I qualify?

    I am responsible for securing about 100 linux servers, as well as setting the companies security policy and procedures, but I do tech support, sys admin stuff and some other things too. (I have been doing this for 8 years) Will I qualify?

    Whats the best way to get endorsed if I don't know another CISSP or SSCP?

    TIA
    Reply With Quote Quote  

  19. Senior Member
    Join Date
    Sep 2009
    Posts
    103
    #18
    They specifically state you need full-time experience in two of the ten domains.

    Some members here might be willing to endorse you, or you can apply directly to (ISC)2 if you can't find anyone.
    Reply With Quote Quote  

  20. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #19
    Quote Originally Posted by abefroman View Post
    If my work is not strictly security do I qualify?

    I am responsible for securing about 100 linux servers, as well as setting the companies security policy and procedures, but I do tech support, sys admin stuff and some other things too. (I have been doing this for 8 years) Will I qualify?
    The CISSP certification is meant for people working directly in the Information Security profession. However, many sysadmins, netadmins, and software engineers/architects also have the CISSP cert because InfoSec is an inseparable part of their work. CISSP CBK domains like access control, telecommunications, and application security are usually the experience claimed by these types of professionals.

    Quote Originally Posted by abefroman View Post
    Whats the best way to get endorsed if I don't know another CISSP or SSCP?
    Ask around to check if anyone familiar with your work history has a cert from the (ISC)2 and is in good standing (i.e., current on their CPEs and AMF). If not, after passing the CISSP exam, you can apply to be endorsed (and audited) by someone at the (ISC)2 itself.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  21. Senior Member
    Join Date
    Jul 2009
    Posts
    2,056

    Certifications
    Beer+
    #20
    If its all multiple choice then what is this "pencil and paper" bs?
    Reply With Quote Quote  

  22. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #21
    Quote Originally Posted by Hyper-Me View Post
    If its all multiple choice then what is this "pencil and paper" bs?
    I think he means like a scantron test, rather than on a computer.
    Reply With Quote Quote  

  23. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #22
    Quote Originally Posted by kimanyd View Post
    They specifically state you need full-time experience in two of the ten domains.

    Some members here might be willing to endorse you, or you can apply directly to (ISC)2 if you can't find anyone.
    By full time, if they mean 40 hours per week on security stuff, I have that covered I work a good 80-100 hours a week, if I'm lucky.

    I should qualify then, correct?

    TIA
    Reply With Quote Quote  

  24. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,175
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #23
    Quote Originally Posted by Hyper-Me View Post
    If its all multiple choice then what is this "pencil and paper" bs?
    You've never taken a multiple choice using only pencil and paper? Then you're in for a treat!

    Quote Originally Posted by abefroman View Post
    I think he means like a scantron test, rather than on a computer.
    Yes, and a paper exam booklet too.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  25. Audentis Fortuna Iuvat veritas_libertas's Avatar
    Join Date
    Feb 2009
    Posts
    5,455

    Certifications
    GCIH, CCNA, MCTS
    #24
    This is very interesting. Associate of the (ISC)2 for CISSP could probably help with getting a job in security I would think. What do you guys think (in particular Dynamik and JDMurray)? I actually may seriously consider doing this after I knock off my B.A.
    Reply With Quote Quote  

  26. Senior Member
    Join Date
    Oct 2006
    Posts
    288
    #25
    Quote Originally Posted by JDMurray View Post
    You've never taken a multiple choice using only pencil and paper? Then you're in for a treat!


    Yes, and a paper exam booklet too.
    A large paper exam booklet from what I've hear
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 2 1 2 Last

Social Networking & Bookmarks