[Cisspstudy] CSSLP Certification - Opening of Exam And ClassRegistration

Clement Dupuis clement.dupuis at cccure.com
Fri Apr 24 14:43:54 EDT 2009 

Great question,

I will answer with the consultant approach:  It depends

The GIAC certs are great but they are VERY technical for most of them and
focused on one specific area such as Firewall, IDS, incident handling,
audit, etc.... etc...

If you are a technical person doing a specific job those might be best.
However,  if your company expect you to be the one man gang, any of those
certification would not be enough.  You would need to have a collection of
them and have very wide knowledge.

As far as the SSCP, it is not very well supported by ISC2.  They do not
publicize it much.  I know very few people who have obtained the SSCP.  If
you are going to do all that studying for the SSCP, you may as well study a
bit more and do the CISSP directly as an associate if you do not have enough
years of experience.  I would skip the SSCP altogether and save time and
money.

Take care

Clement



On Fri, Apr 24, 2009 at 14:23, amar singh <amar_ncet at yahoo.co.in> wrote:

> I guess its better to have SSCP or GIAC like than sec+
>
> ------------------------------
> *From:* aditya malhotra <adityamalhotra85 at gmail.com>
> *To:* The CISSP Study Mailing list <cisspstudy at cccure.org>
> *Sent:* Friday, 24 April, 2009 10:25:39 AM
>
> *Subject:* Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
> ClassRegistration
>
> Hi All,
>
> Just a quick question. Do you feel today Security + is even asked by any
> company? I guess its just CISSP which is widely required by corporations.
>
>
> On Fri, Apr 24, 2009 at 7:13 AM, Lonzell Scaife <lscaife1 at verizon.net>wrote:
>
>> Thanks guys for the feedback.
>>
>> -----Original Message-----
>> From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org
>> ]
>> On Behalf Of Chris Papas
>> Sent: Thursday, April 23, 2009 3:54 PM
>> To: The CISSP Study Mailing list
>> Subject: Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
>> ClassRegistration
>>
>>
>> I took both and felt like I wasted my money on the Sec+ as it was so much
>> easier than the CISSP that I would call it CISSP very light.  If you are
>> ready for the CISSP then go for it.  If you need a stepping stone to get
>> to
>> the CISSP then take the Sec+ to get your feet wet.
>>
>>
>> ---------- Original Message ----------------------------------
>> From: Clement Dupuis <clement.dupuis at cccure.com>
>> Reply-To: The CISSP Study Mailing list <cisspstudy at cccure.org>
>> Date:  Thu, 23 Apr 2009 11:50:48 -0400
>>
>> >The Security Plus exam is a subset of the CISSP, it is not as large but
>> has
>> >a bit more of a technical flavor.
>> >
>> >If you are ready for the CISSP, you should be ready for the Sec+ as well.
>> >
>> >Take care
>> >
>> >Clement
>> >
>> >
>> >Clément Dupuis, CD
>> >CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS,
>> MBHS,
>> > ACE
>>
>> >---------------------------------------------------------------------------
>> -------------------
>> >In real life:
>> >Senior Security Specialist and Instructor
>> >Security University
>> >>>  Call me to get the best CISSP training  <<
>>
>> >---------------------------------------------------------------------------
>> -------------------
>> >In Cyberspace:
>> >President/Security Evangelist/Chief Learning Officer (CLO)
>> >The CCCure Family of Portals
>>
>> >---------------------------------------------------------------------------
>> -------------------
>> >Business:  407 479 3903
>> >Fax:          407 264 8396
>> >
>> >Maintainer of :
>> >The CISSP and SSCP Open Study Guides Web Site
>> >http://www.cccure.org
>> >
>> >The Professional Security Testers Warehouse
>> >http://www.professionalsecuritytesters.org
>> >
>> >Knowledge sharing and giving back to the community
>> >
>> >
>> >On Thu, Apr 23, 2009 at 11:35, Lonzell <lscaife1 at verizon.net> wrote:
>> >
>> >>  I’ve been studying for the CISSP exam for about 4 months now but have
>> >> been told to go ahead and take the Security+ exam due to the fact the
>> >> material I’ve been using for the CISSP will have me prepared for the
>> >> Security+ exam also. What do you think?
>> >>
>> >>
>> >>
>> >> *From:* cisspstudy-bounces at cccure.org [mailto:
>> >> cisspstudy-bounces at cccure.org] *On Behalf Of *Prakash
>> >> *Sent:* Thursday, April 23, 2009 8:43 AM
>> >> *To:* cisspstudy at cccure.org
>> >> *Subject:* [Cisspstudy] CSSLP Certification - Opening of Exam And Class
>> >> Registration
>> >>
>> >>
>> >>
>> >> The CSSLP aims to stem the proliferation of security vulnerabilities
>> >> resulting from insufficient development processes by establishing best
>> >> practices and validating an individual’s competency in addressing
>> security
>> >> issues throughout the software lifecycle (SLC). Code-language neutral,
>> it
>> >> will be applicable to those involved in the SLC, including analysts,
>> >> developers, software engineers, software architects, project managers,
>> >> software quality assurance testers and programmers.
>> >>
>> >> To be eligible for the certification, CSSLP candidates must demonstrate
>> >> four years of professional experience in the SLC process or three years
>> of
>> >> experience and a bachelor’s degree (or regional equivalent) in an IT
>> >> discipline.
>> >>
>> >> It covers seven domains:
>> >>
>> >>     * Secure Software Concepts - security implications in software
>> >> development
>> >>     * Secure Software Requirements - capturing security requirements in
>> the
>> >> requirements gathering phase
>> >>     * Secure Software Design - translating security requirements into
>> >> application design elements
>> >>     * Secure Software Implementation/Coding - unit testing for security
>> >> functionality and resiliency to attack, and developing secure code and
>> >> exploit mitigation
>> >>     * Secure Software Testing - integrated QA testing for security
>> >> functionality and resiliency to attack
>> >>     * Software Acceptance - security implication in the software
>> acceptance
>> >> phase
>> >>     * Software Deployment, Operations, Maintenance and Disposal -
>> security
>> >> issues around steady state operations and management of software
>> >>
>> >> The first open exams will be offered beginning June 30, 2009
>> >>
>> >> For more information on the CSSLP, You can visit *www.isc2.org/csslp*
>> >>
>> >>
>> >>
>> >> _______________________________________________
>> >> cisspstudy mailing list
>> >> cisspstudy at cccure.org
>> >> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>> >>
>> >>
>> >
>> >
>> >
>> >
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>>
>>
>> _______________________________________________
>> cisspstudy mailing list
>> cisspstudy at cccure.org
>> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>>
>
>
>
> --
> Thanks,
> Aditya Malhotra
> MS in Information Security Policy & Management
> Carnegie Mellon University
> Ph: (415)-608-3375
>
> ------------------------------
> Now surf faster and smarter ! Check out the new Firefox 3 - Yahoo! Edition
> * Click here!<http://in.rd.yahoo.com/tagline_firefox_1/*http://downloads.yahoo.com/in/firefox/>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090424/134f0599/attachment-0001.html>

More information about the cisspstudy mailing list