Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security CISSP-Discussion
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [CISSP-D] Anyone taken the SSCP exam?

from [Brian Smithson] Network Security [Permanent Link]
Subject: Re: [CISSP-D] Anyone taken the SSCP exam?
Date: Wed, 24 Nov 2004 13:25:40 -0500 


My statement about SSCP vs. CISSP was primarily based on work I did for
a local university's professional development center early in 2004. I
sampled job boards over a six week timeframe looking for mentions of
SSCP and CISSP in descriptions for jobs in the San Francisco Bay Area,
and found many for CISSP but very few for SSCP. I single sample this
morning, not limited to any particular locale, produced the following:

CISSP: 630 (Monster), 293 (HotJobs), 446 (Dice)
SSCP: 14 (Monster), 8 (HotJobs), 20 (Dice)

There is still a pretty wide gap. 

Still, Bill makes some good points (below) and I'm glad to hear that the
SSCP has more value than I had previously thought. As Bill pointed out,
CISSP has been around for much longer, and I think ISC2 does more
marketing of CISSP than of SSCP. Bill also noted the higher value of
SSCP among the auditing community vs. CISSP among the security
community, which is something I hadn't considered. That makes a lot of
sense, because for auditing, CISA would likely be preferred over CISSP
and holding an SSCP cert would demonstrate some technical know-how. 


On the other hand, the SSCP has been around a couple of years vs. forever 
for the CISSP, so unfamiliarity of what to ask about may be more relevant 
than a relative perceived value. I've never had anyone ask me if I had a 
CISSP either, so I'm not clear how meaningful that aside is. And, I've found 
a number of IT system and process auditing types much more familiar 
with--and more highly-regarding of--the SSCP than with the more broadly
based (and, thereby, more "generic") CISSP. So, it just goes to show that
everything's relative, depending on which side of the fence you're surveying
the landscape from.


-- 
- Brian Smithson (CISSP; SSCP; and CISA, as soon as I finish the paperwork :-)
  brian@grot.com





------------------------ Yahoo! Groups Sponsor --------------------~--> 
$9.95 domain names from Yahoo!. Register anything.
http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/kgFolB/TM
--------------------------------------------------------------------~-> 

 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [CISSP-D] Risk Assessment Automation., Doug Landoll
Next by Date:  [CISSP-D] BS7799 ppt presentation, WAJAHAT IQBAL
Previous by Thread:  [CISSP-D] Anyone taken the SSCP exam?, Ali Khan
Next by Thread:  [CISSP-D] Re: Risk Assessment Automation., luvinsam
Indexes:  [Date] [Thread] [Top] [All Lists]