+ Reply to Thread
Results 1 to 4 of 4
  1. Senior Member
    Join Date
    Feb 2017
    Posts
    196
    #1

    Default Anyone done CISSP after the OSCP ... my possible plans

    I've just passed my OSCP and my intention was always to immediately pay for the CISSP exam and start studying. In the past two weeks I've listened to some of the podcasts and had a flick through the book. I didn't want to start properly studying until OSCP was done as I didn't want to be distracted.

    Those that have done OSCP, what was the efforts required for the CISSP? (I know this varies person-to-person, but I'm after subjective views).

    My plans are:
    • Potentially to book the exam for 10 or 12 weeks time.
    • I'd then study around 2 hours per day and about 8 on the weekend. So that's total of about 18 hours per week on average.
    • I've bought my books (Sybex and Eric Conrad - the short one for referencing).
    • I will listen to the MP3's from Kelly Handerhan
    • Will also do tons of online questions
    My experience isn't the best for this. No management experience and never been in an Information Security role. When listening to the podcasts and reading the book it wasn't complicated, but it was confusing as I found the content a mix between very very abstract, some very obvious, and some useful. I guess I will learn more as I go through the book and it will mean more to me.

    Anyway, any thoughts on what I've posted here?

    Thanks,
    Cybercop
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    in progress

    Possible Others: OSCE, MCSA




    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    514

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE, CISSP
    #2
    I don't know you, but I think that you don't give you enough time to study. CISSP is a concept exam and it need time to digest. CISSP is not a "fact-based" exam like a Comptia, and many question are based on best practice, experience not on hard fact like a port number.
    Reply With Quote Quote  

  4. Senior Member TeKniques's Avatar
    Join Date
    Jul 2004
    Location
    Oregon, USA
    Posts
    1,276

    Certifications
    OSCE, OSCP, CISA, CISSP, SSCP, MCSA 2008, MCSE 2003: Security, MCDST, MCP, Security+, Network+, A+, Project+, CCENT, CCNA
    #3
    I took the CISSP before the OSCP and imo they aren't really related other than you are faced with some of the technical vulnerabilities in the OSCP that are discussed in the CISSP. Obviously, you see the impact of poor best practices. One thing to consider is that the CISSP requires a certain information security experience to qualify for the certification; otherwise you can obtain the "Associates" title while gaining the necessary experience. Your study plan seems solid. I thought the Eric Conrad book and the ISC practice tests were good preparation for the exam. There's a lot of material to cover that seems overwhelming and it's a long exam to sit. Once you start going through the domains, you'll know more of what to expect as you have pointed out.

    Good luck!
    Reply With Quote Quote  

  5. Senior Member DZA_'s Avatar
    Join Date
    Sep 2017
    Posts
    113

    Certifications
    Look Ma! No Certs!
    #4
    Usually the guideline and rule of thumb is that don't book your exam quite yet until your can score 80% and higher in all the domains and fluently understand the concepts. Your study habits are sound to avoid any sort of burn out (which I have personally gone through). The quizzes and exam simulations (BOSON, Transcender, Sybex, 11th hour, CCCure) will put you in the right direction of thinking like a manager but there is no substitute for experience. Best of luck with your studies!

    Cheers
    DZA_
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks