<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'>I see no mention that it (Security+) exempts you from having to
have 1 of the required 5 years for CISSP.<o:p></o:p></span></p>
<p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri","sans-serif";
color:#1F497D'><o:p> </o:p></span></p>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
cisspstudy-bounces@cccure.org [mailto:cisspstudy-bounces@cccure.org] <b>On
Behalf Of </b>Clement Dupuis<br>
<b>Sent:</b> Friday, April 24, 2009 1:44 PM<br>
<b>To:</b> The CISSP Study Mailing list<br>
<b>Subject:</b> Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
ClassRegistration<o:p></o:p></span></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal style='margin-bottom:12.0pt'>Great question,<br>
<br>
I will answer with the consultant approach: It depends<br>
<br>
The GIAC certs are great but they are VERY technical for most of them and
focused on one specific area such as Firewall, IDS, incident handling, audit,
etc.... etc... <br>
<br>
If you are a technical person doing a specific job those might be
best. However, if your company expect you to be the one
man gang, any of those certification would not be enough. You would need
to have a collection of them and have very wide knowledge.<br>
<br>
As far as the SSCP, it is not very well supported by ISC2. They do not
publicize it much. I know very few people who have obtained the
SSCP. If you are going to do all that studying for the SSCP, you may as
well study a bit more and do the CISSP directly as an associate if you do not
have enough years of experience. I would skip the SSCP altogether and
save time and money.<br>
<br>
Take care<br>
<br>
Clement<br>
<br>
<br>
<o:p></o:p></p>
<div>
<p class=MsoNormal>On Fri, Apr 24, 2009 at 14:23, amar singh <<a
href="mailto:amar_ncet@yahoo.co.in" target="_blank">amar_ncet@yahoo.co.in</a>>
wrote:<o:p></o:p></p>
<div>
<div>
<div>
<p class=MsoNormal>I guess its better to have SSCP or GIAC like than sec+<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
<div>
<div class=MsoNormal align=center style='text-align:center'><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>
<hr size=1 width="100%" align=center>
</span></div>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> aditya malhotra
<<a href="mailto:adityamalhotra85@gmail.com" target="_blank">adityamalhotra85@gmail.com</a>><o:p></o:p></span></p>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>
<b>To:</b> The CISSP Study Mailing list <<a
href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><o:p></o:p></span></p>
</div>
<p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Sent:</span></b><span
style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> Friday, 24 April,
2009 10:25:39 AM<o:p></o:p></span></p>
<div>
<div>
<p class=MsoNormal><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>
<b>Subject:</b> Re: [Cisspstudy] CSSLP Certification - Opening of Exam And
ClassRegistration<o:p></o:p></span></p>
</div>
</div>
<div>
<div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
Hi All,<br>
<br>
Just a quick question. Do you feel today Security + is even asked by any
company? I guess its just CISSP which is widely required by corporations.<br>
<br>
<o:p></o:p></p>
<div>
<p class=MsoNormal>On Fri, Apr 24, 2009 at 7:13 AM, Lonzell Scaife <<a
href="mailto:lscaife1@verizon.net" target="_blank">lscaife1@verizon.net</a>>
wrote:<o:p></o:p></p>
<p class=MsoNormal>Thanks guys for the feedback.<o:p></o:p></p>
<div>
<p class=MsoNormal><br>
-----Original Message-----<br>
From: <a href="mailto:cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>
[mailto:<a href="mailto:cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>]<o:p></o:p></p>
</div>
<div>
<p class=MsoNormal>On Behalf Of Chris Papas<br>
Sent: Thursday, April 23, 2009 3:54 PM<br>
To: The CISSP Study Mailing list<o:p></o:p></p>
</div>
<div>
<div>
<p class=MsoNormal>Subject: Re: [Cisspstudy] CSSLP Certification - Opening of
Exam And<br>
ClassRegistration<br>
<br>
<br>
I took both and felt like I wasted my money on the Sec+ as it was so much<br>
easier than the CISSP that I would call it CISSP very light. If you are<br>
ready for the CISSP then go for it. If you need a stepping stone to get
to<br>
the CISSP then take the Sec+ to get your feet wet.<br>
<br>
<br>
---------- Original Message ----------------------------------<br>
From: Clement Dupuis <<a href="mailto:clement.dupuis@cccure.com"
target="_blank">clement.dupuis@cccure.com</a>><br>
Reply-To: The CISSP Study Mailing list <<a
href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a>><br>
Date: Thu, 23 Apr 2009 11:50:48 -0400<br>
<br>
>The Security Plus exam is a subset of the CISSP, it is not as large but has<br>
>a bit more of a technical flavor.<br>
><br>
>If you are ready for the CISSP, you should be ready for the Sec+ as well.<br>
><br>
>Take care<br>
><br>
>Clement<br>
><br>
><br>
>Clément Dupuis, CD<br>
>CISSP, GCFW, GCIA, Security+, CEH, ECSA, LPT, CCSA, CCSE, MBNS, MBIS, MBHS,<br>
> ACE<br>
>---------------------------------------------------------------------------<br>
-------------------<br>
>In real life:<br>
>Senior Security Specialist and Instructor<br>
>Security University<br>
>>> Call me to get the best CISSP training <<<br>
>---------------------------------------------------------------------------<br>
-------------------<br>
>In Cyberspace:<br>
>President/Security Evangelist/Chief Learning Officer (CLO)<br>
>The CCCure Family of Portals<br>
>---------------------------------------------------------------------------<br>
-------------------<br>
>Business: 407 479 3903<br>
>Fax: 407 264 8396<br>
><br>
>Maintainer of :<br>
>The CISSP and SSCP Open Study Guides Web Site<br>
><a href="http://www.cccure.org" target="_blank">http://www.cccure.org</a><br>
><br>
>The Professional Security Testers Warehouse<br>
><a href="http://www.professionalsecuritytesters.org" target="_blank">http://www.professionalsecuritytesters.org</a><br>
><br>
>Knowledge sharing and giving back to the community<br>
><br>
><br>
>On Thu, Apr 23, 2009 at 11:35, Lonzell <<a
href="mailto:lscaife1@verizon.net" target="_blank">lscaife1@verizon.net</a>>
wrote:<br>
><br>
>> I’ve been studying for the CISSP exam for about 4 months now but
have<br>
>> been told to go ahead and take the Security+ exam due to the fact the<br>
>> material I’ve been using for the CISSP will have me prepared for the<br>
>> Security+ exam also. What do you think?<br>
>><br>
>><br>
>><br>
>> *From:* <a href="mailto:cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>
[mailto:<br>
>> <a href="mailto:cisspstudy-bounces@cccure.org" target="_blank">cisspstudy-bounces@cccure.org</a>]
*On Behalf Of *Prakash<br>
>> *Sent:* Thursday, April 23, 2009 8:43 AM<br>
>> *To:* <a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
>> *Subject:* [Cisspstudy] CSSLP Certification - Opening of Exam And
Class<br>
>> Registration<br>
>><br>
>><br>
>><br>
>> The CSSLP aims to stem the proliferation of security vulnerabilities<br>
>> resulting from insufficient development processes by establishing best<br>
>> practices and validating an individual’s competency in addressing<br>
security<br>
>> issues throughout the software lifecycle (SLC). Code-language neutral,
it<br>
>> will be applicable to those involved in the SLC, including analysts,<br>
>> developers, software engineers, software architects, project managers,<br>
>> software quality assurance testers and programmers.<br>
>><br>
>> To be eligible for the certification, CSSLP candidates must
demonstrate<br>
>> four years of professional experience in the SLC process or three
years<br>
of<br>
>> experience and a bachelor’s degree (or regional equivalent) in an IT<br>
>> discipline.<br>
>><br>
>> It covers seven domains:<br>
>><br>
>> * Secure Software Concepts - security implications in
software<br>
>> development<br>
>> * Secure Software Requirements - capturing security
requirements in<br>
the<br>
>> requirements gathering phase<br>
>> * Secure Software Design - translating security
requirements into<br>
>> application design elements<br>
>> * Secure Software Implementation/Coding - unit testing
for security<br>
>> functionality and resiliency to attack, and developing secure code and<br>
>> exploit mitigation<br>
>> * Secure Software Testing - integrated QA testing for
security<br>
>> functionality and resiliency to attack<br>
>> * Software Acceptance - security implication in the
software<br>
acceptance<br>
>> phase<br>
>> * Software Deployment, Operations, Maintenance and
Disposal -<br>
security<br>
>> issues around steady state operations and management of software<br>
>><br>
>> The first open exams will be offered beginning June 30, 2009<br>
>><br>
>> For more information on the CSSLP, You can visit *<a
href="http://www.isc2.org/csslp*" target="_blank">www.isc2.org/csslp*</a><br>
>><br>
>><br>
>><br>
>> _______________________________________________<br>
>> cisspstudy mailing list<br>
>> <a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
>> <a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org"
target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
>><br>
>><br>
><br>
><br>
><br>
><br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org"
target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br>
<br>
<br>
_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org"
target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><o:p></o:p></p>
</div>
</div>
</div>
<p class=MsoNormal><br>
<br clear=all>
<br>
-- <br>
Thanks,<br>
Aditya Malhotra<br>
MS in Information Security Policy & Management<br>
Carnegie Mellon University<br>
Ph: (415)-608-3375<o:p></o:p></p>
</div>
</div>
</div>
</div>
</div>
<div>
<p class=MsoNormal><o:p> </o:p></p>
<div class=MsoNormal align=center style='text-align:center'>
<hr size=1 width="100%" align=center>
</div>
<p class=MsoNormal>Now surf faster and smarter ! Check out the new Firefox 3 -
Yahoo! Edition * <a
href="http://in.rd.yahoo.com/tagline_firefox_1/*http:/downloads.yahoo.com/in/firefox/"
target="_blank">Click here!</a><o:p></o:p></p>
</div>
</div>
<p class=MsoNormal style='margin-bottom:12.0pt'><br>
_______________________________________________<br>
cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org"
target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><o:p></o:p></p>
</div>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</body>
</html>