RE: Question on Certification (SSCP or GSEC)

["Eggleston, Mark" <meggleston () healthpart com>]

Mr. Horse,

GSEC is open book and more technical; CISSP is not open book and is more managerial.  If your long-term goal is to get 
a CISSP you might be better off getting the GSEC in the interim because: (1) it is from a different accrediting body 
(SANS) and shows you have diverse credentials if you later get a credential from ISC and (2) I would think it is more 
recognized and sought after compared to the SSCP (which is a stepping stone to the CISSP anyhow).

Of course, I might be biased though.  Hope this helps.

Regards,

Mark Eggleston, CISSP, GSEC, CHPS
Manager, Security and Business Continuity 



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Mr Horse
Sent: Wednesday, April 06, 2011 5:11 AM
To: security-basics () securityfocus com
Subject: Question on Certification (SSCP or GSEC)

I'm a software developer with about 6 years experience, and act as the lead for application and some network security 
issues at my current employer.

My manager wants me to a certification, and ideally I would go with the CISSP but I don't have 4 years employment 
experience in the information security field.

As far as I can tell, my options are the GIAC GSEC and the ISC SSCP.
As far as I can tell, the GSEC requires a similar level of knowledge to the CISSP, but does not have the experience 
requirement. The SSCP seems to have limited recognition.

We will some IT security positions opening up down the line, and I am hoping to apply for one of these in the future. 
Can anyone suggest what might be the better certification for me to hold?

Thanks

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and 
who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers can tell 
if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your 
Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing 
management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

This message, together with any attachments, is intended only for
the use of the individual or entity to which it is addressed. It
may contain information that is confidential and prohibited from
disclosure. If you are not the intended recipient, you are hereby
notified that any dissemination or copying of this message or any
attachment is strictly prohibited. If you have received this
message in error, please notify the original sender immediately by
telephone or by return e-mail and delete this message along with
any attachments, from your computer.

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------