Forum Thread: Questions About CISSP and OSCP, the Study Materials Required and More??

First of all I like to say that English isn't my native language , so if you notice any grammatical error please bare with me............. I'm a Computer Science Engineering student who is interested in security. I was thinking of doing OSCP course by offensive security but a friend recommended that I do CISSP first. The question now is how much time and basic knowledge do I require for both CISSP and OSCP?

I know C,C++ and some basic python and bash. I've been playing around with linux lately.

Can you please tell me the time required for studying CISSP and then OSCP??(I'm doing these courses along with the university courses and projects)

If CISSP is required can you recommend me a website that provides both the training and certification?? And can you guys also recommend me some study materials for both CISSP and OSCP. Any help and suggestions provided will greatly be appreciated.

Join the Next Reality AR Community

Get the latest in AR — delivered straight to your inbox.

4 Responses

Having done the OSCP myself I can tell you that it isn't a breeze, before starting i'd try to read a couple of books, go through the free vulnerable virtual machines (VulnHub), and generally understand network infrastructure and how everything interact with each other. I can't speak for the CISSP though.


Thanks for suggestions bro!

The OSCP is a technical certification where as the CISSP is more of a professional certification. The CISSP touches on security items, but at a very high level. It more concentrates on Risk Management, Business Continuity, Business Impact Analysis, SDLC, etc.

I was able to study day and night for a week straight to pass the exam; however, I have over 10 years of IT/Security experience which definitely aided in the process. You can get the latest 9 domain (ISC)2 book online from their website or from Amazon.

My recommendation would be to get the OSCP and the CEH. The OSCP is far superior training compared to CEH, but CEH is more recognized by company's and their HR departments. While working and gaining experience study for the CISSP. When looking for more of a managerial role, go get your CISSP.

Just my 2 cents.

The OSCP is a hacking/pentesting certification while CISSP is the gold standard in security management/administration. Neither should be taken likely, as they are both challenging.

Share Your Thoughts

  • Hot
  • Active