Need to get CISSP, any input?

Status
Not open for further replies.

steppinthrax

Diamond Member
Jul 17, 2006
3,990
6
81
New requirements (8570) requires CISSP, anybody studying or is certified?
 
Last edited by a moderator:

seepy83

Platinum Member
Nov 12, 2003
2,132
3
71
I took the exam 3 weeks ago and I'm waiting for results.

I took SANS MGT414.

There are free practice quizzes available at http://booksite.syngress.com/companion/conrad/practice_exams.php and http://www.cccure.org

The Messageboard at cccure.org is also pretty good for getting answers to things that you might be confused with.

The CBK domains were updated recently (January I think?), so the vast majority of books available today are not updated for the new exam. That being said, probably 95%+ of the content is still good. Shon Harris' CISSP All In One is recommended by pretty much everyone. The CISSP Study Guide by Eric Conrad, Seth Misenar, and Joshua Feldman, and the Eleventh Hour CISSP Study Guide by Eric Conrad was also recommended to me. I didn't read any of those...but Eric Conrad was my instructor for SANS MGT414, and several years back I took SANS SEC401 with Seth Misenar as the instructor. They are both extremely knowledgeable and talented instructors...and I'm sure the books they have authored are equally as good.

I'm anxious to get my results back. I was already familiar with probably about 50% of the CBK content, so I definitely didn't prepare as much as someone coming in cold would need to.

Also, Ted Demopoulus (another SANS instructor) has a nice PDF of CISSP Acronyms and their definitions if you sign up for his mailing list at http://www.securitycerts.org/review/cissp-acronyms.htm. It's probably around 30 pages (printed 1 side), and it could be a good study aid.
 
Last edited:

ichy

Diamond Member
Oct 5, 2006
6,940
8
81
I took the test last fall. Honestly it wasn't all that difficult, compared to most serious college classes I took it was nothing. There is a substantial amount of information though so don't get complacent, but no need to freak out either.

I studied using a set of practice questions that a co-worker gave me. There were about 1500 questions in all. I went through them and looked up everything I didn't understand in Shon Harris's book. Don't try to just read through that book or you'll want to slit your wrists. Like I said, it's not too difficult but there's a large volume of information. I crammed for about a week and did fine. If I could do it all over I'd study for a longer period of time but at a much less intense pace. If you have a similar bank of practice questions like I had work your way through them twice and you should be good.
 

TXHokie

Platinum Member
Nov 16, 1999
2,558
176
106
What worked for me was to read Shon Harris AIO book twice, took the sample test that came with it and hammer those domain that I was weak at. All in all in the span of about 3 weeks of daily studying in the evening and weekends. It wasn't as bad and people makes it out to be tho I do know of a few that failed. Take lots of sample test questions that you can get your hands on to get used to the CISSP type questions. Seems like they do go out of their way trying to trip you up with double negatives or providing multiple correct answers and you having to chose the most correct one. Good luck.
 

MarkXIX

Platinum Member
Jan 3, 2010
2,642
1
71
I attended a Shon Harris branded two week course (someone else paid for it and had a no show) and followed up with the books. Been certified since 2007.

I used CCCure.org and pretty much did everything mentioned above. Remember, know the background behind the answer, knowing just the answer sometimes can lead you to question yourself on the exam and you'll get the answer wrong.

Who are you working for that 8570 applies? I work for the US Army.
 

TheGodFrogger

Junior Member
May 22, 2010
7
0
0
CISSP isn't the only thing that qualifies you for 8570 either...For instance, there are other more technical certs that may be more interesting to you that will fill the qualifications as well. I am also required to remain 8570 compliant. Many tech people find the CISSP to be extremely dry.

DOD8570_19Dec05_Change2_20Apr10.jpg
 

steppinthrax

Diamond Member
Jul 17, 2006
3,990
6
81
CISSP isn't the only thing that qualifies you for 8570 either...For instance, there are other more technical certs that may be more interesting to you that will fill the qualifications as well. I am also required to remain 8570 compliant. Many tech people find the CISSP to be extremely dry.

DOD8570_19Dec05_Change2_20Apr10.jpg
Security+ qualifies you for IAT level 1 in 8570. In most places if you want a domain level account you need CISSP.
 
Status
Not open for further replies.