topic Re: Things to remember for exam in CISSP Study Group

Things to remember for exam

RobertEng — Mon, 20 Sep 2021 13:03:40 GMT

Hi everyone,

I'm curious to know how do you remember the port number information, which tool to use when scanning for vulnerabilities? I'm really bad in domain 6 and hope can have someone to guide me in this chapter.

Thank you very much.

Regards,

Robert

Re: Things to remember for exam

Steve-Wilme — Tue, 21 Sep 2021 12:14:53 GMT

Remembering TCP port numbers comes with experience/familiarity. It'd be common over time to know which ports common service like FTP, SSH, Telnet, SMTP, TACACS, DNS, HTTP, Kerberos, LDAP etc run on. In terms of tools for scanning you might also want to look at C|EH.

Re: Things to remember for exam

junghyun — Tue, 21 Sep 2021 13:16:29 GMT

21, 22, 23, 25, 49, 53, 80, 88, and 389 (i think)

Re: Things to remember for exam

BrianF — Tue, 21 Sep 2021 18:19:51 GMT

Everyone learns differently but I think that if you really don't know any of them, you should try flash cards, quizzes, and maybe even dig in a little further and open up a firewall to test with and configure them, adding notes as you do it. I think it is more important to know the differences between port types, and what is secure and not secure. TCP vs UDP. FTP, SFTP, SSH, etc.

There are also some videos if you search for them that could help but since they are with another cert body I will not publish the links directly in here.

Good luck!

Re: Things to remember for exam

RobertEng — Wed, 22 Sep 2021 14:03:22 GMT

Hi Brian,

Really appreciate your advice.

That's such an eye opener to me.

Thank you so much.

Regards,

Robert

Re: Things to remember for exam

RobertEng — Wed, 22 Sep 2021 14:05:50 GMT

Hi Junghyun,
Really appreciate for sharing.
Are you preparing for your exam as well?
I hope to be able to join a study group.
Thank you.
Regards,
Robert

Re: Things to remember for exam

EequalsMC2 — Thu, 02 Dec 2021 19:18:36 GMT

Youtube

CISSP Exam Cram has some great videos on memory mnemonics for the exam - Frameworks, models, ports, encryptions, hashing, etc.

I never really understood why the "Managerial" CISSP needs to get down in the weeds about port numbers and protocols.

Rule 0 - Have a good inventory of assets

Rule 1 - Scan for open Ports

Rule 2 - Close off unused Ports

Rule 3 - If you don't understand this, get yourself a good network manager and pay them well

Re: Things to remember for exam

swh5a01 — Wed, 22 Dec 2021 06:31:15 GMT

Hi Robert,

This is Sam from Taiwan. I would shared some of the ideas how I prepared the Domain 6 on the exam.

First of all, we need to make it clear on why we need to do the assessment and testing for the security operations. It was because we need to ensure the controls are in good and acceptable manner after we applied it.

For my point of view, you are not need to remember which tools to do what, but only need to know if we need to ensure the system was hardened well, we should check the port that remain opened with the tool called Nmap. And we need to know why we need the third-party compliance audit, because we are doing well and we need to told others that we are doing really well on the compliance.

Hope the above could help you build some idea on the Domain 6 and I just passed the exam on 14th.

Please let me know if you need any help on the discussion and I would love to shared with you all.

Regards,

SAM CHAN

Re: Things to remember for exam

brford — Sat, 08 Jan 2022 02:23:29 GMT

A wise man once told me that when preparing for a certification exam and reading the exam objectives if a protocol is mentioned there it is a good thing to know that protocol and it's associated port number(s). That advice has never let me down.

Re: Things to remember for exam

EequalsMC2 — Sat, 08 Jan 2022 16:32:09 GMT

A better question is why does a modern cyber security profession need to
know that? Why use another stump the chump question instead of a question
that tests critical thinking.

Re: Things to remember for exam

brford — Mon, 10 Jan 2022 19:35:23 GMT

As a working professional I don't think that the list of protocols and their associated ports is excessive. I would be concerned if a CISSP level co-worker could not recognize authentication, web browsing, DNS resolution, file transfers, and email exchanges when looking at an analyzer or trace. The CBK is not asking a candidate to memorize port 1-1024.

Re: Things to remember for exam

BrianF — Thu, 13 Jan 2022 14:21:53 GMT

I agree. You need to know the well-known, reserved, and the underlying services / apps that use them. IE: Your dev team sends in a request to open port 21. You should know what they are trying to do and get very involved with the request, issue, and ultimate resolution.

Likewise, you need to be able to understand penetration testing reports (at the very least).

At the end of the day, all of the technical understanding required for a CISSP should complement your ability to manage risks. What makes it hard is it is technical, it's managerial, and you need to understand the legal and operational aspects of a business and industries. You are resource of information to the stakeholders and that includes your ability to understand the technical aspects of risks to the business.