cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Community Champion

Studying and Memorising

I volunteered to oversee a CISSP study group yesterday, which was being run internationally, as you do in large corporate organisations doing their best to promote self-discipline etc.  Once again, I want to emphasis the importance of understanding the underlying subject matter.  It is not just a question of reading, memorising the study material, but actually learning to apply it.  My suggestion, whilst studying for the CISSP, is go back put your security hat on, and for instance under Domain 4 Communications and Network Security, make sure you know exactly what the many protocols do and list their weaknesses, and the attacks against them.   Do this in a mindmap, or you do it in your way of representing your personal notes, doing it this way reinforces your learning and understanding.  If you can replay and articulate this to others, helps your understanding, and puts them into a real world context rather just soaking up the knowledge itself.   Apply it.

 

Simply, doing a praise' and replaying it back via a PowerPoint does not fully embrace the content of the study guide or represent your understanding of the material.   You need to understand the why, what, how and when you should apply judgement, so that you can advise others and justify why we simply do not use certain protocols in certain circumstances.

 

Regards

 

Caute_cautim

16 Replies
Highlighted
Community Champion

Re: Studying and Memorising

What can really help is making your own flash cards, which question specific topics you have trouble on in an ABCD multiple-choice format.

 

I prefer the pen and paper method, or you can use an SRS tool like Anki, Mnemosyne, or any of the plethora of useful software out there. Remember, MAKE YOUR OWN CARDS AND QUESTIONS.

 

I like @Caute_cautim's approach, however, because as many here have pointed out, as I myself found while taking the exam, and as @Caute_cautim expresses, you are being tested on your mastery of the application of the concepts. Anyone can memorize a list of facts and figures and regurgitate them. Not everyone can show the patience and dedication to plow through knowledge of the domains and disciplines. They are so deep that it would be fruitless to attempt to 'memorize' merely one domain, let alone all of them. Moreover, they are continually changing and being revised, so ...

 

I like using tables of contents and indices and seeing whether I have a ready response for each topic or if I somewhat understand an index entry. If someone wants to memorize that stuff, then, good luck.

 

Lastly, the concept or mind map is a really cool approach, which I use -- again use paper and colored pens for best effect; and if you can use rolls of paper you can go big -- helpful to see how different domains complement each other.

Highlighted
Community Champion

Re: Studying and Memorising

 

Yes, nonetheless many go about simply memorizing stuff --- often aided by tons of practice questions --- if their sole objective is just to pass the exam.

 

Of course, once in the real world you'll find a clear understanding of all this is needed to apply what you've learned --- and what better time to grasp that than when studying?

 

You should be able to see where & how what you're learning factors / can factor in --- making such connections will also help with retention. 

 

 

Probably a stupid example: During primary and secondary schooling we learned the laws of physics, inertia, etc. --- but this didn't matter much to me until my late teens, when I saw how the need to use seat-belts relates to it...  Man LOL

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Highlighted
Community Champion

Re: Studying and Memorising


@Shannon wrote:

 

Yes, nonetheless many go about simply memorizing stuff --- often aided by tons of practice questions --- if their sole objective is just to pass the exam.

There's the problem; we seem to see so many complaining that 'I studied this @3poQ1ed book and didn't the prize! I spent 30 days and a zillion buck$' Many do memorize stuff, and it gets them jammed up because they're panicked that nothing looks like any of stuff they packed away.

 

Whereas if you've been around the block a few times, you have real-world experience to call on from when the $hould hit the fan, you've been reorged a dozen times, then you might have the chops to handle the exam -- if you really take time and REALLY understand the subject matter.

 

 

Highlighted
Community Champion

Re: Studying and Memorising

Yes, school, often does not assist us to think and use the information given to us.  I personally found that until I tackled my MSc this was the time, I really had to think for myself and rationalise information and have to make assessments and take and make decisions.  Whereas at BA level, often it was by rout again, with the expectation to memorise information.  Hence emphasis on the "applying".  If only earlier in life, that connection had been made, a great deal of things would have changed.   The CISSP emphasis' the application and contextualising this with application, would assist many to make the full connection and possibly make a better world all round.

 

Regards

 

Caute_cautim

Highlighted
Community Champion

Re: Studying and Memorising


@j_M007 wrote:

@Shannon wrote:

 

Yes, nonetheless many go about simply memorizing stuff --- often aided by tons of practice questions --- if their sole objective is just to pass the exam.

There's the problem; we seem to see so many complaining that 'I studied this @3poQ1ed book and didn't the prize! I spent 30 days and a zillion buck$' Many do memorize stuff, and it gets them jammed up because they're panicked that nothing looks like any of stuff they packed away.

 

Whereas if you've been around the block a few times, you have real-world experience to call on from when the $hould hit the fan, you've been reorged a dozen times, then you might have the chops to handle the exam -- if you really take time and REALLY understand the subject matter.

 


I was recently told of a case where a non-security person (we will describe them as a ChangeManagement/Service Now type person), stated that they could pass the CISSP exam based on the fact that they were an English major......This concerns me that someone would 1) be that bold and 2) potentially could pass the exam.

 

Problem with this one is they are a consultant and have not been around the block one time nor have they been there when it hits the fan or re-orged several times.....so how can they be agile and really answer or build solutions for the issue at hand.

 

As to my studying, I prefer hands on, I seem to learn best when I do.

 

Regards

 

d

Highlighted
Community Champion

Re: Studying and Memorising

> j_M007 (Community Champion) posted a new comment in CISSP Group on 04-30-2019

> What can really help is making your own flash cards, which question specific
> topics you have trouble on in an ABCD multiple-choice format.   I prefer the pen
> and paper method, or you can use an SRS tool like Anki, Mnemosyne, or any of the
> plethora of useful software out there. Remember, MAKE YOUR OWN CARDS AND
> QUESTIONS.

I *don't* like flash cards: your own, or anyone else's. Because:

>   I like @Caute_cautim's approach, however, because as many here have
> pointed out, as I myself found while taking the exam, and as
> @Caute_cautim expresses, you are being tested on your mastery of the application
> of the concepts.

You have to know, understand, and be able to apply the basic concepts. That is
key. Flash cards can only fill in a few details that you might or might not
(probably not) encournter on the exam. @Caute_cautim is right: you must
understand the basics.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
I used to worry about robots becoming self-aware & taking over
the world. Then I tried to use a motion sensor faucet.
- https://twitter.com/philipnation/status/564496243762937856
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............
This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Highlighted
Community Champion

Re: Studying and Memorising



I was recently told of a case where a non-security person (we will describe them as a ChangeManagement/Service Now type person), stated that they could pass the CISSP exam based on the fact that they were an English major......This concerns me that someone would 1) be that bold and 2) potentially could pass the exam.

 

Problem with this one is they are a consultant and have not been around the block one time nor have they been there when it hits the fan or re-orged several times.....so how can they be agile and really answer or build solutions for the issue at hand.

 

As to my studying, I prefer hands on, I seem to learn best when I do.

 

Regards

There is also the B^3 phenomenon in which some might engage, certainly unethical and injurious to CISSP and other infosec professionals who have done it the proper way.

 

I am not convinced, however,  that English majors fresh from the degree mill could pass the test, though. It takes some practical hands on knowledge to answer the questions.

 

This is why we see many people complaining of faulty syllogisms and the like. So, ISC^2 thanks for keeping it real and not diluting the pond. 😉

Highlighted
Community Champion

Re: Studying and Memorising


@rslade wrote:
> j_M007 (Community Champion) posted a new comment in CISSP Group on 04-30-2019

> What can really help is making your own flash cards, which question specific
> topics you have trouble on in an ABCD multiple-choice format.   I prefer the pen
> and paper method, or you can use an SRS tool like Anki, Mnemosyne, or any of the
> plethora of useful software out there. Remember, MAKE YOUR OWN CARDS AND
> QUESTIONS.

I *don't* like flash cards: your own, or anyone else's. Because:

>   I like @Caute_cautim's approach, however, because as many here have
> pointed out, as I myself found while taking the exam, and as
> @Caute_cautim expresses, you are being tested on your mastery of the application
> of the concepts.

You have to know, understand, and be able to apply the basic concepts. That is
key. Flash cards can only fill in a few details that you might or might not
(probably not) encournter on the exam. @Caute_cautim is right: you must
understand the basics.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
I used to worry about robots becoming self-aware & taking over
the world. Then I tried to use a motion sensor faucet.
- https://twitter.com/philipnation/status/564496243762937856
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

 

All true Mr. Slade for some. I suppose we all take different approaches. While NONE of the cards I made really mimicked the exam questions, studying that way helped me calm myself and really try to cudgel out the truthiest answer.
Highlighted
Community Champion

Re: Studying and Memorising

@j_M007 @rslade Studying and Examination techniques are different,but essential to practice no matter what the subject is.  

 

Caute_cautim