I have IT Audit experience for almost 8 years now and planning to pursue CISSP end of this year. Would appreciate if anyone one of you can assist with the following questions :-
a) What are the study materials that I need to focus on. Currently I do have Shon Harris, however I have noted that it is not in accordance to the domains. Would reading the book will be helpful to me?
b) What are the practice exams that I can look up in order to pass the exam.
c) Last but not least, depending on my experience, will it be hard to pass this exam as I heard it is too technical.
Appreciate your kind help in this
@shewinn Congratulations on your decision to pursue the CISSP certification. The exam itself is designed to gauge the candidates real world professional experience. Here are a few items we offer as self-study tools, including books, study apps, practice test questions, and flash cards.
Please note, the new content for the CISSP exam will be released on April 15, 2018. The new study materials will be made available during Summer 2018. Please know, the updates were minor so if you already have any of the study materials listed above, these will still be very helpful/relevant to the CISSP exam.
The exam tends to be procedural in nature and less technical. The SSCP has more of a technical look and feel, perhaps your source has confused the two.
Shon Harris, RIP, material is still relevant! I found I understood her writing style. Helped explain a lot where I needed a deeper dive. You should know how a block cipher differs from a stream cipher. You won't need to get technical such as CLI configuration commands on a Cisco switch, the details with exploit tools with Metasploit, etc. CISSP is not CEH, more like CASP.
The CBT/CAT? is the way to go. Cut down from a 6 hour to a 3 hour time limit. You'll have to answer somewhere in the neighborhood of 100 questions.