cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Newcomer I

CISSP

Dear All,

 

Good day

 

I have IT Audit experience for almost 8 years now and planning to pursue CISSP end of this year. Would appreciate if anyone one of you can assist with the following questions :-

a) What are the study materials that I need to focus on. Currently I do have Shon Harris, however I have noted that it is not in accordance to the domains. Would reading the book will be helpful to me?

b) What are the practice exams that I can look up in order to pass the exam.

c) Last but not least, depending on my experience, will it be hard to pass this exam as I heard it is too technical.

 

Appreciate your kind help in this

7 Replies
Moderator

Re: CISSP

@shewinn Congratulations on your decision to pursue the CISSP certification. The exam itself is designed to gauge the candidates real world professional experience. Here are a few items we offer as self-study tools, including books, study apps, practice test questions, and flash cards.

 

Please note, the new content for the CISSP exam will be released on April 15, 2018. The new study materials will be made available during Summer 2018. Please know, the updates were minor so if you already have any of the study materials listed above, these will still be very helpful/relevant to the CISSP exam.

 

CISSP Domain Refresh FAQs

 

Best Regards,

Amanda Vance

Community Champion

Re: CISSP

In addition to Amanda's input, It's really not very technical.

Newcomer I

Re: CISSP

Thank you Amanda, indeed it is really helpful

Newcomer I

Re: CISSP

Thank you

Contributor II

Re: CISSP

The exam tends to be procedural in nature and less technical. The SSCP has more of a technical look and feel, perhaps your source has confused the two.

 

Newcomer I

Re: CISSP

Shon Harris, RIP, material is still relevant!  I found I understood her writing style.  Helped explain a lot where I needed a deeper dive.  You should know how a block cipher differs from a stream cipher.  You won't need to get technical such as CLI configuration commands on a Cisco switch, the details with exploit tools with Metasploit, etc. CISSP is not CEH, more like CASP.

 

  • You should know things like TCP flags, what they are, and what the 3 way handshake is, and also what kind of vulnerability's it has.  Mnemonics like Unskilled Attackers Pester Real Security Folk help out, and basically is the extent to know for the exam.  Know about sub-netting, mask, the way it's identified with a /24, but you shouldn't worry about solving binary math network/host questions.

The CBT/CAT? is the way to go.  Cut down from a 6 hour to a 3 hour time limit.  You'll have to answer somewhere in the neighborhood of 100 questions.

 

  • Take a look at Sari Greene's video for a good explanation of reading and understanding CISSP exam questions.   
Highlighted
Newcomer II

Re: CISSP

Thanks For Sharing.. Amanda

Very Helpful Link.