cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
shewinn
Newcomer I

CISSP

Dear All,

 

Good day

 

I have IT Audit experience for almost 8 years now and planning to pursue CISSP end of this year. Would appreciate if anyone one of you can assist with the following questions :-

a) What are the study materials that I need to focus on. Currently I do have Shon Harris, however I have noted that it is not in accordance to the domains. Would reading the book will be helpful to me?

b) What are the practice exams that I can look up in order to pass the exam.

c) Last but not least, depending on my experience, will it be hard to pass this exam as I heard it is too technical.

 

Appreciate your kind help in this

7 Replies
amandavanceISC2
Moderator

@shewinn Congratulations on your decision to pursue the CISSP certification. The exam itself is designed to gauge the candidates real world professional experience. Here are a few items we offer as self-study tools, including books, study apps, practice test questions, and flash cards.

 

Please note, the new content for the CISSP exam will be released on April 15, 2018. The new study materials will be made available during Summer 2018. Please know, the updates were minor so if you already have any of the study materials listed above, these will still be very helpful/relevant to the CISSP exam.

 

CISSP Domain Refresh FAQs

 

Best Regards,

Amanda Vance

Early_Adopter
Community Champion

In addition to Amanda's input, It's really not very technical.

shewinn
Newcomer I

Thank you Amanda, indeed it is really helpful

shewinn
Newcomer I

Thank you

Beads
Advocate I

The exam tends to be procedural in nature and less technical. The SSCP has more of a technical look and feel, perhaps your source has confused the two.

 

khale426
Newcomer I

Shon Harris, RIP, material is still relevant!  I found I understood her writing style.  Helped explain a lot where I needed a deeper dive.  You should know how a block cipher differs from a stream cipher.  You won't need to get technical such as CLI configuration commands on a Cisco switch, the details with exploit tools with Metasploit, etc. CISSP is not CEH, more like CASP.

 

  • You should know things like TCP flags, what they are, and what the 3 way handshake is, and also what kind of vulnerability's it has.  Mnemonics like Unskilled Attackers Pester Real Security Folk help out, and basically is the extent to know for the exam.  Know about sub-netting, mask, the way it's identified with a /24, but you shouldn't worry about solving binary math network/host questions.

The CBT/CAT? is the way to go.  Cut down from a 6 hour to a 3 hour time limit.  You'll have to answer somewhere in the neighborhood of 100 questions.

 

  • Take a look at Sari Greene's video for a good explanation of reading and understanding CISSP exam questions.   
sophia_cart
Newcomer II

Thanks For Sharing.. Amanda

Very Helpful Link.