I read only from Shon Harris last time. I did not have the patience to read the book for more than once.
Ah. I may have identified your problem, here ...
Shon, well, I don't want to be too hard on her. She stole from the best. (Stealing from one person is theft, stealing from two people is plagiarism, stealing from three people is research.) And her material always was readable. But she did have this habit of explaining things, in lots of detail, that she didn't actually understand. When doing the seminars, I always told the candidates that I refused to answer any questions that started out "Shon Harris says ..."
Now I bought the ISC2 Sybex 2018 edition and also the ISC2 test papers. Reading them as slowly as I can. This time, I am going to give a tough fight :-)
It may have been mentioned before, but you should read "Security Engineering" by Ross Anderson. It's the best single volume coverage of the field that I know. (And I'm not the only one.) There are other texts, but Ross is a mainstay, and anything he writes is worth reading.
Thanks Rob. Yes. His book is classic. Attack vectors change all the time. But Anderson's books stand the test of time. It's not for nothing that they use it as a fundamental text book in many Sec engineering classes.
The disconnect I see is that many people swear by this or that guru. What many fail to realize is that the only guru who can help you move forward is the one standing in your own shoes or sitting on your own a$$.
Thanks as always for your comments!
Thanks all for sharing nice insights about the exam.
I passed the exam last Sunday on 120th-ish question. And I think probably the Meditation I tried on Exam-day morning did contribute more than 4 months of hard study. It helped to keep me cool and let the experience talk.
Two cents from a newbie.
Spot on. Congrats and kudos. The test is more than about knowledge; it's about experience and managing how you solve problems. Every moment of thought counts and can mean the difference between success and failure.
The test asked me 150 questions as well with a passing result. I'll admit I thought it beat me up a little bit. I was testing with a CAT simulator that showed me to be proficient or above in all 8 domains. When I sat down for the test? I felt like it was a different certification than what I had spent the previous 4 months studying! So I understand the frustration. I think the most important things have already been covered and since it's been some time since you originally posted, I hope you go back and attack it again after following the advice on this board.
Yes, the test is difficult. When you get to 125 questions you begin to think you've failed and that plays into your answers. The best advice I got was to expect 150 questions over the course of 3 hours. (I remember dramatically asking myself "why am I still even trying?") The key is to stay the course and keep answering the questions to the best of your ability based off what you've learned. Look for the manager hat in the answers. I hope you try again and pass! The world is growing more and more complicated and it needs as many of us professionals as it can get.
Good stuff. Good luck.
I did not have the patience to read the book for more than once. Now I bought the ISC2 Sybex 2018 edition and also the ISC2 test papers. Reading them as slowly as I can.
That's certainly the way to progress. Patience and deliberation; thought and attitude.
These, too, are requirements for any sort of professional. Attending patiently to the task is a must.