This is a GOOD thing. If it were a mere question of finding rehashed and repeated Q&A, then it would make the exam into some grocery list of items for people to memorize.

The K in CBK means knowledge, and knowledge comes through experience and know-how. This is why it is NOT an entry-level cert. This is also why the CEPs play a very important part of the process. Skill Stagnation spells doom for those who depend on us.

Thankfully, (ISC)2 has people that realize this and ensure the CBK exam is as tough and as fair as possible.

When i stydied for CISSP i did use CCCURE website i paid for 3 month and also bought the 12 hour and CISSP for dummies and ofcourse the boxset from Shon Harris and i paid for the iPhone app from ISC2 and for ealaerning i used Cybrary.it CISSP course.

---

@rslade wrote:

"Security Engineering" by Ross Anderson.

---

Anderson's book is without doubt the best core book covering the entire range of topics that come together in information security. Even better, Anderson placed the entire book available online for free; each chapter is a separate PDF file. He did this with full approval by his publisher. Both the 1st and 2nd editions are online, so be sure you link to the 2nd edition. I leave it as a reader exercise to find Dr. Anderson's site with the book.

 

 

Thanks Craigin, for the information on the book. Thanks also for your excellent blog, https://cragins.blogspot.com/ 

 

Kudos for both.

Thank you for the feedback!

On chapter 7 of the ISC2 study guide. I'm finding a good portion, maybe half, of this I know just from being in the field since 1991 in various roles. I'm struggling with remembering the block, key sizes and if they ask me a question like ... what cipher uses an encryption key as long as the message. It could be Running Key or One time pad if the question was worded vaguely. I'm going to memorize the tables but on test do they ask many question based on hash and key memorization and do they word questions specific enough to know if they ask for encryption say like is as long as message itself it also include something like uses it from a common book (Running) or Vernam (One-Time Pad). Thanks all!

> FZ09 (Newcomer I) posted a new reply in Certifications on 08-29-2018 02:21 PM in

> I'm struggling with remembering the block, key sizes and if they
> ask me a question like ... what cipher uses an encryption key as long as the
> message. It could be Running Key or One time pad if the question was worded
> vaguely. I'm going to memorize the tables but on test do they ask many question
> based on hash and key memorization and do they word questions specific enough to
> know if they ask for encryption say like is as long as message itself it also
> include something like uses it from a common book (Running) or Vernam (One-Time
> Pad).

When I took the test, I got it into my head that if I didn't know absolutely every
detail of RADIUS I was going to fail. Of course, in the end, there were no
questions about RADIUS at all on the exam I took.

Don't memorize tables. The more you know is good, of course, but don't panic
over the details. The exam is mostly about concepts. If you know the concepts,
you will pass.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
01001111 01001011 00100000 01101100 01100101 01110100 00100000
01000101 01100011 01101000 01100101 01101100 01101111 01101110
00100000 01100011 01101000 01100101 01110111 00100000 01101111
01101110 00100000 01010100 01001000 01001001 01010011 00100001
victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links
http://blogs.securiteam.com/index.php/archives/author/p1/
http://twitter.com/rslade

Thank You!

Is the 11th hour CISSP 3rd edition from 2016 still good to prep for the 2018 CISSP adaptive exam?