Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
dnice603
Viewer
‎07-01-2024 02:08 PM
‎07-01-2024 02:08 PM

Passed CC Exam!

I am excited to share that I passed the CC Exam on the first try. Looking forward to sitting for the CISSP in early August. Let the studying begin!  

Reply
3 Replies
funkychicken
Newcomer III
‎07-01-2024 03:08 PM
‎07-01-2024 03:08 PM

Congratulations. I have my CISSP in 2 weeks so Ill let you know how it is.

Reply
0 Kudos
Atos
Viewer III
‎07-01-2024 08:52 PM
‎07-01-2024 08:52 PM

Give us success tips please, I am writing CC in a couple of days, I have been using Coursera and Udemy online resources more

Reply
0 Kudos
funkychicken
Newcomer III
‎07-02-2024 04:32 AM
‎07-02-2024 04:32 AM

This is what I did. 

 

Provide yourself with an environment where you can study. Study the free training material from ISC2. Make sure you do the pre-assessment and the final assessment and make sure that you understand and research all of the questions in there.

 

I only went through the material once because I already knew about 80% of the stuff in there so these are the things I knew already working in different businesses. 

 

Data protection and classification

Networks and routing including TCP/IP, OSI Layer, Packet inspection and analysis.

Risk Management

ITIL processes (I am ITIL v3 certified and used to be the Change Manager)

PCI-DSS - I had to implement a lot of ISO 27001 controls because of this and needed to adopt GDPR because of card data

BCDR - This is like a day to day thing with me. Managing backups and recovery, testing the consistency of them by recovery and testing with users. Setting the BCDR strategy, agree with the business RPO and RTO, writing the policies, updating and testing plans, putting in practice and scenario planning. 

Databases and software development lifecycle 

 

The things I was not fully aware of. 

 

NIST frameworks. Make sure you know your NIST frameworks for the areas included. Especially 800-37, and 800-53 what the difference is. You dont need to know whats in them as such but you need to know the difference between them. 

 

Know what other frameworks are in place for other business areas, HIPAA for health, COSO for finance

 

Other security frameworks globally, like the Asia one and how many counties are in it. 

 

Basically everything which is in the training is useful and if you don't understand something then do a bit of investigation. 

 

You may get a question like "Someone is having a problem with a network, sending traffic to another VLAN. Which layer of the OSI should you look at?" Or "Which access control model applies in the following scenario: Someone needs access to something" 

 

I would definitely learn the OSI layer, Learn the core NIST frameworks, Learn access control models. Also read the questions closely and forget real world environments for some of the questions.

Reply