Download - CISSP Exam – How to Take It
-
8/10/2019 CISSP Exam How to Take It
1/20
CISSP Exam How to
take itPrasad Tiruvalluri, PMP, CISSP, PSM1, Hadooop, ISTQB, ITIL
www.techgadgettalk.com
E-mail: [email protected]
http://www.techgadgettalk.com/http://www.techgadgettalk.com/ -
8/10/2019 CISSP Exam How to Take It
2/20
Contents
Eligibility
Job Profiles
What does CISSP Test
The actual process
How to study
How to take exam
Resources
-
8/10/2019 CISSP Exam How to Take It
3/20
CISSP (Certification for Information System Security Professional) is for IT
security professionals. This validates their expertise.
There are two ways to take the examCandidates having 5 years of cumulative full time work experience in two or more
domains required under the ISC2CISSP CBK
ISC2also provides a 1 year professional experience waiver if the candidate possesses a
four year college degree in the same field
Or
Pass the exam as associates of ISC2
Earn the required 5/4 years of experience in the next 6 years before they can use theCISSP credential.
In both cases, after passing the exam, one must be endorsed by an existingCISSP and if you do not have anybody who can endorse you, then CISSP can
do the endorsement
-
8/10/2019 CISSP Exam How to Take It
4/20
Security consultant
Security analyst
Security manager
Security systems engineer
Security auditor
Director of security
Chief information security managerIT manager/Director
Network Architect
Security Architect
-
8/10/2019 CISSP Exam How to Take It
5/20
Tests a very broad depth of knowledge in 10 different
domains of Information Security
Domain 1
Access ControlA collection of mechanisms that work together tocreate security architecture to protect the assets of theinformation system
Concepts/Methodologies/Techniques
Effectiveness
Attacks
-
8/10/2019 CISSP Exam How to Take It
6/20
Domain 2
Telecommunications and Network Security Discusses networkstructures, transmission methods, transport formats and securitymeasures used to provide availability, integrity, and confidentiality
Network Architecture and Design
Communication Channels
Network Components
Network Attacks
-
8/10/2019 CISSP Exam How to Take It
7/20
Domain 3
Information Security Governance and Risk ManagementTheidentification of an organizations information assets and the
development, documentation and implementation of policies,
standards, procedures, and guidelines
Security Governance and Policy
Information Classification/Ownership
Contractual Agreements and Procurement Processes
Risk Management Concepts
Personnel Security
Security Education, Training and Awareness
Certification and Accreditation
-
8/10/2019 CISSP Exam How to Take It
8/20
Domain 4
Software Development SecurityRefers to the controls that areincluded within systems and applications software and the stepsused in their development
Systems Development Life Cycle (SDLC)
Application Environment and Security Controls
Effectiveness of Application Security
-
8/10/2019 CISSP Exam How to Take It
9/20
Domain 5
CryptographyThe principles, means and methods of disguisinginformation to ensure its integrity, confidentiality, and authenticity
Encryption Concepts
Digital Signatures
Cryptanalytic Attacks
Public Key Infrastructure (PKI)
Information Hiding Alternatives
-
8/10/2019 CISSP Exam How to Take It
10/20
Domain 6
Security Architecture and DesignContains the concepts,principles, structures and standards used to design, implement,monitor, and secure, operating systems, equipment, networks,
applications, and those controls used to enforce various levels of
confidentiality, integrity, and availability
Fundamental Concepts of Security Models
Capabilities of Information Systems (e.g. memory protection,virtualization)
Countermeasure Principles
Vulnerabilities and Threats (e.g. cloud computing, aggregation, data
flow control)
-
8/10/2019 CISSP Exam How to Take It
11/20
Domain 7
Operations SecurityUsed to identify the controls over hardware,media and the operators with access privileges to any of theseresources
Resource Protection
Incident Response
Attack Prevention and Response
Patch and Vulnerability Management
-
8/10/2019 CISSP Exam How to Take It
12/20
Domain 8
Business Continuity and Disaster Recovery PlanningAddressesthe preservation of the business in the face of major disruptions tonormal business operations
Business Impact Analysis
Recovery Strategy
Disaster Recovery Process
Provide Training
-
8/10/2019 CISSP Exam How to Take It
13/20
Domain 9
Legal, Regulations, Investigations and ComplianceAddressescomputer crime laws and regulations, the investigative measuresand techniques that can be used to determine if a crime has been
committed, and methods to gather evidence
Legal issues
Investigations
Forensic procedures
Compliance Requirements/Procedures
-
8/10/2019 CISSP Exam How to Take It
14/20
Domain 10
Physical (Environmental) SecurityAddresses the threats,vulnerabilities, and countermeasures that can be utilized tophysically protect an enterprises resources and sensitive
information
Site/Facility Design Considerations
Perimeter Security
Internal Security
Facilities Security
-
8/10/2019 CISSP Exam How to Take It
15/20
Obtain the experience
5 years in two of the domains in the previous slides.
Valid experience includes information systems security-related work performed as apractitioner, auditor, consultant, investigator, or instructor that requires information securityknowledge and involves the direct application of that knowledge
Or 4 years in two of the domains in the previous slides and
A 4 year degree
Should have an approved ISC2 credential
Study for the exam
Schedule the CBTPass the exam
Complete the endorsement
Maintain the certification
-
8/10/2019 CISSP Exam How to Take It
16/20
It is just an exam, Think positive. It is not the end of the world
Verify that you are eligible and schedule the exam. Let the commitment drive
you. Make sure you do not schedule the exam too far off. You may
procrastinate.
If you have experience in the info security field, plan for about 200 hrs to 250
hrs of study else plan for about 400 hrs to 450 hrs of study
One domain per week. Study everyday.
Use CBK as a base so you do not go off topic too much as that is a real problem
Use one book as a reference and just one more as a fall back. Dont read too
many.Take tests daily and from different sources. Do not worry about the scores as
none of the existing questions even remotely resemble the actual test
questions. Use the tests to just gauge your state of preparation
Write the exam
-
8/10/2019 CISSP Exam How to Take It
17/20
The exam is 6 hours long.
You many not need 6 hrs but be prepared to spend 6 hrs.
Get familiar with CBTDownload the test tutorial & practice exam from Pearson Vue(http://www.pearsonvue.com/athena/ )
Take an online tour of a Pearson Professional Center
(http://www.pearsonvue.com/ppc/ )
Arrive early
One hour, if you can.
Bring your registration paperwork, government issued ID: Drivers License, passport etc.,
Bring your snacks and drink (in covered container).
Take your restroom break before you sign-in
Your proctor will lead you through the registration process and lead you to your
workstation
Get familiar with your workstation and start when youre ready.
http://www.pearsonvue.com/athena/http://www.pearsonvue.com/ppc/http://www.pearsonvue.com/ppc/http://www.pearsonvue.com/athena/ -
8/10/2019 CISSP Exam How to Take It
18/20
You have an option to mark the question for review later, use it
The questions are so crafted, you are never certain how well you have done. Do
not get discouraged. Most of the exam takers have felt that way.
You pass if you score more than 700. The score is scaled. The number of
questions is 250 with 25 being not used for scoring but you will not know which
ones.
The questions are multiple choice questions with single and multiple answers.There are drag and drop and hotspot questions since 2014.
-
8/10/2019 CISSP Exam How to Take It
19/20
Take your time, but not too much time
1 min. per question, but no more than 2.
Mark the questions that youre not sure on and move on.
Do take a break
Review your answers
Review the questions that you dont have an answer first.
Review rest of your answers.
Your first answer likely be the right answer.
Ignore your surroundings
Others may be writing different exams (PMP, GRE etc.,) which may be 3 hours
long
-
8/10/2019 CISSP Exam How to Take It
20/20
Official ISC2 website - https://www.isc2.org/cissp/default.aspx
https://www.cccure.orgfor exams. There are two packages normal
multiple choice and scenario based. It also has a lot of other resourcesPrep books
CISSP All-in-One Exam Guide, Fifth Edition, by Shon Harris and the website has free questions
Official (ISC)2 Guide to the CISSP CBK the latest edition must read
CISSP Study guide, Eric Conrad
CISSP Study Guide 6E Sybex- James Stewart, Mike Chapple & Darril Gibson comes with questions
CISSP Training Kit-David R Miller - Microsoft Press comes with questions
Eleventh Hour CISSP Study Guide-Eric Conrad
Wiley The CISSP Prep Guide Gold Edition
TestKing ISC CISSP Exam Q And A
For more detailed information and Q & A visit www.techgadgettalk.com
https://www.isc2.org/cissp/default.aspxhttps://www.cccure.org/http://www.techgadgettalk.com/http://www.techgadgettalk.com/https://www.cccure.org/https://www.cccure.org/https://www.isc2.org/cissp/default.aspxhttps://www.isc2.org/cissp/default.aspx