Sponsors

Thursday, May 28, 2009

How To Pass The CISSP Exam




How To Prepare For and Pass The Certified Information Systems Security Professional (CISSP) Exam


The CISSP security certification for an IT Security Professional is a must have and it is becoming increasingly difficult to gain employment as an Information Security Professional without it. PayScale.com reports that the average salary for a person with a CISSP certification, with 1-4 years experience is $71,000.

The main focus and purpose of Information Security is to provide (CIA):
  • Confidentiality
  • Integrity
  • Accessibility 
This is known as the Security Triad.

The Security Triad (CIA) protects:
  • People
  • Processes
  • Technology


Julius Clark's Recommendation to Successfully Pass the CISSP examination

  • First, give yourself 3-6 months to prepare before you schedule to sit for the exam.
  • Read the CISSP for Dummies or the Mike Myers CISSP Certification Passport ; both of these condensed books are great and are perfect to get you started at the 50,000 ft level first!.


  • These publications are small enough to get your mind focused on the main aspects of the Common Body of Knowledge (CBK); The 10 Domains of Information Security as taken from the British Security Standard BS7799, (a.k.a, ISO/IEC 17799 and ISO/IEC 27001:2005); you can easily read through these condensed CISSP study guides within one to two weeks. Don't dive straight into the larger CISSP study books just yet!

  • Now on to some FREE CISSP instructor lead training! Go to CCCUR.org and register for a FREE account. This course is very similar to the official week long (ISC)2 training course costing over $2,500, but again this is FREE. Once registered go to: Tutorials > CISSP Tutorial > Veridon and start viewing the training videos in the following order:

    • Information Security and Risk Management;
    • Access Control;
    • Security Architecture and Design;
    • Application Security ;
    • Cryptography;
    • Business Continuity Planning (BCP) and Disaster Recovery Planning (DRP);
    • Telecommunications and Network Security;
    • Legal, Regulations, Compliance and Ethics;
    • Operations Security;
    • Physical Security.

  • After you read through one of the books mention above and watched all of the FREE training videos on CCCUR.org, you are now ready to read through a bigger CISSP study guide, such as the Shon Harris All-in-One Study Guide;


  • Purchase the most recent version. Reading a larger CISSP study guide should be slow. Take your time and learn the security principles and theories of Information Security, because you are greatly needed by society to help protect computing systems from harm; man-made or natural.


  • As you finish each chapter read more information regarding the particular domain. You would want to download NIST (National Institute of Standards and Technology) documents that your good old tax dollars pay for. These guides contain lots of information, but they are easy to read. They will help you make sense of the material you are reading from the Shon Harris study guide and help you in your career as an Information Security professional. Most corporations use the NIST security publications as a main guide and blueprint to design their corporations IT security architecture. 






      • SP 800-12 An Introduction to Computer Security
      • SP 800-14 Generally Accepted Principles and Practices for Securing Information Technology Systems
      • SP 800-30 Risk Management
      • SP 800-34 Contingency Planning Guide for Information Technology Systems
      • SP 800-86 Guide to Integrating Forensic Techniques into Incident Response
      • SP 800-100 Information Security Handbook: A Guide for Managers
      • SP 800-115 Information Security Testing and Assessment


  • Take the tests at the end of each chapter in the book.
  • Take the Quizzes on the CCCUR.org website. This site is the BEST on the internet for FREE CISSP study and the test engine is very customizable to help you with your study and testing.

  • Study the (ISC)2 Code of Ethics. This is one of the easiest ways to get points on the CISSP exam, because you are guaranteed to be tested on them.

In addition, if you are new to the IT Security field, or have no experience and want to change your career consult with me at:


This is what I used to study for and pass the exam so study well, good luck and I will see you after you pass the exam and join the prestigious club of Certified Information Systems Security Professionals!

Enjoy!

Sincerely,

Julius Clark, CISSP





6 comments:

  1. Julius,
    Thank you for developing the CISSP training program. As a prospective candidate to sit for the CISSP exam, I needed some addition affordable learning materials. I believe your program is just the ticket I was looking for.

    Thanks,
    Vince L
    Technology Analyst

    ReplyDelete
  2. Do you guys know that, there is a growing demand for professionals having skills in Information System audit, security and control. I was interested in getting an excellent job opportunity in the IS audit field, and this site helped me to meet some important requirements. They made me aware that passing the CISA exam is the primary requirement and having at least 5 years of experience as an Information System auditor. I am very thanking full to them. cisa exam

    ReplyDelete
  3. Yes! I totally agree with you folks. And this site also hosts professional seminars and conferences. Participating in non-ISACA activities like university courses, seminars, conferences, in-house corporate training and professional meetings can also count as CPE hours. And completing university courses in relative fields can earn you several CPE hours. This site is definitely helpful thanks. cisa exam

    ReplyDelete
  4. I used Shon Harris' All-in-One and the Official Guide from (ISC)2. Both are great study tools.
    http://passcissp.blogspot.com/

    ReplyDelete
  5. Hey, nice site you have here! Keep up the excellent work!
    CISSP Exam

    ReplyDelete
  6. Thank you for the info. It sounds pretty user friendly. I guess I’ll pick one up for fun. thank u
    CISSP Certification

    ReplyDelete

Get Expert Advice!