I heard it doesn't really get deep on any particular topic.
Printable View
I heard it doesn't really get deep on any particular topic.
Good luck with that. I just passed mine. I spent about 2 months studying for it and personally felt I overstudied once I took the test. Looking back though there was a lot of stuff on it that I didn't know prior to studying. The orange book standards for one. Its not used anymore for C&A, but old stuff still has orange book ratings that you can compare it to, to find its feature set.Quote:
Originally posted here by Black Cluster
Some of the questions were extremely easy, and comon sence .... I was wondering if am really nextdoor to gain the CISSP easily ..... lol
I was told that come October ISC2 is redoing the exam to make it much more difficult, and upping the pass/fail line to 85%. I wouldn't want to throw $500 down the drain.
I can't speak about specifics, as none of us who've taken it can, but I can tell you that the description of '10 miles wide and 2 inches deep' is fairly accurate. They are serious with the previous experience requirements. You don't need to be a master of all 10 domains...if you are, this certification is below the level of what you should consider a 'challenge'. But you need to have your strong areas that won't require the intense study and focus, and you should be capable of having enough general knowledge and acquired insight (through study) into the areas in which you are NOT strong.Quote:
I once indicated this test was more for management level, before I had actually taken it, and was told that this was not necessarily true. I have to agree with that other position now, although there are a lot of areas that many people (myself included) feel are not crucial or necessary to "Security" that (ISC)^2 includes in the domains.
This really just shows you that "Security" is an extremely broad field, and it does indeed transcend technology, to steal their slogan. If you truly want an accurate representation of what the test may be like, I'd suggest you go take the practice test at www.CCCure.org, select all 10 domains, and chose 'Pro' difficulty for 100 questions. Give yourself an hour or three to get through it, too.
P.S. If you walk out of taking the real test feeling like your brain has just been flushed down the drain, with no clue as to how well you've done...you probably did at least moderately well. :)
As Zencoder said they are really serious about the pre-requirments, I mean the past experience, they require like 2 years of experience, which I don't have and won't in the coming 3 years .... so I have too much time to go over many subjects .... I will set the Security+ exam first ... I think how things should go, right?
Giac certificates are cool too, what do you think?
Bestow upon me knowledge... he's all knowing all wise. Let me be the protege of the three magic’s... give me MAC, DBAC and RBAC. I want to rule this kingdom. But it is paramount to first understand how a given security model is proven before getting into the nuts and bolts and the like. Actually what I believe is paramount is to learn the highest of security and work down. But hey, that's just me.
Is the exam set up in an A B C or D manner? If so I think it would be downright easy to pass, only time consuming...... I only took a few test.........but man most were obvious.
A question for those who have taken the exam. What are the chances of someone taking the same 2005 exam… but in the 1970's-1980's and passing it unchallenged?