Scribd Logo
Upload

Welcome to Scribd!

  • My Passing-CISSP Recipe (May 2019) : Questions After 2-Month (Part-Time) Preparation. I Am So

    Uploaded by

    Kady Yadav
    57 views7 pages

    Original Title

    step guide cissp

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    57 views7 pages

    My Passing-CISSP Recipe (May 2019) : Questions After 2-Month (Part-Time) Preparation. I Am So

    Uploaded by

    Kady Yadav

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    My Passing-CISSP Recipe

    (May 2019)
    Tho Le

    May 18, 2019·4 min read

    I have just passed my CISSP exam on 17 May 2019 in 101


    questions after 2-month (part-time) preparation. I am so
    excited and feel that I should share study materials and
    suggested plan to help others who are also preparing or intend
    to take the CISSP challenge.

    When starting the preparation, I have no idea how to prepare


    for the exam since it seems to be quite broad and theoretical. I
    have come across multiple blogs/articles, however, it doesn’t
    really help me to come up with a solid plan for the CISSP exam.
    It took me a lot of time and efforts wandering around without
    much usefulness. Hopefully, my sharing helps others to feel
    more confident with their preparation and come up with a solid
    plan to clear CISSP.

    Note: This is solely my personal experience so it may not work


    for others. Please use with care.
    I start with my background so you know my strengths and
    weaknesses, followed by studying resources that I used and
    finally my suggestion.

    My background

    I have my bachelor degree in computer science and two master


    degrees, one specialized in Business Information System (BIS)
    and one in Information Security Technology (IST). Also, I have
    5-year experience as Network/System Administrator in an SME
    company. Currently, I am working as a cybersecurity analyst in
    a Security Operation Center (SOC) team for about 1.5 years.

    With that knowledge and experiences, I found domain 3


    (Security Engineering Domain) and domain 4 (Communication
    and Network Security Domain) pretty straightforward.
    However, the other 6 domains are somewhat difficult, especially
    to understand and memorize terms that I have ever heard (e.g.
    capacitance, preaction).

    Studying Resources

    Below is the list of materials which I think help me the most.


    The order is from most useful to least useful.

    1. Sunflower CISSP Summary, version 2.0: I think


    it is the latest version at the time of this writing. I
    found this summary in so87’s Github repository
    where he shared his CISSP study guides.
    However, I don’t find his notes useful (I have my
    own notes), so I only use the Sunflower’s
    document.

    2. Why you WILL pass the CISSP by Kelly Handerhan: the short
    video is really meaningful in which she points out the mindset
    that you should have to pass CISSP. The prime message is “Do
    NOT fix problems” and “think as a manager”.

    3. ISC2 CISSP online course: It is a free course in Cybrary, also


    by Kelly Handerhan, thumbs up to her great job. Although the
    course alone is not enough for the CISSP exam, the course is
    really successful in providing you an overview, general
    knowledge and emphasize important principles to prepare for
    CISSP.

    4. CISSP Official (ISC)2 Practice Tests: the book offers about


    100 questions for each domain to test your knowledge and 4
    practice tests. If you use the online version, its look and feel are
    similar to the real online CISSP exam. I must stress that
    questions in this book really help to strengthen my knowledge.

    5. Simple CISSP Book by Phil Martin: there is nothing special


    about this book.

    My Suggestion

    To my point of view, certification is the result, not the purpose.


    Certification without knowledge is not worth the effort. So my
    study plan aims to gain knowledge and only practice for the
    exam at the last moment.

    I begin this section by “Don’t do” which I did and it took me


    quite amount of time. Then, if I have to prepare for CISSP again,
    what I would “Do” to be more effective.

    “Don’t do”

     I started with “Simple CISSP” book and read


    through all chapters, writing down notes on the
    way. Here, I have to be honest, I suffered a lot to
    go through it. The book is very boring (guessing
    all CISSP books are the same), all content is
    theoretical knowledge. I couldn’t count how
    many I have slept while reading it. Yet, the worst
    thing is that I learn nothing after all of those
    efforts and numerous hours.

    “Do”

     Starting with the CISSP online course by Kelly


    Handerhan as mentioned above (3). It layouts a
    good foundation for what you are expected to
    have.

     Making good use of “Sunflower CISSP


    Summary”. I must stress that this is an excellent
    note. Authors condensed hundred of pages into
    37 pages. So every word counts, make sure
    that you understand the meaning behind each
    concept. If you don’t, look it up in your chosen
    CISSP book or Google it.

     After completing each domain, you should


    validate your knowledge and “CISSP Official
    (ISC)2 Practice Tests” provides about 100
    questions for each domain to check your
    knowledge. Personally, I found it really helpful
    which strengthens my knowledge over concepts
    that I thought I well understood but apparently
    not thorough enough.

     Preparing your mindset with “Why you WILL


    pass the CISSP” by Kelly Handerhan.

     Now, you are almost ready for the exam. Try 4


    practice tests offered by “CISSP Official (ISC)2
    Practice Tests”. Surprisingly, I felt things were
    much clearer comparing to the first attempt
    without preparation with “Sunflower CISSP
    Summary”.
    Tho Le

    Senior Cyber Security Analyst — For the secure world


    Follow
    THO LE FOLLOWS

    Alex Teixeira

    Peter Matkovski

    VerintCyberSec

    See all (6)

    66
    1
    Get an email whenever Tho Le publishes.

    Subscribe
    By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more
    information about our privacy practices.

    66
    1

     Education

     Cissp

     Cissp Certification

    More from Tho Le


    Follow
    Senior Cyber Security Analyst — For the secure world

    Apr 26, 2019


    PDF Forensics: Introduction (Part
    1)
    This session means to provide an overview of PDF Forensics,
    including (1) PDF structure, (2) PDF syntax, (3) some notable
    suspicious objects, (4) Overview of Javascript analysis and (5)
    introducing a tool that assists PDF investigation (mpeepdf)

    PDF Forensics: Javascript analysis (part 2)

    PDF Structure

    In order to perform PDF forensics, it is essential to understand


    the structure of PDF. Luckily, it is fairly simple. I find the figure
    below from zbetcheckin quite representative for all what we
    need to know. PDF contains 4 parts:

     Header: starts with %PDF (e.g. %PDF-1.1 for PDF


    version 1.1) within the first 1024 bytes.

     Boby: contains…

    You might also like