CISSP Test Prep

www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance

CISSP Test PrepTony Noblett

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

AgendaCISSP backgroundPlan your attackOptions: $$ or WorkPractice, practice, practiceChill: find your inner ohmmm…Congratulations: CPEs are youTo CCSP or not to CCSP?

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

CISSP Background

Recognized around the world starting in 1988Eight domains – 6 hours – 250 questions

Security and Risk Management Asset Security

Security Engineering Communication and Network Security

Identity and Access Management Security Assessment and Testing

Security Operations Software Development Security

Way of measuring a knowledge baselineDoes not test all skills necessary to be a security practitionerCompeting program from SANs: GIAC- Global Information

Assurance Certification

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

Plan Your Attack

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

AgendaWrite out your plan

Ask yourself do you have the background to think yourself out of trouble?

How much time you will spend studying?

Over what period of time?

What study materials do you plan to use

Make the appointment for the test!

The plan is your contract with yourself, stick to it.

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

Options: $$ or WorkUse your own study

All in One Study guide by Shon Harris

CBK from ISC2

The 11th Hour CISSP by Eric Conrad

Video

Audio

Mentoring

3-4 months of work

Pay for study

Exam Training

CISSP Boot Camp (many to be found)

SANs Training

Education organizations

Universities

Costs vary from $500 to several thousand (have seen $10K )

As little as 2 weeks as much a 4 months

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

Chill: find your inner ohmmm…Test is stressfulIts part of the experienceLearn to train to become calm

under pressureYou will feel like you biffed it in

the endWait for the resultsMany people take the test

multiple times

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

Keep in Mind…Don’t jump to conclusions

Read and then reread the question

Don’t key off word choices

Expect the unexpected

Questions may not all be in a security context

Concepts may appear to be unrelated

Manage you time

Don’t panic

Move steadily through the questions

Know the process order

Think through the steps in a process

Use your ability to break a problem apart

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

Congratulations: CPEs are youCPE

Yearly Continuing Professional Education

To keep up on a rapidly moving field

Need to be constantly thinking about CPE opportunities

Sources

Conferences

Online seminars

Organization meetings

Mentoring

Publishing an article

Podcasts

Training classes (including other organizations than ISC2)

www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance

To CCSP or not to CCSP?CCSP new in 2015, Certified Cloud Security Professional

Collaboration with CSA and ISC2Provides more visibility than the CCSK available from CSA

Study course available from ISC2More later in the day on this subject