RE: I've passed the CISSP exam, few months back...Now what???

[Harry Su <hsu () btmna com>]

I passed the CISSP exam last July in Canada.  Here are a few thoughts 
about the CISSP exam and certification.

1) To pass the exam is not as difficult as you imagine

If you have the solid hand-on experience in IT, all you need is one or two 
good books as reference, plus three or four months preparation. 
I recommend that ISC2 official study guide as your main reference, after 
that you can get another one as secondary reference - I use Wisely's CISSP 
Golden Edition and I did not read ALL-IN-ONE.

2) The CISSP certification is continuously devalued

As a strategy to broaden the CISSP service, ISC2 very likely is lowering 
the bar for the entry. The more CISSP are produced, the less value is 
attained. So many CISSP exams were scheduled in Canada last year, I have 
been asked quite a few times to proctor the CISSP exam just one or two 
days ahead of their scheduled date. Usually ISC2 asks the local CISSP to 
supervise the exam, as a reward you will get some CPE points. I guess that 
ISC is somehow lack of the well-organized exam system to support their 
fast-expanding service. 

3) CISSP is just another certficate

CISSP currently is widely accepted by the industry, many companies put it 
into their hiring requirements. However, it does not mean that CISSP is a 
golden brick to knock the door of your future career development. It may 
add some weights, and it eventually will become one "another certficate", 
like CNE, MCSE used to be.

4) The annoying "earning CPE points" push

After you becoming a CISSP, from time to time you are very likely to 
receive a lot of email from ISC2 about how to earn your CPE points. 
However, it is very rare to see some articles or readings of INFOSEC from 
them,  So I have to stick in other resources to continue my development, 
such as SANS, NIST, SecurityFocus, etc.  It really confuses me sometimes 
about what the ISC's main mission is. Just sell the certificate and CPEs? 
or to establish a standard and sell their knowledge and expertise? Someone 
may help me out in this.


Harry Su 





david.cahill () mail ebs ie 
12/09/2005 05:51 AM

To
tech.louie () verizon net
cc
security-basics () securityfocus com
Subject
RE: I've passed the CISSP exam, few months back...Now what???








I am currently studying for the CISSP myself (Its only run once a year in
Ireland so I've had plenty of time to think about it!).

I have read a number of texts, including Vallabhaneni (CISSP Volumes 1 & 
2)
and Peltier & Howard (Total CISSP Exam Prep Book).  The Vallabhaneni books
are particularly detailed and are probably a good source to start from.
The Exam Prep book provides more of a high level look at the CBKs and the
sample exams are good practice for the real thing (or so I'm lead to
believe!).

As for online resources, look no further than http://www.cccure.org/

It provides a huge number of freely downloadable review documents and also
has a very useful quiz section where you can spend hours testing your
knowledge of specific domains / subject areas.

Good luck,

David





-----Original Message-----
From: Louie [mailto:tech.louie () verizon net]
Sent: Thursday, September 08, 2005 8:49 PM
To: rami9009 () hotmail com; security-basics () securityfocus com
Subject: RE: I've passed the CISSP exam, few months back...Now what???

If you don't mind me asking, what books did you study or material. I'm 
also
trying to see if I could go for CISSP... Any kind of help would be great..


--Louie









*******************************************************************
The information contained in this communication is intended solely for the 
use of the individual or entity to whom it is addressed.  It may contain 
confidential or legally privileged information.  If you are not the 
intended recipient you are hereby notified that
any disclosure, copying,  distribution or taking any action in reliance on 
the contents of this information is strictly prohibited and may be 
unlawful.  If you have received this communication in error, please notify 
us immediately by responding to this email and then delete it from your 
system.

Any personal opinions expressed in this e-mail are views of the individual 
and do not necessarily reflect the views of the EBS Group.   The content 
of this e-mail may have been sent without the authority of the EBS Group.

EBS Group cannot guarantee that this e-mail and attachments are free of 
viruses and you must ensure that you carry out your own virus checks. EBS 
Group accepts no liability for any loss or damage caused by software 
viruses.

www.ebs.ie

*******************************************************************




-----------------------------------------
The information contained in this electronic mail message, and any and all
accompanying documents, constitutes confidential information.  If you are
not the intended recipient of this information, any disclosure, copying,
distribution, or the taking of any action in reliance on it is strictly
prohibited.  If you received this information in error, please notify the
sender immediately and destroy this communication.  Messages sent via this
medium may be subject to delays and/or unauthorized alteration.  Neither
The Bank of Tokyo-Mitsubishi, Ltd. nor any of its affiliates shall be held
liable for the contents of this message.