RE: CISSP Examination Practices ?

["Clement Dupuis" <cdupuis () cccure org>]

Good day to all,

This is Clement from www.cccure.org.

I agree with the poster comments that some questions were not as well
formulated as they could have been.  I have 25 CISSP's who are currently
helping me in improving them.  If you have not visited the quiz lately, I
would suggest you do as things have greatly improved.  Thanks to all that
have contributed and helped.

Judging is easy and unfortunately more people are interested in sucking
resources to exhaustion but only a few come back to contribute.  Such is the
life of open source project.  Then we ask ourselves why they die and
disappear.

Take care

Clement


> -----Original Message-----
> From: listbounce () securityfocus com
> [mailto:listbounce () securityfocus com] On Behalf Of Yousef Syed
> Sent: Monday, February 04, 2008 11:27 AM
> To: m.farid.shawara () gmail com
> Cc: security-basics () securityfocus com
> Subject: Re: CISSP Examination Practices ?
>
> It is natural to be a little worried.
> It is a difficult exam and they don't give out the certificate for the
> fun of it.
>
> What I found to be most useful (along with practice questions etc) was
> to practice exam technique and learn to recognise what constitutes a
> "Good Answer".
> 1. Read the Question very carefully.
> 2. Of the choices in the answer, it is usually (*not always*) clear
> that a couple of the answers are totally wrong.
> 3. Of the remaining two answers, look for the the answer that BEST or
> most fully answers the question. Often both will be correct, but one
> answers the questions in a more complete manner.
> 4. Circle your guesses - sometimes you'll find the answer as part of
> another question.
> 5. Remember that the CISSP is a MANAGEMENT Certification. So when
> answering questions, imagine you are a Manager. As a manager you are
> primarily motivated by money. Other consideration is Policy, and the
> safety of your personel. So there isn't much need to get yourself
> bogged down in too much of the technical details - just ensure you
> understand the concepts: Different Encryption methods (method,
> strengths, weaknesses, usage), The difference between Encryption and
> Hashing, Different Network protocols, Different DoS attack methods
> etc... But you don't need to know how to code your own Hash function,
> or how to how to install a CCTV system - just know how it is used.
>
> With the exception of Point 5, all the other points are standard
> practice for any multiple choice exam.
> Other than the odd mickey-mouse certification, the last time I took an
> exam was over 10years earlier so I found practicing the examination
> technique side of things most useful.
> So long as you have the right level of experience under your belt, you
> should do fine.
>
> When doing practice questions, (something I noticed on CCCURE) is that
> some have been written poorly (not something that happens on the real
> thing) and some even have incorrect answers!
>
> Also, note that it is very normal to think that you've failed after
> sitting the paper. :-)
>
> ys
>
> On 04/02/2008, m.farid.shawara () gmail com <m.farid.shawara () gmail com>
> wrote:
> > Dear All:
> > I am really afraid from the CISSP Exam!
> > I already booked for the exam and 1 month is only remaining...
> > I studied well - took the official course - have a good experience in
> the
> > security field but still not feeling comfortable...
> >
> > I need an advice for the best way, best guides, best websites to save
> my
> > time and have a good exam samples and questions...
> >
> > Can you help?
> >
> > Thanks.
>
>
>
> --
> Yousef Syed
> CISSP
>
> http://www.linkedin.com/in/musashi