CISSP preparation experience sharing
After 5 hours and 30 minutes of suffering, I clicked the "End of Test" button on a computer and walked out of the small exam room. Two young invigilators started working on their computers, one got up and went to the printer, and the other told me that I could pack things up and go back and wait for the email in the mailbox. According to the information of the test takers, ISC2 will be notified by email after passing the exam. If the test fails, an explanation will be given on the spot. Sure enough, the invigilator handed the printed transcript to me, and a simple “congratulations” made my heart hang. It seems that there is no excitement in anticipation, just a kind of relaxation.
After working hard for 8 months, I finally passed the CISSP exam.
01 certificate introduction
A brief introduction to CISSP certification, a lot online. I only say the following:
As of March 2016, the number of certificates held in mainland China was around 1,800.
CISSP currently has no question bank to back in the market. ISC2's protection of the test bank is very strict, and it is strictly forbidden to openly discuss the test questions after passing the test.
CISSP is a threshold requirement. After passing the exam, you must submit proof of the industry experience in order to get the certificate.
02 Recommended materials
The current CISSP preparation materials with a large number of people have the following books:
The Official (ISC) 2 Guide to the CISSP CBK. This is the officially designated textbook. The division of the knowledge domain and the explanation of the concepts are all relatively original, which is very helpful for understanding the true intention of the exam questions during the exam. I have read this book intensively and it turns out to be really useful.
Shon Harris' All In One. The structure is more reasonable and can be used as an alternative teaching material.
CISSP (ISC) 2 Certified Information Systems Security Professional Official Study Guide.
This book is very interesting, completely dispelling the structure of the syllabus, and the author reorganized into 21 chapters according to his own understanding. I only use this book for reference. The style of writing is more colloquial, not like CBK. It is not recommended as a review of the main textbook.
Eleventh Hour CISSP Study Guide. I also looked at this book, which is an outline-type book. The knowledge points are not detailed, and the knowledge context has been sorted out.
03 related remedial classes
Is the tutorial class useful? My experience is that the biggest role of the remedial class is to help you sort out the knowledge context. From the perspective of people, you can tell you which points may be tested more and which points are very unlikely to appear in the exam. So, they can really help you save review time.
04 The role of CISSP and others
Some people say that after getting CISSP, the annual salary can rise by XX%. I think this is the promotion strategy of the remedial class. Some people say that CISSP does not test specific attack and defense technology, and the certificate is useless. I think this is a theory of technicalism.
Preparing for these eight months, at least help me sort through the knowledge points in all areas of security and broaden my knowledge. Re-architecting a comprehensive understanding of security is the most important.
Finally, all the peers who have prepared for CISSP will pass!