Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
Certification Preparation
(ISC)²
SSCP
What study approach did you take for CISSP -for anyon who has passed and had no exp.
chickenlicken09
Hi,
As title says im interested on study approaches taken by anyone who has passed the CISSP and did not have any/little infosec
experience before doing so.
Thanks
Find more posts tagged with
Comments
tiagotavares
I'm not CISSP yet, but those who has never had contact with InfoSEC, All-In-One (Shon Harris) maybe is the best resource.
dustervoice
Read CISSP for dummies first then Shon Harris (AIO) would be my recommendation.
chickenlicken09
ya im thinking, CISSP for dummies-conrad study guide-trying to avoid the inevitable (AIO)
I know its not a bad book just not my reading style.
5ekurity
The AIO is the best book hands down, and if you don't have a lot of exposure to many of the areas, will be of the most help in filling your knowledge gaps.
chickenlicken09
yeah i hear ya.
5ekurity
One of the things that helped me through some of the areas I was less familiar with was to write out my notes to explain the concept in my own words, not just a copy of the book's explanation.
Example: Bell-LaPadula - no read up, no write down - why would you want to do this? Well, I wouldn't want someone without the appropriate clearance to read extremely sensitive data restricted for only specific people - so "no read up" makes sense.
Well what about writing down? So let's assume people with a high level of security clearance are communicating with one another and editing documentation. We must assume that the contents of their communication and documents they are working on are also extremely sensitive, and we wouldn't want to risk information leakage - so writing anything to a lower security level may cause data leakage or a security exposure, since anyone with less than that high level of security clearance could potentially see it. They could also begin to infer information - take the data they have access to at their security level, combine this data with the information that was unintentionally 'leaked' from a higher level - begins to paint a larger picture.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
