Passed ISSEP!!!
What a beast of a test! So much material to remember but only 150 questions. For me it was far harder then the CISSP.
Study Material:
ISC2 Bootcamp
Watch these Webcasts by ISC2.
Quizlet Flashcards (I uploaded mine for all to use)
I read all the following documents at lest twice, and can break down all the steps/phases/activities in each one and map them to each other or draw them out by hand:
PMBOK
DAG
IATF all chapters and appendix's (Focus on Ch 2 and 3)
SP800-30
SP800-37
SP800-53
SP800-64
Skimmed through and know by # know the title and content of the document:
SP800-47
SP800-59
SP800-60
OMB 2-01
OMB A-130
FIPS 140-2
FIPS 199
FIPS 200
DODD 5000.1
DODI 5000.2
DODD 8500.1
DODI 8500.2
DODD 8520.1
For DOD directive, instruction and policy it helps to know the difference.
It's imperative that you know all the phases/steps and activities, know what document, and be able to map them to each other:
NIACAP C&A
DIACAP C&A
RMF C&A
RMF ISSE (6 steps)
IATF ISSE (Phases 1-8, not just the first 6; Also each task and subtask)
DOD Acquisition
SDLC
Familiar with the following documents (I included the ones I read just to give you an idea of the complete list you must be familiar with:
- CJCSI 6510
- DoD 5000.1
- DoD 5000.2
- DoD 5100.0
- DoD 5220.22
- DoD 8100.1
- DoD 8100.2
- DoD 8500.1
- DoD 8500.2
- DoD 8570.1
- CNSSP 14
- CNSSP 15
- CNSSP 22
- CNSSI 1253
- CNSSI 4009
- CNSSI 4011
- CNSSI 4012
- CNSSI 4013
- CNSSI 4014
- CNSSI 4015
- CNSSI 4016
- NIST SP 800-12
- NIST SP 800-14
- NIST SP 800-18
- NIST SP 800-23
- NIST SP 800-25
- NIST SP 800-27
- NIST SP 800-30
- NIST SP 800-31
- NIST SP 800-34
- NIST SP 800-35
- NIST SP 800-36
- NIST SP 800-37
- NIST SP 800-39
- NIST SP 800-40
- NIST SP 800-41
- NIST SP 800-42
- NIST SP 800-47
- NIST SP 800-53
- NIST SP 800-53A
- NIST SP 800-59
- NIST SP 800-60
- NIST SP 800-64
- FIPS 140-2
- FIPS 197
- FIPS 199
- FIPS 200
- OMB A-130
- OMB M-99-18
- OMB M-00-13
- OMB M-01-08
- OMB M-02-01
- OMB M-03-19
- EO 13231
Also know the following:
PL 107-347 FISMA
Clingen Cohen Act
Privacy Act
GISRA
Computer Security Act
I also read Jonnyg's post here and that helped...
Study Material:
ISC2 Bootcamp
Watch these Webcasts by ISC2.
Quizlet Flashcards (I uploaded mine for all to use)
I read all the following documents at lest twice, and can break down all the steps/phases/activities in each one and map them to each other or draw them out by hand:
PMBOK
DAG
IATF all chapters and appendix's (Focus on Ch 2 and 3)
SP800-30
SP800-37
SP800-53
SP800-64
Skimmed through and know by # know the title and content of the document:
SP800-47
SP800-59
SP800-60
OMB 2-01
OMB A-130
FIPS 140-2
FIPS 199
FIPS 200
DODD 5000.1
DODI 5000.2
DODD 8500.1
DODI 8500.2
DODD 8520.1
For DOD directive, instruction and policy it helps to know the difference.
It's imperative that you know all the phases/steps and activities, know what document, and be able to map them to each other:
NIACAP C&A
DIACAP C&A
RMF C&A
RMF ISSE (6 steps)
IATF ISSE (Phases 1-8, not just the first 6; Also each task and subtask)
DOD Acquisition
SDLC
Familiar with the following documents (I included the ones I read just to give you an idea of the complete list you must be familiar with:
- CJCSI 6510
- DoD 5000.1
- DoD 5000.2
- DoD 5100.0
- DoD 5220.22
- DoD 8100.1
- DoD 8100.2
- DoD 8500.1
- DoD 8500.2
- DoD 8570.1
- CNSSP 14
- CNSSP 15
- CNSSP 22
- CNSSI 1253
- CNSSI 4009
- CNSSI 4011
- CNSSI 4012
- CNSSI 4013
- CNSSI 4014
- CNSSI 4015
- CNSSI 4016
- NIST SP 800-12
- NIST SP 800-14
- NIST SP 800-18
- NIST SP 800-23
- NIST SP 800-25
- NIST SP 800-27
- NIST SP 800-30
- NIST SP 800-31
- NIST SP 800-34
- NIST SP 800-35
- NIST SP 800-36
- NIST SP 800-37
- NIST SP 800-39
- NIST SP 800-40
- NIST SP 800-41
- NIST SP 800-42
- NIST SP 800-47
- NIST SP 800-53
- NIST SP 800-53A
- NIST SP 800-59
- NIST SP 800-60
- NIST SP 800-64
- FIPS 140-2
- FIPS 197
- FIPS 199
- FIPS 200
- OMB A-130
- OMB M-99-18
- OMB M-00-13
- OMB M-01-08
- OMB M-02-01
- OMB M-03-19
- EO 13231
Also know the following:
PL 107-347 FISMA
Clingen Cohen Act
Privacy Act
GISRA
Computer Security Act
I also read Jonnyg's post here and that helped...
2015 Goals: Masters in Cyber Security
Comments
Transmosis | http://transmosis.com | LinkedIn | https://linkedin.com/in/t1mku
If evil be spoken of you and it be true, correct yourself, if it be a lie, laugh at it. - Epictetus
The only real failure in life is not to be true to the best one knows. - Buddha
If you are not willing to learn, no one can help you. If you are determined to learn, no one can stop you. - Unknown
Part of the reason is that I do work for DOD and the other part was that my employer offered to pay for the class. At first I didn't know much about this cert and just sort of signed up, but afterwards I found all that I learned to be very useful and glad I took it.
Thanks! I certainly do feel like I've distinguished myself a bit from all the other CISSP holders. What are your thoughts on ISSMP and it's difficulty compared to ISSEP? Do the materials overlap and should I try to take it soon while everything is fresh?
Thank You
Sent you a pm.
I am interested in the flashcards and any other study materials you are willing to share. My email is my username at gmail.com
Congrats! Mine took 5 weeks to the day.
Emailing now. Look up ISSEP under quizlet flashcards and you'll find mine and many others.