Sam_aqua wrote: »
@ beads / Others
Do you mean CISSP exam's level of questions are different if one takes Associate Level & a different level of questions if one takes the regular one ?
!nf0s3cure wrote: »
Not sure where this topic is heading but my gripe with the exam is the fact that some of so called fundamentals are old technological solution of the past. And they are still being tested! Again my favorite topic Crypto, with my 15+ years of IT work I have never come across requirement to know how Biba or any other model works or which one should I implement? Now I may not have directly worked in an area that needs that information but hey in 15 years I have touched a lot of IT topics and have not met a single person who has claimed to have done that. If fundamentals were so important then why not start with 'Abacus' and explain binary, here is a good fundamental for beginners! Again horses for courses but my view is ISC2 need to re-scope their CIB and CBK to align more on present day computing. Just mentioning SDN or MPLS on their CIB does not provide reason to believe that they have got it all covered. Last time I saw IoT (Internet of Things) was only mentioned once in the official book. That is the home version of SCADA in my view and need proper addressing! Go to SANS and they are bleating about the IoT risk and ISC2 one mention! This CIB needs to be reviewed every year at a minimum just like other policy updating recommendations, as there are changes that change what is on IT security radar every year at least broadly speaking. That is my view of where this should go.
Hunter85 wrote: »
Well I am really interested in security field but it is a huge domain by itself, in today's world you dont have any time to waste, everyones time is so precious, if you look at my initial post I am not complaining about how CISSP is outdated, I am talking about massive amount of information which is covered in almost any CISSP book and how i feel about it.
I have personal interest in many fields of security but i dont feel the same interest level for every subject. CISSP exam covers nearly most of the important parts of IS thats why you have to have an idea about it all but study books are making it harder for everyone and covering each and every subject deeply.
Again these are exam study books, if i had real interest in a specific subject i would go and buy a book related to it and read it carefully. Exam books should only cover what is necessary for the exam.
Yes I am studying all CBK meterial just to be able to pass the exam, most of the information is not relevant to what i do in day to day job and they will probably not be relevant ever. Everybody is specializing more and more and there is no place for an IT Security person who just knows a little bit of everything. You need to choose what you love the most and concentrate on it.