NIST Standards !!

dpathi

Will there be questions in CISSP exam requesting test taker to identify specific NIST standards? For example:

NIST 800-150 Guide to Cyber Threat Information Sharing

NIST 800-30 Guide for Conducting Risk Assessments

etc.

trueshrewkmc

The CISSP exam requires you to apply concepts more than facts. There are a lot of NIST standards, some of which are not IA related, so you will wear yourself out trying to learn them all.

Some CISSP study materials teach nitty gritty details well, but you need to be able to tie the details back to larger concepts. If a question were to ask something that you recognize as a risk management concept, then which answer is related to the concept of risk management? If one of your answers were related to the NIST SP for risk management, it would be more correct than some of the other answers.

dpathi

Thank you

kabooter

It is pretty much a question I want to know too. There are lots of details associated with NIST and so many EU/US laws in first domain that there is simply no way I can cram them all in. I can memorize and associate laws with their "domains or areas of concern" but to remember the dates when they were passed or their numbers - please tell me I don't need to remember.

lucky0977

It's a non US centric, international exam. I don't think the test writers expect someone from Mongolia or Russia to memorize all of the NIST standards or anything that applies to American law. You're asking us to violate the NDA by telling you what might be seen in the exam and well we wouldn't want to do that now would we?

CertBling

I'd remember a few of the most important... I'm trying to come up with a way to keyword it in my mind!