US influence on CISSP exam?
Hi all,
I recently started my CISSP studies, and after reading through the first domain (Security and Risk Management), I have to ask:
How much is the CISSP influenced by US laws, rules and regulations. I am using Eric Conrads study guide, and the chapter covering the first domain is full of information on the US system.
Fourth Amendment, Rule1001, Evidence and court procedures, HIIPA, SOX, Patriot Act, to name just a few.
Is this something that is a trend throughout the exam, or is it mostly for examples and broader picture stuff?
Do I need to be familiar with all these US rules, regulations, common practices, etc to be able to pass the exam, even though they are completely irrelevant to a Scandinavian like me?
I recently started my CISSP studies, and after reading through the first domain (Security and Risk Management), I have to ask:
How much is the CISSP influenced by US laws, rules and regulations. I am using Eric Conrads study guide, and the chapter covering the first domain is full of information on the US system.
Fourth Amendment, Rule1001, Evidence and court procedures, HIIPA, SOX, Patriot Act, to name just a few.
Is this something that is a trend throughout the exam, or is it mostly for examples and broader picture stuff?
Do I need to be familiar with all these US rules, regulations, common practices, etc to be able to pass the exam, even though they are completely irrelevant to a Scandinavian like me?
Comments
To answer your question though most likely you wont get any questions for specific US regulations. I got more about EU than US.
Even back then the most that would be asked of an examinee would have been HIPAA based and those questions have since been moved to the HCISPP. Not much to worry about. SANS on the other hand at one time, not sure now, used to ask alot of very detailed Title and Section of the US Code for GCIH and other exams but likewise probably don't as much now as they once did to please a broader audience. Still good to know your comparative legal systems: Administrative versus Tort law, etc which are going to be true where ever you practice.
- b/eads
I finished Domain 1 of the Eric Conrad book, and I did feel better as I got further into it.
But today I took the 100 Domain 1 questions from Sybex's Official (ISC)2 Practice tests, and it had at least 18 questions that were exclusively US-related, and several others that were obviously easier if you are American. Seems strange that they would present us with such questions.
Oh well, I trust you guys.
- b/eads
CISSP - live n' kickin'
My CISSP study apps
My CISSP study advice blog