Passed - Information Security Foundation Based on ISO/IEC 27002

I took this exam today through Exin. I passed with a 39 of 40, taking about 45 minutes.

I felt that the exam was fairly basic. I mostly used the ISO/IEC 27002 document to prepare, but also at the recommendation of N2IT I read Foundations of Information Security Based on ISO27001 and ISO27002 . My opinion is that this book is not well-written, but that could be due to the translation from Dutch to English. The book did adequately cover the material on the test, so I felt well-prepared.

Up next for me is the advanced ISO 27k exam, perhaps as soon as next week.

MS

Find more posts tagged with

Comments

earweed

Congrats on the new cert.
How do you see this cert benefitting you?

eMeS

earweed wrote: »

Congrats on the new cert.
How do you see this cert benefitting you?

Thanks.

I'm not sure. We're seeing more work come around that's looking for ISO 27k knowledge, so we're starting to build up capabilities in that area. The other reason that I did this is because I get two exams per year at 1/2 off through Exin, and I don't like to let things like that go to waste.

MS

UnixGuy

Great score ! Congrats eMeS

eMeS

UnixGuy wrote: »

Great score ! Congrats eMeS

Thanks, honestly I was a bit surprised at the score. I almost hate getting a score like that because it leaves you wondering which one you could have possibly missed....

MS

UnixGuy

eMeS wrote: »

Thanks, honestly I was a bit surprised at the score. I almost hate getting a score like that because it leaves you wondering which one you could have possibly missed....

MS

well yes it is...I always hated Multiple Choice Questions exams at uni, there's always a room for bad wording or for misunderstanding of what the questions wanted.

newmove

I was thinking of writing this exam before I opted to book for Sec+. I just felt its an exam you can going in and apply common sense after studying well for Sec+.

Its on my radar and will eventually tackle it next year.

Congrats on this one.

rogue2shadow

Congrats!

eMeS

newmove wrote: »

I was thinking of writing this exam before I opted to book for Sec+. I just felt its an exam you can going in and apply common sense after studying well for Sec+.

Its on my radar and will eventually tackle it next year.

How popular is Sec+ in the UK?

This exam is definitely much less comprehensive than Sec+, however, it covers some things that would be a bit foreign to a US audience, such as personal privacy legislation.

MS

N2IT

Gratz brother! I saw this update on Linkedin so I hit you up on there also.

^5

newmove

eMeS wrote: »

How popular is Sec+ in the UK?

This exam is definitely much less comprehensive than Sec+, however, it covers some things that would be a bit foreign to a US audience, such as personal privacy legislation.

MS

Sec+ is not that embraced here to the best of my knowledge but I want to add it to my skillset and towards earning CISA.

I skimmed through the pdf on ISO 27002,its going to be quite an interesting read and the certification is well recognised here. Do you think the personal privacy legislation would be relevant in the US?

Psoasman

Congrats on your pass, nice score!

eMeS

newmove wrote: »

Do you think the personal privacy legislation would be relevant in the US?

It doesn't exist here, at least not in the same sense.

MS

N2IT

eMeS wrote: »

It doesn't exist here, at least not in the same sense.

MS

MS when you take the advance portion please let me know. I would really appreciate some feedback. I am hoping to knock that one out since you shed light on the testing process and how I can take the exam without a class

I'd like to get Sec + and 27002 advanced eventually.

eMeS

N2IT wrote: »

MS when you take the advance portion please let me know. I would really appreciate some feedback. I am hoping to knock that one out since you shed light on the testing process and how I can take the exam without a class

I'd like to get Sec + and 27002 advanced eventually.

I scheduled it today for next Wednesday...I'll report back on how it goes.

For these two exams Exin does not require that you attend a class. You can schedule them to be delivered via browser, but you have to nominate a proctor to observe you and start and end the exam, etc...

MS

N2IT

eMeS wrote: »

I scheduled it today for next Wednesday...I'll report back on how it goes.

For these two exams Exin does not require that you attend a class. You can schedule them to be delivered via browser, but you have to nominate a proctor to observe you and start and end the exam, etc...

MS

Sounds good. May I get a recommendation on a proctor. Are you referring to a testing authority or one of EXIN's people?

I have the web cam and set up still in place from when I took the OSA proctored exam.

eMeS

N2IT wrote: »

Sounds good. May I get a recommendation on a proctor. Are you referring to a testing authority or one of EXIN's people?

We use our assistant.

Exin's restrictions are that it has to be done in a place of business or a library; I don't think they do the web cam thing.

A passage from an old email I have from Exin:

Exin wrote:

The exam must be held at a business environment(not a home office), public library or testing center with a person such as an administrator, HR Rep or a librarian proctoring. The candidate is responsible for securing the proctor. The person chosen is required to sign a non-disclosure statement (attached). As long as I have this information on file I will email him/her with the instructions on how to set this session up a day before the exam.

veritas_libertas

EXIN testing centers - EXIN Exams

eMeS

veritas_libertas wrote: »

EXIN testing centers - EXIN Exams

The advanced one, which N2IT wants to pursue (he already holds the foundation one), isn't available through a testing center.

MS

veritas_libertas

eMeS wrote: »

The advanced one, which N2IT wants to pursue (he already holds the foundation one), isn't available through a testing center.

MS

Ah, I was just googling around today and decided to post that. What is the difference between the two?

eMeS

veritas_libertas wrote: »

Ah, I was just googling around today and decided to post that. What is the difference between the two?

The foundation one is very basic, and almost trivial, whereas the advanced is more situational in nature. The advanced one was much much tougher.

MS