Passed - Information Security Foundation Based on ISO/IEC 27002

I took this exam today through Exin. I passed with a 39 of 40, taking about 45 minutes.

I felt that the exam was fairly basic. I mostly used the ISO/IEC 27002 document to prepare, but also at the recommendation of N2IT I read Foundations of Information Security Based on ISO27001 and ISO27002 . My opinion is that this book is not well-written, but that could be due to the translation from Dutch to English. The book did adequately cover the material on the test, so I felt well-prepared.

Up next for me is the advanced ISO 27k exam, perhaps as soon as next week.

MS

Comments

  • earweedearweed Member Posts: 5,192 ■■■■■■■■■□
    Congrats on the new cert.
    How do you see this cert benefitting you?
    No longer work in IT. Play around with stuff sometimes still and fix stuff for friends and relatives.
  • eMeSeMeS Member Posts: 1,875
    earweed wrote: »
    Congrats on the new cert.
    How do you see this cert benefitting you?

    Thanks.

    I'm not sure. We're seeing more work come around that's looking for ISO 27k knowledge, so we're starting to build up capabilities in that area. The other reason that I did this is because I get two exams per year at 1/2 off through Exin, and I don't like to let things like that go to waste.

    MS
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,150 Mod
    Great score ! Congrats eMeS icon_cheers.gif
    Goal: MBA, Jan 2021
  • eMeSeMeS Member Posts: 1,875
    UnixGuy wrote: »
    Great score ! Congrats eMeS icon_cheers.gif

    Thanks, honestly I was a bit surprised at the score. I almost hate getting a score like that because it leaves you wondering which one you could have possibly missed....

    MS
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,150 Mod
    eMeS wrote: »
    Thanks, honestly I was a bit surprised at the score. I almost hate getting a score like that because it leaves you wondering which one you could have possibly missed....

    MS


    well yes it is...I always hated Multiple Choice Questions exams at uni, there's always a room for bad wording or for misunderstanding of what the questions wanted.
    Goal: MBA, Jan 2021
  • newmovenewmove Member Posts: 108
    I was thinking of writing this exam before I opted to book for Sec+. I just felt its an exam you can going in and apply common sense after studying well for Sec+.

    Its on my radar and will eventually tackle it next year.

    Congrats on this one.
  • rogue2shadowrogue2shadow CISSP, GXPN, OSCE, OSCP, OSWP, eMAPT, CEH, CNDA, A+, Network+, Security+ Member Posts: 1,501 ■■■■■■■■□□
  • eMeSeMeS Member Posts: 1,875
    newmove wrote: »
    I was thinking of writing this exam before I opted to book for Sec+. I just felt its an exam you can going in and apply common sense after studying well for Sec+.

    Its on my radar and will eventually tackle it next year.

    How popular is Sec+ in the UK?

    This exam is definitely much less comprehensive than Sec+, however, it covers some things that would be a bit foreign to a US audience, such as personal privacy legislation.

    MS
  • N2ITN2IT Inactive Imported Users Posts: 7,483
    Gratz brother! I saw this update on Linkedin so I hit you up on there also.

    ^5
  • newmovenewmove Member Posts: 108
    eMeS wrote: »
    How popular is Sec+ in the UK?

    This exam is definitely much less comprehensive than Sec+, however, it covers some things that would be a bit foreign to a US audience, such as personal privacy legislation.

    MS

    Sec+ is not that embraced here to the best of my knowledge but I want to add it to my skillset and towards earning CISA.

    I skimmed through the pdf on ISO 27002,its going to be quite an interesting read and the certification is well recognised here. Do you think the personal privacy legislation would be relevant in the US?
  • PsoasmanPsoasman Senior Member Member Posts: 2,687 ■■■■■■■■■□
    Congrats on your pass, nice score!
  • eMeSeMeS Member Posts: 1,875
    newmove wrote: »
    Do you think the personal privacy legislation would be relevant in the US?

    It doesn't exist here, at least not in the same sense.

    MS
  • N2ITN2IT Inactive Imported Users Posts: 7,483
    eMeS wrote: »
    It doesn't exist here, at least not in the same sense.

    MS


    MS when you take the advance portion please let me know. I would really appreciate some feedback. I am hoping to knock that one out since you shed light on the testing process and how I can take the exam without a class :)

    I'd like to get Sec + and 27002 advanced eventually.
  • eMeSeMeS Member Posts: 1,875
    N2IT wrote: »
    MS when you take the advance portion please let me know. I would really appreciate some feedback. I am hoping to knock that one out since you shed light on the testing process and how I can take the exam without a class :)

    I'd like to get Sec + and 27002 advanced eventually.

    I scheduled it today for next Wednesday...I'll report back on how it goes.

    For these two exams Exin does not require that you attend a class. You can schedule them to be delivered via browser, but you have to nominate a proctor to observe you and start and end the exam, etc...

    MS
  • N2ITN2IT Inactive Imported Users Posts: 7,483
    eMeS wrote: »
    I scheduled it today for next Wednesday...I'll report back on how it goes.

    For these two exams Exin does not require that you attend a class. You can schedule them to be delivered via browser, but you have to nominate a proctor to observe you and start and end the exam, etc...

    MS


    Sounds good. May I get a recommendation on a proctor. Are you referring to a testing authority or one of EXIN's people?

    I have the web cam and set up still in place from when I took the OSA proctored exam.
  • eMeSeMeS Member Posts: 1,875
    N2IT wrote: »
    Sounds good. May I get a recommendation on a proctor. Are you referring to a testing authority or one of EXIN's people?

    We use our assistant.

    Exin's restrictions are that it has to be done in a place of business or a library; I don't think they do the web cam thing.

    A passage from an old email I have from Exin:
    Exin wrote:
    The exam must be held at a business environment(not a home office), public library or testing center with a person such as an administrator, HR Rep or a librarian proctoring. The candidate is responsible for securing the proctor. The person chosen is required to sign a non-disclosure statement (attached). As long as I have this information on file I will email him/her with the instructions on how to set this session up a day before the exam.

    MS
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    Currently working on: Linux and Python
  • eMeSeMeS Member Posts: 1,875

    The advanced one, which N2IT wants to pursue (he already holds the foundation one), isn't available through a testing center.

    MS
  • veritas_libertasveritas_libertas CISSP, GIAC x5, CompTIA x5 Greenville, SC USAMember Posts: 5,735 ■■■■■■■■■■
    eMeS wrote: »
    The advanced one, which N2IT wants to pursue (he already holds the foundation one), isn't available through a testing center.

    MS

    Ah, I was just googling around today and decided to post that. What is the difference between the two?
    Currently working on: Linux and Python
  • eMeSeMeS Member Posts: 1,875
    Ah, I was just googling around today and decided to post that. What is the difference between the two?

    The foundation one is very basic, and almost trivial, whereas the advanced is more situational in nature. The advanced one was much much tougher.

    MS
Sign In or Register to comment.