Thanks

jdreddjdredd Member Posts: 33 ■■□□□□□□□□
I wanted to thank everyone in this room. I passed today :) but I wouldn't have without all the help from everyone here -- the free stuff, the tests, books etc. What is a good way to give something back?

Comments

  • BaredorBaredor Member Posts: 99
    I'd be appreciative if you could list the study materials you used, along with how valuable you thought each to be. :)
  • jdreddjdredd Member Posts: 33 ■■□□□□□□□□
    I used Exam Cram 2 Security+ Book that came with a Preplogic sample practice exam of 100 questions. It also had 250 practice questions in the book. There were also 12 practice questions at the end of each chapter. This was pretty good because the explanations for the practice questions didn't do too bad of a job explaining the wrong answers, especially the prep logic sample test. I didn't get the prep logic, though, becuase it was too expensive after I had already bought two books. Probably worth it because of the explanation of the wrong answers.

    The Exam Cram book included a separate book with 500 Security+ practice questions with the same 500 questions on a Measure Up Exam engine (some kind of package thing). The questions here were quite a bit harder than on the actual exam itself. There are many multiple answers in this package and you have to know all of the options very well. A good way to study I guess. The exam I took didn't have too many multiple answer questions. This extra exam cram questions package explained the answers poorly, - mostly just repeated the question and didn't explain why the wrong anwers were wrong. It is very important when taking the test to know why the wrong answers are wrong. This saved me, I think, because I was able to eliminate a lot of things when I was uncertain about some of the questions.

    I also bought the Security+ Study Guide from SYBEX. It came with a testing engine. Not too bad a book but didn't explain the anwers to the practice questoins very well. The Exam Cram 2 was better, I think, although the Sybex covered some things the other didn't, and vice versa. I think you need to use more than one book, really, inspite of what I am about to say in the next paragraph.

    The best book I used was Certiguide to Security + -- Original Authors: Tcat Houser, with Helen O’Boyle, Ian Kayne, Angella Hebert, Michael Woznicki and Alex Moreno, Jr.; Lead Editor: Martha Babiak.
    Edited and adapted with permission by Charles M. Kozierok. This was by far the best book, and is, I believe an updated version of Tcat Houser's orginal book. Best of all it is free (although online) at: http://www.certiguide.com/secplus/index.htm
    The sample questions were explained clearly, too. It has very useful footnotes. I think you could pass the exam by studying from this book, the footnotes in that book, and the things on this site. You can buy a copy of this as well from a link on that site.

    The TechNotes and Sample questions in this forum were invaluable. I wouldn't have passed without them. Free too. Plus the 'Topsites' Link on this site led me to all sorts of really good places. I memorized the WAP layers - for some reason this was hard for me to do, but I didn't get that kind of question - lol.

    Also it really helps to have done stuff in security. You can memorize things, but there is so much. Like if you use PGP all the time it saves you a lot of memory work. Same for anything else you may have done. Like if you use Linux as well as windows you will likely get an answer or two without having to study those areas.

    I thought I knew a lot about security, but I learned that I know very little.

    I don't want to admit it, but I looked at the braindumps. I don't believe you can pass if that is all you use because they don't give you an understanding of why the wrong anwers are wrong. But - some of the questions I found on those sites led me to do some research and fully understand some of the questions that were posted on those sites. The questions were sometimes kind of weird and the answers were sometimes wrong that they gave though. Some of them were just practice questions taken from some other books and places. I guess there is no point in pretending those sites don't exist - this is a security room after all, so we know that there is a dark side.
  • TeKniquesTeKniques OSCE, OSCP, CISSP, CISA, SSCP, MCSE (03), Security+, Network+, A+, Project+ Member Posts: 1,262 ■■■■□□□□□□
    Congratulations! Thanks for one hell of a thorough review for everyone thinking of taking this test.

    What's next?
  • DarklyWiseDarklyWise Member Posts: 75 ■■□□□□□□□□
    Bang up job mate :)

    What's next?
    A being Darkly Wise and Rudely Great
  • jdreddjdredd Member Posts: 33 ■■□□□□□□□□
    I was thinking of doing the CISSP next. It can't be that much harder than Security+. Sarbanes Oxley compliance is going to be come a big thing both in the US and Canada (Canada because US companies will want compliance with companies they deal with). Companies are going to have to have securfity audits on a regular basis.

    CISSP seems to be a pretty good thing to have in Canada. I have certified with two or three SANS things but they are really expensive. Good, but don't think I will do any more there because of the cost. My employer used to pay for them, but doesn't now as I am no longer with that firm.
  • TURTLEGIRLTURTLEGIRL Member Posts: 361
    CONGRATULATIONS icon_cool.gif
    If you don't know 24 then you don't know Jack!
  • seuss_ssuesseuss_ssues Member Posts: 629
    I too have thought about working towards the CISSP after i get the security+ cert. For all the secuirty/cert gurus around here how much more information is needed to pass the cissp if you did well with the security+?
  • TeKniquesTeKniques OSCE, OSCP, CISSP, CISA, SSCP, MCSE (03), Security+, Network+, A+, Project+ Member Posts: 1,262 ■■■■□□□□□□
    I believe for the CISSP you need to be referred by an IT professional and have at least 2 years working in the field.
  • BaredorBaredor Member Posts: 99
    Thanks, I'll take note of all of that. I too would like to eventually be working towards CISSP, but that's a ways off yet as I have much left to do for MCSE, Security, Server, and Linux+. Back to the books..
  • RussSRussS Member Posts: 2,068 ■■■□□□□□□□
    Hearty congrats icon_thumright.gif
    www.supercross.com
    FIM website of the year 2007
  • WebmasterWebmaster Admin Posts: 10,292 Admin
    I too have thought about working towards the CISSP after i get the security+ cert. For all the secuirty/cert gurus around here how much more information is needed to pass the cissp if you did well with the security+?
    The CISSP and Security+ are difficult to compare. They both cover security concepts (theory) and there is a fair amount of overlap regarding topics, but, CISSP goes much deeper into the topics, and the exam is supposedly much harder (not just because of large the nr of questions). To answer your question more direclty: a LOT. Security+ is a very good primer for CISSP.

    Check out the following page for more info and a link to the requirements.
    icon_arrow.gifwww.techexams.net/isc2_cissp.shtml
    I believe for the CISSP you need to be referred by an IT professional and have at least 2 years working in the field.
    It's 4 years, and you have to be endorsed by another CISSP. A master's Degree in Information Security + 3 years experience is also acceptable. Note that the experience has to be info sec related.

    These requirements are for the certification, not for the exam. If you pass the CISSP exam without having the proper experience, you'll become an 'ISC2 Associate' and can become CISSP certified when you get to 4 years experience (without having to pass and pay for the exam again).

    Congratulations btw jdredd! icon_thumright.gif
  • Ricka182Ricka182 Member Posts: 3,359
    congrats!
    i remain, he who remains to be....
  • TeKniquesTeKniques OSCE, OSCP, CISSP, CISA, SSCP, MCSE (03), Security+, Network+, A+, Project+ Member Posts: 1,262 ■■■■□□□□□□
    Webmaster wrote:
    I believe for the CISSP you need to be referred by an IT professional and have at least 2 years working in the field.
    It's 4 years, and you have to be endorsed by another CISSP. A master's Degree in Information Security + 3 years experience is also acceptable. Note that the experience has to be info sec related.

    These requirements are for the certification, not for the exam. If you pass the CISSP exam without having the proper experience, you'll become an 'ISC2 Associate' and can become CISSP certified when you get to 4 years experience (without having to pass and pay for the exam again).

    Thanks for clearing that up Webmaster, I certainly didn't want to pass along false info :o
  • shadown7shadown7 Member Posts: 529
Sign In or Register to comment.