Preparing for the BAAP of ALL - CISSP

I got the CALL
I have to be certified by EO July 2012, for me to retain my position in my company. Have 6+ yrs of experience (varied) working in security. All my team mates are certified. except me

Tips tricks and Totems more than welcome this way

Personal opinion
*AIO dry as it can be.
*OIG good but so far no continuity.
*Eric Conrad is good, but i guess not enough from exam perspctv
*Ed Tittle 5th Ed 20 Chaps for 10 Doms....cant correlate.

Find more posts tagged with

Comments

beads

With that timeline I would seriously suggest using Eric Conrad's CISSP guide with as much supplemental reading in between as you can muster. Eric has boiled down as much as you can get into a smaller edition book and doesn't suffer from the information overload style of Harris' work. Concentrate on Access Control, Encryption and Telecommunications. Physical Security, Ethics and Governance are two that aren't reported nearly as heavily on the actual exams. Personally, I find physical security very easy to master so that was a "no brainer" for me, personally. Supplemental reading should include a bit on PCI and a basic understanding of Forensics.

When in doubt - write it out. If you have access to Visio, consider drawing a "map" comparing OSI to TCP along with where all those potential devices land within the TCP/OSI layers, e.g. 5th generation firewall versus a third generation firewalls; where a gateway resides, etc. Makes it much easier to remember through visualization.

- beads

sameerjan77

@beads

U r right. Eric's book is concise and has all topics. the only challenge is when going thro' freepracticetests.org some of the questions need more indepth info than what is given in Erics'. catch22

!!!

LEGAL, REGULATIONS, COMPLIANCE & INVESTIGATIONS - completed
PHYSICAL (ENVIRONMENTAL) SECURITY - completed
SECURITY ARCHITECTURE & DESIGN - completed
CRYPTOGRAPHY - ongoing

As you suggested finish the book first and then attack practice tests with more supplemental reading as u go on..

JDMurray

With such a short time frame, a 5- or 6-day bootcamp is probably your best bet. Given that your job has been put in such a precarious position by your employer, s/he should be willing to pay for it.

sameerjan77

@JDMurray

If wishes were horses....

I m wearing my boss' shoes now....
this one guy is not certified .....grrrrrr....let me show him who is the boss.

CISSP... I shud have done long back. I did not. Reason I dont believe in this certification. Not once in my work life have I used Clark Wilson directly or used one Fire Extinguisher (I dont even know if I have spelt it correctly)....isnt that the job of administrative department (seperation of duties ..Hurrah)

I can go on and on but wont change a thing....I need my CISSP now.....Cringe Time.

JDMurray

I'm very sorry you are in that situation. I hate to see anyone loose their job simply because they don't have an IT certification. (Being a competent and valued employee should count towards staying employed in any organization.) If you really value working there, it would be worth paying for a bootcamp to try and meet your deadline. Bootcamps don't guarantee a pass, but I think it would be your best shot. Be sure to completely read one of the more popular CISSP books before attending and that will help too.

sameerjan77

@JDMurray

And thats the game plan for now...complete one book...do as many practice tests as possible and in the final week go for studISCope.

I cant do a bootcamp in India. so bought AIO here, asked a friend to ship Eric's from US and Ed and OIG are borrowed.

emerald_octane

I should've mentioned this earlier but I believe that the best resource that you could use in a time crunch is the official ISC2 CISSP CBK Review Seminar Student Handbook (Amazon.com: The Official (ISC)2 CISSP CBK Review Seminar Student Handbook; Version 9.0 (9780763773441): ISC: Books) and the Cissp Prep Guide ( Amazon.com: The CISSP Prep Guide: Mastering the Ten Domains of Computer Security (9780471413561): Ronald L. Krutz, Russell Dean Vines, Edward M. Stroz: Books ). Not knocking the conrad materials and they are great to study with if you have the time. The benefit of the review seminar handbook is that it goes into just enough depth to the stuff that you will see on the test. It's VERY pricy because the seminar itself is, what, $2500 but it was my primary guide. The CISSP Prep Guide is good because it's covers all the required topics to atleast some degree.

pumbaa_g

Which City are you located, I saw some vendors who provide Boot Camps for CISSP on Google. Try searching for it its a pretty popular certification nowdays.

In case you dont have any luck let me know, I have a friend who went through CISSP last year. He may have some details

sameerjan77

I m currently in a place which is 2 hrs from Pune.