Memorization?

Paperlantern · September 2012

So my exam is still scheduled for the 10th at 8am. It's going to be one hell of a Monday. I want to ask anyone that has taken the test... ie, gone through the study process to the end, what you committed to memory before going in. Now i'm not asking anyone to violate their NDA and tell me what I SHOULD memorize because it IS on the exam, I'm just asking what you memorized before going in. Anything? Canons? Code of Ethics? Law terms? What did you feel you should have committed to memory before going into this exam?

Iristheangel · September 2012

Security architecture types, the differences and uses for different algorithms, access control models, documents and what they are used for (iso 27001/27002 and so on), understand bcp In and out, etc. Dont worry as much about physical and legal. Those domains are probably the least important.

Lob · September 2012

In my studying, I memorised the OSI and other layered models and memorised what was symmetrical and what was asymmetrical encryption.

Everything else was down to study and digestion or work familiarity.

HTH

JDMurray · September 2012

With regard to physical security, the only matrix I remember studying was the different codes used in fire suppression and knowing what chemical to throw on what type of fire.

In Information Security, human safety is the most important thing to consider! It's amazing how some InfoSec professionals don't realize this and think that understanding fire suppression is not part of their job description.

emerald_octane · September 2012

memorization is important but atleast if you have a general idea of each concept you should be good.

Paperlantern · September 2012

Thanks for the responses guys. I do feel like i have a "good" understanding of everything. My problem is most people say "test and then work on your two weakest, or your three weakest domains". Ive taken a few tests, and those that give results, it seems i get about 70% but i missed 70% of EVERY domain, there really ISNT a weakest domain for me thus far. Jack of all trades, master of none. Heh. I have probably taken somewhere inthe neighborhood of 500 questions in the last few weeks. There is 250 more in the CISSP for Dummies book, another couple hundred in the AIO, another few hundred I have in PDF form from Learnsmart Systems, plus thier test engine i have to crack into yet. So I will be drilling non stop. I just hope some of them point me to where i need to focus, cuz right now ive just been reading everything, basically cover to cover books so far.

I'm in the legal chapter of the CISSP for dummies right now... i HATE that domain... lol

Thanks Iris, I will drill on the models, although Ive picked up quite a bit already on em. I will need practice on the architechture I think, as well as the documents... ugh, all those numbers. Thanks for the suggestions everyone, keep em coming.

Mrock4 · September 2012

For me, I worked on cramming the ISO's, fire extinguisher types (as JD mentioned), and security models as Iris mentioned. I saw some people going crazy with huge **** sheets, but I test by the idea that they can only ask so much, so I picked the "highlights" and memorized those, and just did a brief overview of the more obscure topics right before the test.

Paperlantern · September 2012

I'm pretty comfortable with the Fire types etc, physical sec is pretty good, I'll make some flashcards for the ISO's methinks.

webgeek · September 2012

I summarized and made my own **** sheet to study. No need to study something I already know and the books are huge!!! AIO, OIG, Sybex so I compressed it down to 35 pages...a lot easier to study.

Test on Saturday @ 8am!

Paperlantern · September 2012

Just finished the second to last chapter (legal) in the CISSP for Dummies book, then decided to just do the practice questions from chapters 5 and 6 in the AIO... not feeling good now, they kicked my ass getting a 52% and a 68% respectively on architecture and design and physical access control respectively. Physical SHOULD have been one of my stronger suits but jeezus they asked what specific LENS should be on a certain camera for a certain situation, granted i think i am just toasty for the day because i missed at least 4 questions accross the two domains i SHOULD have gotten right.

Just feeling very very underprepared right now.

webgeek · September 2012

Are you using any quiz engines? I decided to get on the cccure and it has help me.....

Iristheangel · September 2012

I wouldn't be as stressed about Physical and Legal. They don't appear as often on the test as Access Control, BCP, Architecture, and Crypto. If need be, try to get into a seminar if you're still feeling weak.

Paperlantern · September 2012

My work wouldnt pay for a bootcamp or seminar and I cant afford 3 grand. I do have a test engine available but my subscription is screwed up to that vendor right now and the engine wont let me in because im missing the access code. With my subscription screwed up i cant get the code. *sigh* this may end up being yet another reschedule... *sobs quietly*

How much are the cccure engines?

webgeek · September 2012

$40 for 6 months

Iristheangel · September 2012

My job wouldn't pay for the seminar either. I paid $2195 out of pocket. It hurt but it helped carry me through the test. If you have the savings, it might be worth the sacrifice

webgeek · September 2012

If I don't pass this time then I'm dropping the $$$ on a seminar...problem is the cheapest one I found was almost $5k

Gonna have to start taking donations on here

Iristheangel · September 2012

Go to CISSP.com. It's the ISC2 official seminar but it's for cheaper: $2,195
Here's where I bought mine: CISSP.com - Official ISC2 CISSP training - CISSP.com - Official ISC2 CISSP training

webgeek · September 2012

Next one in my area is in December......back to

@ work

Paperlantern · September 2012

Yeah I'm not feeling real strong, that is for certain. I'm not a great book learner, but another part of the problem is there is just such a broad base, i'm not even sure what to focus on, and I'm afraid it might be too late to start at this point. I'm used to BEING taught, classroom environment works for me, having a mentor/teacher say "Read this, learn these, memorize these terms and be intimately familiar with these procedures". Alternatively, I have ALL the terms, and ALL the procedures, and i'm only somewhat good on everything apparently. Maybe i'm just psyching myself out, or just being epicly paranoid and intimidated. I don't know. I suppose there's no way to know unless I give it a go either. *throws self of nearest roof in sheer frustration*

webgeek · September 2012

1st attempt Paperlantern?

Paperlantern · September 2012

YEs this will be first attempt, HOPEFULLY it's not just an attempt, but it is the first shot yes.

dover · September 2012

I made a memorization sheet covering some concepts or things that were list-likeor things I may not have had too much familiarity with.

Good luck on the 10th!

Info risk management
Data classification processes

Crypto:
Type of cipher attacks and what their ultimate aims are
i.e. Known plaintext attacks, ciphertext attacks, chosen attacks and adaptive attacks

Cryptanalysis attack types:
Analytical
Differential
Statistical
Linear

Physical
What everyone else said

App Security
Software Capability Maturity Model
OPSEC vulnerabilities assessment

Random
RAID Levels and their requirements

Sec architecture
Common criteria
EAL 1-7
ITSEC Classes

Access control
Biometrics with response time and accuracy rates.

Example
System Type:Palm Scan Response time: 2-3 Seconds

BCP/DRP
Everything - this one was the one domain I was worried about the most

Legal
Evidence life-cycle

webgeek · September 2012

Paperlantern wrote: »

YEs this will be first attempt, HOPEFULLY it's not just an attempt, but it is the first shot yes.

I hope you do get the first shot! This will be my first attempt at the CBT so I'm hoping since it is one question at a time will help me easily pass since the PBT can seem overwhelming due to everything is there all at once.

emerald_octane · September 2012

Iristheangel wrote: »

My job wouldn't pay for the seminar either. I paid $2195 out of pocket. It hurt but it helped carry me through the test. If you have the savings, it might be worth the sacrifice

Daaannggg Out of pocket?

respect.exe

Paperlantern · September 2012

webgeek wrote: »

I hope you do get the first shot! This will be my first attempt at the CBT so I'm hoping since it is one question at a time will help me easily pass since the PBT can seem overwhelming due to everything is there all at once.

Hadn't thought about it that way. Though going through these practice questions that I do have access to is just getting discouraging at this point. More or less scaring the poop out of me to say the least.

*EDIT* Just for giggles i took the 30 question test here on TE and got a 77%, that is a bit higher than I have been doing on some others. Thats a little uplifting.

webgeek · September 2012

Paperlantern wrote: »

Hadn't thought about it that way. Though going through these practice questions that I do have access to is just getting discouraging at this point. More or less scaring the poop out of me to say the least.

*EDIT* Just for giggles i took the 30 question test here on TE and got a 77%, that is a bit higher than I have been doing on some others. Thats a little uplifting.

Remember all you need is a 70% to pass the CISSP.....but you should shot for higher than that

I'm currently doing each domain separately off of the cccure database and then will attempt a couple of multiple domain tests. Since I work 36 hours between today, tomorrow, and Thursday I think I'll have time at work. I'm off on Friday for my final review day and test on Saturday.

Try to focus on your lower scoring domain and keep going. Keep your head up high and never give up!!!!

Paperlantern · September 2012

I went to the cccure website to check it out, I might see if work will comp that and i'll kind of help cram with it, then, if i dont pass, i'll still have it beyond the test for my second attempt.

webgeek · September 2012

Its good for 6 months and I recommend, just like most people, don't wait toooo long after your first attempt.

Remember cup is neither half full or half empty, it's always full

But lets shoot for the one shot attempt on the CBT k?!

Paperlantern · September 2012

Went ahead and got the cccure.org 6 month subscription. Taken two 50 question practice tests and scored a 66% on each. So Im right on the edge of failing, i need to brush up on some areas to get me into solid high 70's. Hopefully 6 days will be enough to do that. The cccures should tell me where i need to hit on, just based on the 100 questions ive taken so far ive got some good notes to use.

Paperlantern · September 2012

After 250 questions on the CCCURE im staring at a 71%. Not bad, but def have some areas to work on from this. Very good resource.

mog27 · September 2012

webgeek wrote: »

Remember all you need is a 70% to pass the CISSP.....but you should shot for higher than that
QUOTE]

I thought the questions were weighed differently so it may not be that you have to get 70% of them correct. Is this true?

Memorization?

Comments