Quick, I Need the Exam!

QuantumstateQuantumstate Member Posts: 192 ■■■■□□□□□□
Just got word that a new job I want requires the CISSP. I've done enterprise infosec for 8 years, some of that with a Big Four. And I have a Bachelors in CS and MBA in Economics. And I have CEHv7.

Looks like I qualify for the experience requirements given my degrees, but am I -required- to take any of their training before taking the exam? Some certs require this.

Assuming I'm allowed all self-study, the All In One did me well for CEH. Would it also serve for CISSP?
Or should I use the Official Study Guide and Official ISC2 Practice?
Or should I use the Sybex 7th edition text?
Or should I study purely the PMBOK?

I could only possibly study one.

And am I to be recommended by a current CISSP? How could I arrange that?

Comments

  • mgeoffriaumgeoffriau Member Posts: 162 ■■■□□□□□□□
    Sybex guide, then Sybex guide again (quickly, just stopping for stuff you need reinforced), then 11th Hour guide.
    CISSP || A+ || Network+ || Security+ || Project+ || Linux+ || Healthcare IT Technician || ITIL Foundation v3 || CEH || CHFI
    M.S. Cybersecurity and Information Assurance, WGU
  • QuantumstateQuantumstate Member Posts: 192 ■■■■□□□□□□
    Thanks.

    "The new 8th edition paperback is available for pre-order. The kindle version is available to purchase."

    Maybe I can hack the kindle version to .pdf. Sure do love to highlight.
  • PersianImmortalPersianImmortal Member Posts: 124 ■■□□□□□□□□
    I haven't taken the new edition of the exam, but the Sybex guide was the most helpful resource for me. The CISSP training videos on cybrary.it were very helpful as well. Good luck!!
  • johndoeejohndoee Member Posts: 152 ■■■□□□□□□□
    Just got word that a new job I want requires the CISSP. I've done enterprise infosec for 8 years, some of that with a Big Four. And I have a Bachelors in CS and MBA in Economics. And I have CEHv7.

    Looks like I qualify for the experience requirements given my degrees, but am I -required- to take any of their training before taking the exam? Some certs require this.

    Assuming I'm allowed all self-study, the All In One did me well for CEH. Would it also serve for CISSP?
    Or should I use the Official Study Guide and Official ISC2 Practice?
    Or should I use the Sybex 7th edition text?
    Or should I study purely the PMBOK?

    I could only possibly study one.

    And am I to be recommended by a current CISSP? How could I arrange that?


    You are currently not qualified for the job.

    I would not rush to take an exam that will cost several hundred dollars for a position that has already posted. I wish you the best but what if you fail? Then you are several hundred in the hole. The opportunity is not going to wait for you. It just might be gone by the time you pass the exam.

    I would take my time and study for the CISSP for the next role to open up. Have patience!
  • QuantumstateQuantumstate Member Posts: 192 ■■■■□□□□□□
    johndoee wrote: »
    You are currently not qualified for the job.

    I would not rush to take an exam that will cost several hundred dollars for a position that has already posted. I wish you the best but what if you fail? Then you are several hundred in the hole. The opportunity is not going to wait for you. It just might be gone by the time you pass the exam.

    I would take my time and study for the CISSP for the next role to open up. Have patience!

    lol, thanks for the advice but it's understandable how someone would get so discouraged. Life is not a lovely bowl of pansies, is it. You are in no position to understand the situation nor me, so respectfully stow it. I asked the best way to get there, not whether I'm qualified nor if there's any hope.
  • PCTechLincPCTechLinc Member Posts: 646 ■■■■■■□□□□
    Similar to you, I have the requisite experience, but decided 50% on a whim (the other 50% was encouragement) to go for the test before their objectives changed on April 15th. I started reading the CBK for 2 months while also finishing my MBA, but really decided to take a break from school to go for the exam in April (bought the voucher in February.) After I bought the voucher, I made studying for the exam my life other than work. The reading materials that worked the best for me were Sybex and Shon Harris All-in-One. The Sybex book has an online practice exam set, and the AIO has Total Tester for download. Looking back, if I had to pick one, it would be the AIO. It is EXTREMELY comprehensive (~1450 pages,) but covers all objectives in great detail. The Total Tester download has ~1450 questions, but a lot of them are duplicates. The Total Tester practice questions are similar in difficulty level to the real exam. It took me two months to go through all the material, so if you have that much time to spare, that's the route I would go.

    As far as required training, there is none. Buy the voucher, pass the exam, submit your Endorsement request, then wait 3 to 6 weeks. Anyone who has CISSP and is current with their membership fees can endorse you, or you can request ISC2 to endorse you if you don't know anyone.

    I hope this information helps, and best of luck!
    Master of Business Administration in Information Technology Management - Western Governors University
    Master of Science in Information Security and Assurance - Western Governors University
    Bachelor of Science in Network Administration - Western Governors University
    Associate of Applied Science x4 - Heald College
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    why would you use the PMBOK?

    All the other materials are good, use as many resources as you can. Self study is enough no need to purchase training or anything like that if you have experience.
  • tedjamestedjames Member Posts: 1,179 ■■■■■■■■□□
    Apply for the job. Who knows? They may offer it to you under the condition that you earn CISSP within six months.

    I'm reading the Sybex guide right now. Great stuff. I'm also watching the Cybrary videos. Also great. The Eric Conrad guide is also excellent. Whatever you do, download the course objectives and make sure that you know something about every one of them.
  • QuantumstateQuantumstate Member Posts: 192 ■■■■□□□□□□
    Thanks all. I've been under consideration by a top consulting company but the hiring manager decided that CEH is not enough. It is likely that given my background and the growth of this firm that they'll have a place for me if/when I pass the exam.

    In retrospect I'm a bit concerned that the AIO prepared me only about 70% for the CEH exam. I'm reading alot of success with the Sybex prep, but then you don't tend to read about failures.

    I'm still on the knife-edge whether to do this because I'm in the middle of an artificial intelligence course, and would have to belay that for the CISSP. But I do want the job with this company.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Ha! I love the polite advice for johndoee to shove his comments. And PMBOK for CISSP, I don't know but it sounds like there's some fundamental lack of understanding of the CISSP blueprint. First step is to go read the candidate bulletin or whatever it is called these days so you know what you are walking into. All the official material is super dry and boring as hell so I don't recommend it. If you are convinced on giving it a shot your best best is Sybex and the Conrad book.
  • roxerroxer Member Posts: 130 ■■■□□□□□□□
    Take a look at Cybrary.it CASP too - it has information the CISSP class is missing IMHO. I took my test for the very same reasons as you, a position opened up requiring the CISSP certification. Unfortunately, I was told I needed to have two years as a CISSP to count (after the fact). I quit chasing alphabet certs after I held the MCSE and CCNE for 10 years. Now cert requirement has come back with a vengeance. I read where hiring managers (including myself) want experience, but the resumes usually do not make it to their desks without the letters on the resume. So you are darned if you do and darned if you don't. I was able to exceed the technical interview BTW, but still fell short because I did not have the CISSP for at least two years. Stupid.
  • Shane2Shane2 Member Posts: 65 ■■■□□□□□□□
    johndoee wrote: »
    You are currently not qualified for the job.

    I would not rush to take an exam that will cost several hundred dollars for a position that has already posted. I wish you the best but what if you fail? Then you are several hundred in the hole. The opportunity is not going to wait for you. It just might be gone by the time you pass the exam.

    I would take my time and study for the CISSP for the next role to open up. Have patience!

    You really have personality issues. Either don’t answer his question, or walk away. Don’t tell the guy he isn’t qualified when all you have is this post to go by.
  • stryder144stryder144 Member Posts: 1,684 ■■■■■■■■□□
    If you have been working in enterprise INFOSEC for eight years, and assuming you've worked with at least two of the eight current domains during that time, then you do qualify. Just make sure that you read through the candidate materials first, as suggested by cyberguypr, and line up your experience to those requirements. Way too easy.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
Sign In or Register to comment.