CISSP Prep question

Hi,
I am planning to break into InfoSec and decided to do my CISSP. I will be taking online or in class live training (not boot camp) for 6 weeks. What other materials do i need to study from. Do i need to go through the whole main book even after attending the class? Or just the Summary book by Erin Conrad 11th hour will be enough?

Are paid online live classes good for training?

Keep in mind i have no prior experience in infosec. Just 5 years in Sys Admin

Find more posts tagged with

Comments

azi90

Just wondering if i asked something ridiculous. No one has any suggestion?

shreenag

Hi, I think your interest to break into this field might best be served by preparing for SEC+ exam. CISSP is not an entry level exam. The questions test an understanding of concepts from an real time experience perspective which you dont have. I think SEC+ followed by some real world experience in any 2 of the 5 domains would be a good starting point to prepare for CISSP.I wrote the CISSP sometime back and failed with a 668.So I know how tough the exam actually is.Just my 2 cents!

azi90

shreenag wrote: »

Hi, I think your interest to break into this field might best be served by preparing for SEC+ exam. CISSP is not an entry level exam. The questions test an understanding of concepts from an real time experience perspective which you dont have. I think SEC+ followed by some real world experience in any 2 of the 5 domains would be a good starting point to prepare for CISSP.I wrote the CISSP sometime back and failed with a 668.So I know how tough the exam actually is.Just my 2 cents!

While i understand CISSP is no way an entry level exam unfortunately things are slightly different in Canada. You cannot break into security field by any means without at minimum having a CISSP or CISA or CISM. This is the canadian Market unfortunately. To break the HR filters you need to have at minimum one of those three. Hence my planning to do CISSP.

If someone can please answer that if i take a 6 week class on CISSP, do i still need to go through the Main course book? or the summarized version would be sufficient(11th hour)

Thanks

tedjames

I think that what Shreenag was saying is that if you have no experience in security, you should start with an entry level certification like Security+ and work your way up to CISSP. Security+ doesn't require any experience while CISSP requires five years of experience. You may be able to pass the test, but you won't be officially certified until you meet the experience requirements.

The full Eric Conrad study guide is great. Use his 11th Hour book as a followup. But also, take the free CISSP training at Cybrary.

First thing, though, is to download the official exam objectives and use that as an outline for study. Make sure that you know something about each of the bullet points.

paul78

azi90 wrote: »

Do i need to go through the whole main book even after attending the class? Or just the Summary book by Erin Conrad 11th hour will be enough?

It largely depends on what you already know. I don't think that many people actually read the ISC2 CBK. I definitely didn't read it because I found it too tedious.

azi90 wrote: »

Are paid online live classes good for training?

For me, I actually prefer recorded on-demand because I prefer to watch/learn on my own schedule and when time permits. It's really a personal preference.

azi90 wrote: »

Keep in mind i have no prior experience in infosec. Just 5 years in Sys Admin

Depending on the type of sysadmin work you are doing, that experience could be sufficient. Good luck!

azi90

tedjames wrote: »

I think that what Shreenag was saying is that if you have no experience in security, you should start with an entry level certification like Security+ and work your way up to CISSP. Security+ doesn't require any experience while CISSP requires five years of experience. You may be able to pass the test, but you won't be officially certified until you meet the experience requirements.

The full Eric Conrad study guide is great. Use his 11th Hour book as a followup. But also, take the free CISSP training at Cybrary.

First thing, though, is to download the official exam objectives and use that as an outline for study. Make sure that you know something about each of the bullet points.

Thank you for the response Ted,

I actually fully understood what he was saying. What i meant to say is security+ wont get my foot in the door for any job over in canada. I can probably skim through the concepts of security+ but i dont think the cert itself has any value here.

So you are saying the official guide of CISSP is not necessary to read through? Will a 6 week course plus 11th hour as followup suffice to pass the exam?(ofcourse following up with practice tests etc)

HappyBearIT

5 years as a sys admin may be enough for you to hit most of the domains in some form or fashion depending on your specific job. Best option for you is to pick up the new practice test book and Boson pre-test. Take a pre-test from each and see where you stand.

tedjames

azi90 wrote: »

Thank you for the response Ted,

I actually fully understood what he was saying. What i meant to say is security+ wont get my foot in the door for any job over in canada. I can probably skim through the concepts of security+ but i dont think the cert itself has any value here.

So you are saying the official guide of CISSP is not necessary to read through? Will a 6 week course plus 11th hour as followup suffice to pass the exam?(ofcourse following up with practice tests etc)

Security+ is not really enough in the US, either. I know it's required in the DoD. I see it as more of a gateway certification. I've known some who went straight to CISSP and passed. Others, like me, prefer to build from the ground up. If you feel ready to tackle the CISSP, then by all means, go for it.

I recommend studying a full certification guide (I'm using the full Conrad guide and the Sybex guide) and then taking your 6-week course. I'm actually going to participate in a boot camp in August, but I'm going to finish both study guides first. Then, after the boot camp, I'll read Conrad's 11th Hour guide before taking the test. I have access to Skillsoft at work, so I get free access to all of these guides.

By the way, Cybrary has an excellent, free CISSP course. You can download mp3s of the lectures and the slides. I'm using that to reinforce the topics.