CISSP Preparation

dcooper24dcooper24 Member Posts: 14 ■□□□□□□□□□
Is it better to buy the Shon Harris CISSP package and prepare on your own or attend a training center like new horizons and pay double the amount? Anyone that is CISSP certified, how did you prepare for it? What was your study habits?

Comments

  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    I've never been to one of those 5-day cert training boot camps, but several people that I know who have said that it was simply too much information to absorb in such a short amount of time. Unless that's really the way to prefer to learn new information, I'd suggest you choose the type of learning situation that is the most beneficial to you.
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    JD is right. It's certainly going to come down to individual preference. I've had students sit my CISSP Review Seminar and tell me they wouldn't have passed without it. A lot of it has to do with whoever the instructor is as well. For example, I don't waist two hours trying to explain the inner workings of RC4 algorithm. Nor do I waste time explaining what the OSI model is. As JD pointed out, there are thousands of pages of information and you simply CANNOT effectively cover it all in 5 days. If you're sitting the CISSP and don't know the OSI model, then you probably shouldn't be sitting the CISSP (see security experience requirements). On the other hand, you'll never be tested on the inner workings of the RC4 algorithm, so I certainly won't expound on it much more than the minimum.

    Keep in mind. It is the CISSP REVIEW Seminar. It is what it is, a review, not a how to or a "teach me security" type of class. I would say go the cheaper route first, then when you feel like you're ready, start hitting some practice exams, post here and ask questions. If you feel like you "kinda" remember all the vast amounts of information you've learned over the last however many months it is you will have spent preparing, then I would suggest taking a class. The thing about large volumes of information like this is the fact the people retain it in different ways and in different volumes. The truth be told, if I'm helping you prepare, I'll be pointing you in the direction of several books that don't have "CISSP" anywhere in the title, but are key to nailing down the concepts, and bridging some gaps. When you're finished, you might have read 5 or 6 books, plus two or three CISSP specific study guides, but you will certainly be stocked with plenty of knowledge. The review would come in handy for you because it takes the test topics and format and forces you to identify areas you might have struggled with a little but pushed on past them anyway.

    Let us know how it goes.

    Keatron.
  • HHHTheGameHHHTheGame Member Posts: 75 ■■□□□□□□□□
    Good post! I agree with the above. After reading all of the books and additional material I hit the practice exams over at cccure.org. I did that for about a month straight (it was nice that my company PDA had unlimited internet access). The review sessions are a lot of money if you are paying for it out of your own pocket.
  • lopezcolopezco Member Posts: 38 ■■□□□□□□□□
    dcooper24 wrote:
    Is it better to buy the Shon Harris CISSP package and prepare on your own or attend a training center like new horizons and pay double the amount?
    I was considering the review seminar in the last month of my study, but because of the cost and remaining expenses I had to pay I decided to take the risk and take the test without this valuable training.
    What Keatron says is very true about the instructor. I have read post where some centers put instructor which are not even CISSP and this way is a waste of money.
    But most of people who takes the seminar agree to be very helpful to pass the test.
    I read AIO book very slowly, trying to understand the concepts.
    I also read some topics in the official Guide and Krutz and Vines
    I saw Shon Harris videos many times, each time i saw them i retain something new.
    For me was hard to retain all, because sometimes while She was talking i was still analyzing and She went foward and I kept thinking and I did not stop the video always.

    The videos are good but if you have a question to ask, She cannot help you.
    So it depends on how you feel for the test, believe me you will never feel completely ready due to the great amount of material this cbk cover.

    After reading the book and watching the videos I started to take test practices, each hole i found i went back to the book and review it until i felt comfortable, if looking that topic in the book i saw something i did not remember I re-read it again.
    There was some info to memorize wich i left for the last week and was a big mistake, because I was so tired that in the last week my body did not respond as I thought, so I repeat this always DO NOT let everything for the last minute.

    Hope this helps
    Regards
    DAL
    "If you reveal your secrets to the wind, you should not blame the wind for revealing them to the trees." — Kahlil Gibran
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    If you're unsure of what you want to do, hang tight for a while. I spoke to some (ISC)2 reps today at the RSA conference in San Francisco, and they were telling me that they're on the verge of releasing a whole slew of new training material for both CISSP and SSCP. New books, new training seminars, the whole kit and kaboodle. Keep an eye on their website, and I'm sure you'll see the new stuff as it's announced. It took quite a bit of time of chatting (read "shameless flirting schmoozing") with the (ISC)2 rep to get her to tell me that new CISSP and SSCP books were being released, let alone tell me any specifics on when they're coming, so I don't really have any confirmed dates. The closest I got was "this year, sometime".

    Also, the same rep mentioned that there is currently some reviews happening of the CISSP, and the possibility of making the requirements even stricter is becoming more real. She was saying that the format of the test might change, and that the work-experience and educational requirements just may be raised in the near future. (Like they weren't strict enough to begin with.)

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    According to Amazon.com, the new Official (ISC)2 Guide to the SSCP CBK is due to be released next month, and the new Official (ISC)2 Guide to the CISSP CBK was released November 2006. I would expect that revisions to the exams themselves based on this new official material would happen in 2007.


    Hey Keatron, post a review of Tipton's new book on Amazon.com. You don't already have enough to do, right? icon_wink.gif
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    jdmurray wrote:
    According to Amazon.com, the new Official (ISC)2 Guide to the SSCP CBK is due to be released next month

    Schweet, I'm probably going to be picking that bad boy up in the next few months.

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
  • keatronkeatron Member Posts: 1,213 ■■■■■■□□□□
    jdmurray wrote:
    According to Amazon.com, the new Official (ISC)2 Guide to the SSCP CBK is due to be released next month, and the new Official (ISC)2 Guide to the CISSP CBK was released November 2006. I would expect that revisions to the exams themselves based on this new official material would happen in 2007.


    Hey Keatron, post a review of Tipton's new book on Amazon.com. You don't already have enough to do, right? icon_wink.gif

    Actually I'll just copy and paste the review I submitted for some CPE credits. As soon as I remember how to "review" my review on the ISC2 members site. icon_eek.gif
  • drakhan2002drakhan2002 Member Posts: 111
    It totally depends upon your learning style. I know a guy who is a very active family man with no time to study. He has 14 years of direct information security experience. He went to a 7 day boot camp for the CISSP and passed it in the end. If you have extensive IS experience going to a CISSP boot camp will likely be the route to go. There is a stipulation on the experience requirement for the CISSP for very good reasons. The CISSP should be a validation of one's ability to impliment security solutions, not a cert to get a job.

    If you have the required 4 years, then any form of training will likely work for you. Books, videoes, etc. I personal purchased the Shon Harris video boot camp. I watched about 4 hours of it during my prep for the CISSP (I feel like I wasted $400...look for it on eBay soon!). Anyway, I found reading a high level overview book along with really good notes were my ticket.

    You'll have to find your own way, but try a few different ways - videoes, books, CBTs, etc. One will make everything "click" for you.

    Good luck!
    It's not the moments of pleasure, it's the hours of pursuit...
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    I just received an email from Amazon.com notifying me that my copy of the new Official (ISC)2 Guide to the SSCP CBK has shipped. There are also a few book sellers on Amazon that have it at a slight discount. Now is a good time to buy and read this book and help build the errata.
  • SlowhandSlowhand Mod Posts: 5,161 Mod
    Excellent, I'll be looking forward to the SSCP as my end-of-the-year studying project. Let us know how the book is, JDMurray. I figure, if you survive, I might give it a go as well. icon_lol.gif

    Free Microsoft Training: Microsoft Learn
    Free PowerShell Resources: Top PowerShell Blogs
    Free DevOps/Azure Resources: Visual Studio Dev Essentials

    Let it never be said that I didn't do the very least I could do.
Sign In or Register to comment.