NISTand FIPS documents for SSCP

Comments

• Options

  JDMurray Admin Posts: 13,026 Admin

  July 2014

  I would guess that NIST docs are a major reference source for (ISC)2 exam items. However, the danger is pending too much time doing a deep dive for an exam that is the proverbial "mile wide and an inch deep." I would suggest looking at the stanard study guide for the SSCP and check what NIST docs they referenced.
  
  I would say FIPS docs are only useful for the cryptography domain and only for AES, DES, and 3DES in particular. Like the NIST docs, they contain way more information than you need for the SSCP exam.

  
  Forum Admin at www.techexams.net
  --
  LinkedIn: www.linkedin.com/in/jamesdmurray
  Twitter: www.twitter.com/jdmurray

  0 · Share on FacebookShare on Twitter
• Options

  jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□

  July 2014

  Thanks for the response JDMurray.
  
  I just really want to pass the test when I take it so I'm a little concerned.

  Booya!!

  ---

  WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
  *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****

  0 · Share on FacebookShare on Twitter
• Options

  exspiravit Member Posts: 44 ■■□□□□□□□□

  July 2014

  The CISSP and I'm assuming the SSCP is to be country agnostic. The CISSP domains were derived from NIST SP800-12 but ISC has started to move away from being strictly US centric. My CISSP exam had a few questions on particular publications from the UK, USA, and an ISO but that was it. I don't think memorizing them would really help.
  
  Now, reading them for the information they contain is another matter in itself. There is a lot of really good info that is broken down and some decent explanations such as quantitative versus qualitative in regards to IA/Cyber security concerns. So, as reference material you have a good source if you want something broken down for, say, an executive to understand.

  0 · Share on FacebookShare on Twitter
• Options

  JDMurray Admin Posts: 13,026 Admin

  July 2014

  I would stay with just the SSCP study materials and Google any topics that you still don't understand. Reading standards and RFCs will just be a waste of your study time.

  
  Forum Admin at www.techexams.net
  --
  LinkedIn: www.linkedin.com/in/jamesdmurray
  Twitter: www.twitter.com/jdmurray

  0 · Share on FacebookShare on Twitter
• Options

  TeKniques Member Posts: 1,262 ■■■■□□□□□□

  July 2014

  I agree with what has been mentioned already, but just wanted to offer an opinion on study material. The Gibson book and a quality practice test bank will be enough to get through the exam if you understand the material. Myself, I just used the Gibson book (read it twice) and used the ISC2 test bank which in my opinion those questions were more difficult then the ones on the test.

  0 · Share on FacebookShare on Twitter
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• 
• Options

  jamesleecoleman Member Posts: 1,899 ■■■■■□□□□□

  July 2014

  I've been reading Gibson's and Harris's book and googling things that I don't understand. I'll buy the studyiscope questions as soon as I can, I would really like to see what I need to work on in addition to the other subjects.

  Booya!!

  ---

  WIP : | CISSP [2018] | CISA [2018] | CAPM [2018] | eCPPT [2018] | CRISC [2019] | TORFL (TRKI) B1 | Learning: | Russian | Farsi |
  *****You can fail a test a bunch of times but what matters is that if you fail to give up or not*****

  0 · Share on FacebookShare on Twitter