What is CISSP?
Administered by (ISC)2, CISSP,stands for Certified Information Systems Security Professional, is an advanced-level certification about IT security with different categories like Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security.. etc. 8 domains
Is this necessary?
If you are already in information security, you may heard of this cert once or twice before(since it’s a pretty well-known certification), but be aware lots of IT certs can get you an “interview opportunity” or “love call” from HR/headhunters but not an actual job. You still need an experience and knowledge to prove your skill.
like this certification requires ‘a minimum of 5 years of full time work experience in 8 domains of CISSP’. If you don’t have enough experience you will be a CISSP associate till you have 5 years experience.
How did I study
I took a 60 hours CISSP class, 7:30pm to 10:30pm after work. I had short experience as a penetration tester and CC(common criteria) assistant for IPS and F/W products. Also, I have a degree on Information Security& Assurance, which helped me to understand some terminology and concept of cyber security.
1. 5th Aug ~ 14th Oct , CISSP 60 hrs class
It was pretty tired to study after work but I tried to review what I learned that day.
2. 15th Oct ~ November (about one month)
Reading a book three times.
[First] google or read other books to understand some difficult terms or confusing subjects in the book. make a short summary for each domain.
[Second] Memorize important term and concept like OSI 7 layers, features about security models, Access control(MAC/DAC) features, Network attack types..etc
[Third] You can see there’s intersection contents between two or three other domains,(getting a big picture)
3. November ~ December (about one month)
There’s one or two question about newest security technology or hacking skills in CISSP test, so checking out latest security news is helpful to get these question. As a last step, I studied with CISSP practice questions.
CISSP Exam Information
- Length of exam : 6hrs
- Question format : Multiple choice (250 questions)
- Passing grade :70% (700 out of 1000 points)
- Test center : Pearson Vue Testing Center
(for more details : isc2 website)
Exam date : December 2nd, 2015, 9AM
I brought my ID and credit card and also simple snack like banana and chocolate just in case i got hungry during 6 hours exam. Since it was 6 hours(360 min) exam, i divided into 3 term like, [120min/ 120min/ 120min]. I took 10 min break after reviewing 250 question as a first time, and reviewed it twice. I finished the exam before 30 min, and waited to get a result.
It was quite interesting to get a result for the exam as soon as i finish the exam.. but excited that I passed.