InfoSec Certifications Market

The Strategic Role of CISSP

Start Your CISSP Journey

CISSP is one of the most challenging exams ever because of its comprehensive perspectives and requirements of solid conceptual level understanding and in-depth insights to managerial and technical issues.

It’s comprehensive, and you have to think from a variety of perspectives, such as board director, senior management, CISO, auditor, legal counsel, purchasing and HR staff, engineer, developer, project and program manager, end user, attacker, and so forth. Experience or certifications of PMP, ITIL/ITSM, or CCNA help quite a bit.

However, it’s reasonable for CISSP aspirants to pass the CISSP exam with 150 to 250 study hours. I usually suggest my friends study for 2 hours on weekdays and 4 hours on holidays and sit for the CISSP exam in 3 months. The keys to success are the effectiveness of your study plan, persistence, discipline, and communication with and support of your family and boss.

The CISSP exam, from my point of view, can be divided into two parts: management (Domain 1,2,5,6, and 7) and technology (Domain 3,4, and 8). It’s a body of knowledge, not a collection of discrete knowledge points. To start your CISSP journey, please download The CISSP Exam Outline first. Read and explain it to your friends until you can do that well and feel confident. 

The CISSP Official Study Guide Sybex 8th is a tutorial to help you understand the CISSP exam outline. The Official ISC2 Guide to the CISSP CBK Reference 5th explains the CISSP exam outline in details. It’s crucial to browse the CBK suggested references and read the NIST Special Publications enlisted.

Do all the online practice questions companioned with the Sybex 8th to validate your essential knowledge. After that, do more practice questions, especially those with situations or scenarios that test your ability to apply the knowledge and principles. 2500 questions in total are the minimum.

Facebook Group

Dear CISSP aspirants,

CISSP Made Easy! Yes, but don’t get me wrong. CISSP is one of the most challenging exams I have ever had as an experienced IT professional. Everything could be easy only if you are committed to it. So does CISSP.

CISSP Made EASY is a study group for members to learn and share information to succeed in the CISSP exam. It’s one of the initiatives for the group host, Wentz Wu, to give back to the InfoSec community and develop his career as a professional instructor, inspirational coach, and lifelong learner.

Welcome to join CISSP Made Easy!

Wentz Wu

Join CISSP Made Easy!

Disclaimer

Kindly be reminded it’s a general approach for your reference; please adjust the practices based on your own condition. The author is not responsible for the result of your exam.

---

Amicliens InfoSec Conceptual Model

Information Security

The Onion diagram is updated to emphasize that Information Security is a business issue. Security people should protect assets while always keeping business in mind, that is enabling business and delivering values. The tunnel vision and function boundary should be broken and removed.

About The Author: Wentz Wu

---

Resources

– Books and Videos

1. ISC2 Official Materials
   • The CISSP Exam Outline
   • (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide 8th Edition
   • The Official (ISC)2 Guide to the CISSP CBK Reference 5th Edition
   • CBK Suggested References (Pls read the NIST Special Publications as much as you can)
   • (ISC)² Exam Pricing
2. CISSP All-in-One Exam Guide, Eighth Edition 8th Edition
3. Kelly Handerhan@Cybrary
4. CISSP Shon Harris

– CISSP Practice Questions

• Luke: The Core CISSP Concepts
• Practice Questions by Wentz Wu
• CISSP Practice Questions of the Day from IT Dojo
• ExamTopics

– My Favorite CISSP Communities

1. CISSP Exam Preparation – Study Notes and Theory
   • How to Crack Your CISSP Exam
2. CISSP, CISM and Security+ certification training by Thor Teaches!

– Get Refreshed

1. Benefits of being a CISSP
2. Host Unknown presents: I’m a C I Double S P (CISSP Parody)
3. Host Unknown presents: Accepted the Risk
4. The Expert (Short Comedy Sketch)

My Posts

1. CISSP Study Strategy
2. Information Security (definition revised)
3. InfoSec 101 (Cheat Sheet)
4. Security Function
5. Informed Decisions
6. The Concept of Business Continuity
7. Identity and Access Management
8. The Reference Monitor Concept
9. Common Criteria: PP, ST, and TOE
10. Common Criteria: Evaluation Assurance Level
11. Security Activities in SDLC
12. Jargons: V&V and C&A
13. The Evolvement of Certification and Accreditation Process
14. Software Development Security
15. RDBMS Table Relationships
16. CISSP Practice Questions

Highlights

• Backup Considerations
• Aggregation and Inference