CISSp and CISA quals
- Thread starter smelf1
- Start date
I sat the CISSP exam on the 19th, still waiting on the results which should hopefully be through soon. The exam was horrific so I wouldn't be surprised if I fail, I'd say about 50% of the questions all four answers were right and none were obviously less right.
Only thing I can suggest if you're already working in the infosec field is to read plenty and talk with others in the job.
Only thing I can suggest if you're already working in the infosec field is to read plenty and talk with others in the job.
I know someone who took the CISSP recently and they thought they'd failed miserably as well, as did all the people she'd talked to. Turned out it went fine
. Apparently it's just about giving the answer that follows their 'code of ethics'.
I did the CISSP exam about 18 months ago, to be honest I found the exam ok. Wasn't the nightmare hell experience a lot of people will have you believe
I think it took me 2 hours for the first run through, then another hour and a half or so going over it all again just to make sure. I know I was out in just under 4 hours.
CEHv7 is on the cards in a month or 2 so can't comment until then, although a friend did v6 recently and enjoyed it.
I bought the CISA book a few months ago but not got round to reading it yet.
Also depending on if you are totally new to infosec stuff I would actually recommend the Sec+ as a good intro cert to the area.
I think it took me 2 hours for the first run through, then another hour and a half or so going over it all again just to make sure. I know I was out in just under 4 hours.
CEHv7 is on the cards in a month or 2 so can't comment until then, although a friend did v6 recently and enjoyed it.
I bought the CISA book a few months ago but not got round to reading it yet.
Also depending on if you are totally new to infosec stuff I would actually recommend the Sec+ as a good intro cert to the area.
Thanks for the info,
I already have the Sec+, and a Masters in IT specialising in Security and Auditing, and 10+ years in IT.
What books etc do you recommend for the CISSP, and Ev0 what materials are you using for the CEHv7. Their course material is expensive.
I am paying for all this myself so will be self studying.
I already have the Sec+, and a Masters in IT specialising in Security and Auditing, and 10+ years in IT.
What books etc do you recommend for the CISSP, and Ev0 what materials are you using for the CEHv7. Their course material is expensive.
I am paying for all this myself so will be self studying.
I'm sure you'd be fine already working in the field so wouldn't worry too much. I've just started working as what is basically a pen tester which is reasonably new to me
As for the CEH, I agree it's not as 'good' as Tiger or CREST, but it's a low hanging fruit that my new employer will pay for right away. CREST is something we're looking at in future, actually doing a lot of work with a company/guy who have a lot to do with CREST at the moment.
I've not self studied anything so hard for me to recommend the materials to do so, for CISSP everyone always recommends the Shon Harris stuff as well as the ISC2 CBK book.
And as mentioned for the CEH it'll just be throwing me on the course to get it out the way, work will be paying
For the CISSP it's not easy but see if you can find someone that's been on one of their training courses and will give you their book. The official ISC2 book given at the events contains Powerpoint slides and full details on pretty much every concept and techy detail that could be on the exam.