OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: [CISSPSTUDY] CISSP EXAMS
From: Dan Houser (houserd1@NATIONWIDE.COM)
Date: Mon Nov 06 2000 - 15:53:27 CST

Brian,

I did not have experience in all areas either, so had to study physical
security, security policy management, web security, and cryptography very
diligently, particularly PKI, certificates, Kerberos, and asymmetric
cryptography, in which I had no experience.

I read the Handbook, noted the areas where I was weak, and also the domains
that got weak coverage by the Handbook, and searched out information on
these areas to make sure I had a broad base of knowledge in these areas.

You've got the right approach: self-examination for "weak spots" is the
start to a successful study program, and should serve to be your guide
throughout your studies for the CISSP (or any certification).

ddh

                       "Brian J.
                       Dyrehauge" To: CISSPSTUDY@SECURITYFOCUS.COM
                       <bjj@BANKDATA.DK>
                                            cc:
                       Sent by: CISSP bcc:
                       Study Mailing List Subject: Re: CISSP EXAMS
                       <CISSPSTUDY@SECURIT
                       YFOCUS.COM>

                       11/06/00 05:31 AM
                       Please respond to
                       CISSP Study Mailing
                       List

>Seriously, with 5 years experience in network & systems management with
>lots of security projects, I studied the Info Sec Mgmt Handbook 4th
>edition, the O'Reilly "key" book, and read lots of online articles (100+)
>from strong sources, and invested about 150 hours, and passed.
>
>The key is that I had 5 years experience, which provided the basis for
>study, and had had a passion for InfoSec for years. If you don't have the
>experience, you don't have a chance.

What if one has only worked with one subject for some years (eg. physical
security or cryptography) would it then be too hard to get the CISSP?

I see that there is a new volume of 'Info Sec Mgmt Handbook 4th Edition Vol
II'.
To read this one, do I need the 'Info Sec Mgmt Handbook 4th Edition Vol I'
?

Yours sincerely,
Brian J. Dyrehauge

             +--------------------------------------------+
             | You have received this email because you |
             | subscribed to the CISSPSTUDY mailing list. |
             | -- To unsubscribe, send an email to -- |
             | listserv@securityfocus.com |
             | with a message body of: |
             | UNSUBSCRIBE CISSPSTUDY |
             +--------------------------------------------+

             +--------------------------------------------+
             | You have received this email because you |
             | subscribed to the CISSPSTUDY mailing list. |
             | -- To unsubscribe, send an email to -- |
             | listserv@securityfocus.com |
             | with a message body of: |
             | UNSUBSCRIBE CISSPSTUDY |
             +--------------------------------------------+