|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: kwelch@dfamilk.com
Date: Thu Oct 25 2001 - 17:00:45 CDT
I've been looking for materials to use to prepare for the CISSP exam and am
finding mixed opinions on what is good and what isn't. I've read about an
equal number of positive and negative reviews for the HISM book. What
gives? Is the HISM something I can count on to prepare me for the exam
(and I realize that no single book will do this, I also have the SRV books
vol. 1&2) or not? I'm considering the purchase of the CISSP Exam Prep book
too. Hypothetically speaking, if you could only get one more book, would
it be the HISM, or the CISSP Exam Prep?
Everyone's comments would be appreciated.
Thanks,
Kent Welch
"Johann van
Duyn" To: CISSPStudy_1@yahoogroups.com, CISSPSTUDY@securityfocus.com
<Johann_van_Duy cc:
n@bat.com> Subject: Some thoughts on the exam in Auckland Park, South Africa
10/22/2001
06:05 AM
Hi there...
About 30 people (if I counted correctly) wrote the exam, which is pretty
good, this being only the second time that the exam has been hosted in
South Africa. SACS is considering hosting the exam in Cape Town next year,
if sufficient people are interested in writing here.
In the final stages, I mainly used the following guides and resources:
- HISM 4th ed., vols 1 and 2 (vol. 3 also available now)
- HISM 3rd ed., online at www.cccure.org
- CISSP Open Study Guide at www.cccure.org (still the best, and it's free.
Go figure.)
- SRV vols 1 and 2 (many errors, but essentially a good-ish guide)
- CISSP Exam Prep (good-looking guide, but don't let it fool you: you need
to study far beyond it!)
- Secured Computing (not too hot... same caveat as above)
However, I was glad to have read a lot further than the references noted
above... believe me, you really do need to.
I felt that the study guides can be misleading, and could lead to a false
sense of security going into the exam. They miss out badly in the breadth
as well as the depth senses of the exam's scope. Use them as a guide, but
don't rely solely on them: you WILL be sorry if you do. The OSG is still
the best in terms of depth and breadth, but even then you need to read a
lot wider than only study guides focused on the exam. The simple fact is,
you need to UNDERSTAND each of the domains pretty well, and be rather
well-read in them, to be able to answer the tougher questions. Best to do
your reading with the (ISC)^2's CBK guide open on your desk.
The CBK review hosted by SACS (www.sacs.co.za) was an excellent gauge of my
exam readiness, and I would encourage anyone who possibly can, to attend
such a course. You won't learn all the theory you need in order to pass
(that could easily fill a one-year university course!), but you will get an
indication of where you need to spend more time and effort in the last few
weeks leading to the exam.
I found the test fair, but pretty tough due to the sheer volume of it.
After about four hours, it can get pretty difficult for the eyes to focus
on the question paper, and it can be very easy to misread the more complex
questions. Caveat: If you've been cramming, don't expect to recall much
towards the end of the exam. :-)
Do yourself a favour and take a day or two off from work before the exam to
simply chill out, preferably without using artificial substances. :-) Sleep
well the night before the exam, and think happy thoughts the morning of the
exam. Avoid last-minute cramming, and don't talk to other candidates about
the exam before entering the examination hall; it'll do more harm than
good.
During the exam, I took breaks every hour just to stretch my legs, have a
smoke and move my body around a bit. It worked for me.
After the exam I tried to get drunk, but was too tired to drink more than 3
vodkas. :-(
Sometime soon, I will post a few thoughts on how I would prepare for the
exam if I were (let's hope not!) to do it all over again.
See also my post dated 14/10/2001.
Strength and honour.
-----------------------------------------
Johann van Duyn
IT Risk and Security Manager: British American Tobacco South Africa
Stellenbosch, South Africa
Tel. +27 (21) 8883765
Cel. +27 (82) 4588472
Fax. +27 (21) 8838692
E:mail: johann_van_duyn@bat.com
-----------------------------------------
"I apologize if you don't like the truth, but the truth doesn't change
because people wish it would be something else." -- Bruce Schneier
|--------+----------------------->
| | "Eric |
| | Appelboom - |
| | MWeb" |
| | <eappel@mweb.|
| | com> |
| | |
| | 2001/10/18 |
| | 08:45 |
| | |
|--------+----------------------->
>-----------------------------------------------------------------------|
| |
| To: "Johann van Duyn" <Johann_van_Duyn@bat.com> |
| cc: (bcc: Johann van Duyn/Stellenbosch/ZA/BATCo) |
| Subject: RE: Good luck to all writing the exam in South |
| Africa on Saturday! |
>-----------------------------------------------------------------------|
Hi Johan,
What guides did you use?
How many people are writing in JHB?
Thanx
Eric
M-Web InfoSec
Confidentiality Notice: The information in this document and
attachments is confidential and may also be legally privileged.
It is intended only for the use of the named recipient. Internet
communications are not secure and therefore British American
Tobacco does not accept legal responsibility for the contents of
this message. If you are not the intended recipient,please notify us
immediately and then delete this document. Do not disclose the
contents of this document to any other person, nor take any copies.
Violation of this notice may be unlawful.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]