CISSP Anyone?

[diago]

I've just passed my CCSE last week and I'm looking at the CISSP.

Can someone who has completed their CISSP please give a general overview of the preparation, application and exam experience please? Do I have to actually apply to take the exam?

I've read whats on the website - and now I'd like some feedback. If you haven't done your CISSP please don't post.

Thanks in advance.

[yuval14]

Hi,

The CISSP isnt a real technical exam. As you can see in the
offical course/books - The exam require more logic then technical
understanding.

For example:

The exam use questions like: You like to implement... and ... what are
the steps that need to be done...

Tip: Its very recommanded to know Technical English and Literary English.

Good Luck

[lunatrick]

the blurb is that it's an inch deep and a mile wide and that just about sums it up. I did a weeks course and then used the shon harris book which is very good I reckon. The hardest thing about the exam is keeping focussed for 4 or 6 hours. You do need to know a lot of material and the criteria for passing has just up to 5 years experience. But I think this makes it worthwhile having and you don't need to recertify providing you attend some training course or seminars over the 3 year period.

The exam is quite expensive (around £400) so make sure you are ready for it.......good luck.

[tdbif]

I passed the CISSP several years ago. At that time there were no prep guides. There were a couple of sites that were gathering whitepapers, etc and I used that as study material. I must be personally responsible for printing through a small forest. One site I still go to occasionally is cccure.org. Lots of good material.

Like one other responder said, it is a mile wide and an inch deep - though it seemed like a foot or two at times. Comparing it to CCSA that I took yesterday it tremendously broader, but even the questions I had on encryption were more copmplex than those on the CCSA. You had to know that DES was a 56-bit algorithm and that MD% was a 128-bit hash.

I waould suggest that you get your hands on as many different whitepapers from many different sources and read, read, read.

[maherod]

Ahhh i cleared my CISSP two years ago, 1st time i failed second time i passed ... it's far more complex than CCSA E E+ and all of those, i had to go through Applied Cryptography, CISSP ALL IN ONE, CISSP PASSPORT and more, the Exam itself isn't technical but indeed the questions there were more technical than CCSA E E+, you need to know your material, for example Questions about Act of Privacy 1988 and HIPAA and SOX, Rainbow series and Information Security Standards Europian and more, Stages in Software devolopment, ROI, DRP, Bell Lapadula model and Much Much more .... so to be short ... CISSP is GOOD :-)

G'luck for anyone who's taking it !!!