+ Reply to Thread
Results 1 to 15 of 15
  1. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    808

    Certifications
    SSCP, Security+, eJPT +4
    #1

    Default 2018 CISSP Study Guide question

    I've started preparing for the CISSP exam. I'm planning to take it later this year and definitely after they update the test in April. No problem. I've downloaded the exam objectives and am using that as the basis for my study plan. I've compared the new objectives with the old and found there's not much difference. I'm using some free sources such as Cybrary and FedVTE, and I have access to the Eric Conrad book on Skillsoft (paid for by my agency). I would like to have yet another point of view, so I've started looking at the official guide. Many of the reviews state that this guide is crapola.

    https://www.amazon.com/Official-Guid.../dp/1482262754

    However, the Sybex book, written by Darril Gibson, et al, has glowing reviews. And honestly, if it's anywhere close to being as good as Gibson's Security+ book, I'm sold.

    https://www.amazon.com/Certified-Inf.../dp/1119042712

    The only thing is that these guides were written for the 2015 test. I realize that not much will change. So, my question (finally!): Should I wait for the Sybex book to be updated or just buy the 2015 version?
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Dec 2015
    Location
    Quebec, Canada
    Posts
    524

    Certifications
    A+, Network+, Linux+, HP APS, VCP 3-4-5-6, VSP,VTSP, SSCP, Veeam VMCE, CISSP
    #2
    I think that 90% of the exam will be the same. CISSP is mostly a concept exam and those don't change every 3 years. Sure they will add few cloud and IoT material, but you can begin to study with the 2015 book.

    I saw on CCure the comparison between both exam, and it is not taht big
    Reply With Quote Quote  

  4. Member Cingular's Avatar
    Join Date
    Oct 2006
    Location
    Melbourne, Australia
    Posts
    81

    Certifications
    CISSP, CCNP-R&S, CCNA-Sec, CCNA, PCNSE7, NSE4, MCSA
    #3
    In my opinion it is definitely worth buying the Sybex OCG 2015 version. Don't waste your time with the Official CBK...I bough the hardcover off Amazon last year to begin my studies with it and couldn't make it past 20-30 pages before looking at other options. The CBK is just wayyyyy to dry and full of too much garble that isn't all that necessary.

    I recently passed the new CAT exam last Friday and I used the following resources:

    1. Eric Conrad's CISSP Study Guide (3rd Edition)
    2. 11th Hour CISSP by Eric Conrad (Recommend reading this ~1 week before exam)
    3. Sybex ISC2 Official Study Guide 7th Edition
    4. ISC2 Official Practice Tests (100 domain focused exam prep questions)
    5. Sunflower CISSP PDF

    EDIT: I also used Kelly's Cybrary CISSP series in MP3 format on my phone to cram while commuting to/from work every day.

    Enjoy the journey to becoming a CISSP. Good luck!
    Reply With Quote Quote  

  5. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    808

    Certifications
    SSCP, Security+, eJPT +4
    #4
    Thanks! This is all great advice!
    Reply With Quote Quote  

  6. Senior Member NEODREAM's Avatar
    Join Date
    Apr 2016
    Posts
    115
    #5
    Quote Originally Posted by tedjames View Post
    Thanks! This is all great advice!
    Passed the CISSP yesterday and received the confirmation earlier this morning. I see you have your SSCP as well, I also have mine and would say it provides a good basis for the the questions that are more technically oriented.

    CISSP is more policy heavy for sure than the SSCP but I can echo others in the thread by confirming that 11th Hour book is a great resource. I'd also recommend going through various testing engines...I used the CISSP iOS App along with the Transcender engine. The questions are worded similar and will be provide you a feel for how to think about them.

    Good rules to follow during the test:
    1. Read the questions at least 3 times and eliminate at least 2 of the answers
    2. Apply CIA/AAA concepts when you can
    3. Human life is ALWAYS the #1 concern
    4. Try to think like a manager and get out of technician's mindset
    5. When solving for a problem think about:
    - Why did X happen?
    - How can we make sure it doesn't happen again?
    6. Always try to implement a solution that will save the company money while solving for the problem
    7. Fix problems permanently and not temporarily!

    Good luck to you, and remember in the CAT format once you answer a question you can't go back to change it.
    Reply With Quote Quote  

  7. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    808

    Certifications
    SSCP, Security+, eJPT +4
    #6
    Excellent advice, Neodream! And congrats on your pass today!

    I plan to include the 11th Hour guide in my study plan. What I've studied so far is mostly review from SSCP and what I've learned on the job. I will definitely use your rules.

    I am under no pressure from work to earn CISSP. The boss is cheering me on. The only pressure is from myself. I want to get this out of the way so I can get back to learning penetration testing.

    Thanks again!
    Reply With Quote Quote  

  8. Senior Member
    Join Date
    Mar 2011
    Location
    Chicago
    Posts
    1,388

    Certifications
    CISSP-ISSAP, HCISPP GPEN, GSEC, GSNA, GCIH, E|CH, ECSA, Security+
    #7
    From what the ISC(2) board moderators have said April update appears to be a bit more on the side of housekeeping and clean-up and less any material or factual changes.

    We'll understand more when the next question writing weekend happens.

    - b/eads
    Reply With Quote Quote  

  9. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    808

    Certifications
    SSCP, Security+, eJPT +4
    #8
    Quote Originally Posted by Cingular View Post
    5. Sunflower CISSP PDF
    You can find this here along with lots of great CISSP-related resources: https://www.studynotesandtheory.com/
    Reply With Quote Quote  

  10. Member
    Join Date
    Sep 2015
    Location
    we the north
    Posts
    66

    Certifications
    CISA, CRISC, CISM (passed)
    #9
    27 days to go before April 15, 2018. So anyone here registered for the new exam format? So many resources and not have enough time to go through all of them. Planning to take the CISSP exam this year but got sidetrack with another ISACA exam.

    EDIT: Just found out it starts April 15, 2018.
    Last edited by anthonx; 03-20-2018 at 06:33 PM. Reason: New information
    Reply With Quote Quote  

  11. Member
    Join Date
    May 2017
    Posts
    76

    Certifications
    CISSP
    #10
    As others have suggested I would recommend getting hold of the current version of the Sybex Official Study Guide. That's what I used along with some of my own study materials and I passed first time.

    Much of the concepts in the syllabus are decades old and don't really change so although it's worth knowing which areas are new it probably isn't going to be a massive change.

    Good luck and let us know how you get on.
    Reply With Quote Quote  

  12. Junior Member Registered Member
    Join Date
    Jun 2016
    Posts
    3

    Certifications
    CCNA: CCIE: MCSE: PMP
    #11
    I recently passed the exam CAT based in first attempt. My feelings about exam preparation is, you must understand the concept whatever is written in ISC2 Course Outline.
    I totally deny the quote about CISSP (Its two inches deep and 1 mile wide). No SIR; its miles deep and miles wide. You can read any book which covers the course content proposed by ISC2 and try to understand deeply and thoroughly. Don't just skim over, ISC2 ask questions from anywhere.
    Reply With Quote Quote  

  13. Member greeneon's Avatar
    Join Date
    Aug 2009
    Posts
    40
    #12
    Thanks all for the advice!
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    Aug 2012
    Posts
    361
    #13
    Good advice.
    Reply With Quote Quote  

  15. Senior Member
    Join Date
    Jul 2016
    Location
    New Hampshire
    Posts
    478

    Certifications
    CCNET, CCNA R&S, ITIL, MCP, Security+
    #14
    I would love it if they got rid of the crap that is legacy...like token ring networks, caesar ciphers, how many rotors on X....for a management level exam there is a ton of minutia.
    Reply With Quote Quote  

  16. Junior Member
    Join Date
    Apr 2013
    Posts
    19

    Certifications
    GCIH, CISSP, Sec+, eJPT, A+
    #15
    Quote Originally Posted by NavyMooseCCNA View Post
    I would love it if they got rid of the crap that is legacy...like token ring networks, caesar ciphers, how many rotors on X....for a management level exam there is a ton of minutia.
    Exactly, I've been thinking about this a lot as I sit the exam in 2 weeks. I don't really want to have to memorise the different properties of network cables, distance of the various wifi signals, bit length for all the different ciphers etc

    Seems at odds with the idea of this being a management exam.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks