My Top Tips For Getting Ready and Pass The CISSP Exam

CISSP??- Certified Information Systems Security Professional is a vendor-neutral certification issued by (ISC)2. (ISC)2 is a globally recognized, non-profit organization providing great cyber security support to the infosec community, as well as a recognition for their skills.

The CISSP exam is one of the most popular certifications, within the corporate world, and it does help a lot your credentials when you apply for a cyber security role or when you would like to have more responsibilities.

The CISSP gained a great reputation as the standard proof for cyber security knowledge and technical expertise. The exam is long. The duration is part of the requirement, as it proves the resilience to get through it.

Before talking about the tips for the exam, I would like to highlight that the (ISC)2 opened the Application Period for 2017 Women’s Information Security Scholarships, as every year. This program aims to Inspire Women to Join the Cybersecurity Field. The?(ISC)2 Women’s InformationSecurity Scholarship program?is directed by the Center for Cyber Safety and Education. Cyber security passionate women apply to the program and a jury deliberates on various criteria. Different scholarships summing up to US$40,000 are awarded, and international applicants are accepted.?

Ladies, you can apply from all over the world. The eligibility criteria are as per following:

• Must be undertaking, or plan to start, a degree with a focus on cybersecurity or information assurance.
• GPA must be minimum 3.2 on a 4.0 scale or equivalent.
• Applications are valid for all nationalities, including countries like Tunisia, and Poland, etc.
• Applications are valid for an online or presential degree, part time or full time, in the US or Internationally.

Please take the time to read all the details, and do not miss this opportunity to start or continue your career in cyber.

On the other note, the Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, Risk Management & Privacy (EWF) decided to run a new research for women in cyber security. The research shows that the percentage (11%) of women in the field is stagnant since 2013.?

There is a change to make and (ISC)2 is giving it to you, ladies. Take this opportunity, and enroll in the program to win a scholarship.

Let’s talk now about the CISSP exam

The CISSP exam covers eight domains, including Security and Risk Management, Asset Security, Security Engineering, Communications and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security.

The most challenging part for me was the physical security, due to my previous work experience.

It is important to note that the certification is not only based on the exam but on the work experience as well. To become a certified CISSP professional, you will need to prove a minimum of 5 paid collective years of full-time work experience in two or more of the eight CISSP domains.

One year exemption can be provided for a 4-year college degree or equivalent. All the details are on the official website of (ISC)2, CISSP section.

Practical Details

·???????The exam length is six hours. When I first heard that number, I almost fell down from my chair. It was, definitely, one of the longest exams, I have ever passed in my life, after my engineering ones. This was very long time ago ??.?Be prepared for that. My recommendation is to be rested and relaxed before the BIG day.

·???????The exam addresses 250 questions, with multiple choices, and “smart-innovative” questions. Do NOT underestimate the multiple choices. It does require knowledge and experience to be able to answer. The questions are not too long, though.?Questions might contain scenarios, and the answers might not seem so obvious.

·???????The passing score is 700 out of 1000 points. You can fail with 699 points. Be prepared to this possibility. If you fail, (ISC)2 will send you a detailed score to find out your weakest domains. If you pass the exam, your score will not be shared with you.

·??????Bring two photo identity documents. You will be required to switch off completely your phone and leave it in a special drawer. For the duration of the exam, in my situation, I was not allowed to eat or drink, in the examination room. I was allowed to take a break, however, the time for the exam is not paused. These conditions might vary from one examination center to the other.

·???????Six hours might feel long. Make sure that you are well dressed for the occasion. In my case, I felt very cold as there was a strong Air Conditioning and I was happy to have my jumper with me.

·???????You might finish before the end of the six hours. It is probably not an exception. Take your time to verify your answers, before the final submission.

·???????The exam is about methodology and technical knowledge.

TIP #1 Don’t be too confident

The CISSP exam is not a simple questionnaire. It does require knowledge and technical capabilities.

I failed my first attempt ...

My first attempt for the CISSP exam was a good learning point. Working in cyber security, and being confident about my experience, and knowledge, I sat on the day of the exam, and I was like “ Oh Gosh !”

In fact, questions are written in a particular way, and some answers might seem to have exactly the same meaning.

I am sure that there are many of us who did fail the first attempt, but saying it out loud is important to make sure that we encourage others and inspire them to try again with the right preparation.

TIP #2 Don’t buy random stuff over the Internet

The CISSP exam requires a good and a serious preparation. You can find online many resources, books, preparation questions, etc.

I tried some online websites, offering test questions, and I can assure you that most of them are extremely far from the CISSP exam questions, in terms of methodology, and knowledge.

Please do not waste your money with those !

I only recommend the Official (ISC)2 CISSP Study Guide ?from (ISC)2, and the official CISSP Practice Tests .

These are the two resources that I have used, and they were a great support and a very good learning material.

I also would recommend the course free online CISSP training on Cybrary.it for a support, as well. However, I would like to highlight that the official study tools are definitely, a MUST HAVE.

For some experience and knowledge sharing from the infosec community, Peerlyst is THE online platform with a lot of good resources and can be an additional preparation for your exam, as well.

TIP #3 Get in touch with the local (ISC)2 Chapter for support

(ISC)2 is not only an organization, it is a community. This community helps and supports infosec professionals. The organization has local chapters, and these chapters organize several events. The events might also address topics like the CISSP preparation.

Our Singapore local Chapter is organizing a CISSP Preview Session, for all IT Professionals that are interested in taking the CISSP exam and becoming certified. The session will cover the important points and tips for a good CISSP preparation, and will also give the opportunity for the attendees to discuss with certified professionals. The event is listed on (ISC)2 Singapore Chapter, and is free of charge. It will hold the 27th of June, 2017 with my good colleagues, and friends from (ISC)2 Singapore Chapter. Unfortunately, I will be in the air at the same ...

Now, that you have three main tips, you should be able to take the step towards your CISSP certification.

Woop, Woop, Woop, Start today and register for your exam ??

--------------------------------------------------------------------------------------------------------

About Magda CHELLY:

Magda Lilia Chelly, is the Managing Director of Responsible Cyber Pte. by day, and a cyberfeminist hacker by night. Magda spends most of her time raising security awareness on a global scale, and supporting chief information security officers in their cyber security strategy and roadmap.

She is currently based in Singapore, with a global reach through her company in 19 locations worldwide. She speaks five languages fluently and has a PhD in Telecommunication Engineering with a subsequent specialization in cyber security. She also was recently nominated as global leader of the year at the Women in IT Awards 2017, and TOP 50 cyber security influencer globally.

Her educational passion led to the foundation of a cyber security diploma in Singapore, and a global partnership with K2 Partnering Solutions, for cyber educational programs, and organizational design.

On the other note, these are some references on Magda’s achievements in Singapore, and internationally.

1. She is awarded TOP 50 International cyber security influencer, internationally as per below link: https://www.ifsecglobal.com/top-50-influencers-security-fire-2017-cybersecurity/
2. She is a Certified Security Professional, CISSP.
3. She is a trainer with Singapore Business Federation. See link: https://www.sbi.org.sg/event/steps-to-build-a-cyber-security-strategy-2/?instance_id=778
4. She is an official contributor on one of the major worldwide known cyber security platforms Cybrary.it. See link: https://www.cybrary.it/2017/04/cyber-feminist-hacker-course-contributor-magda-chelly
5. Her Woman In Cyber platform is live: https://woman-in-cyber.com