• 

The ever changing cyber world of information technology is growing at an enormous pace. The dependence of governments, business and people on the IT infrastructure has made it an attractive jackpot for criminals. The cost of cyber attacks, vandalism and hacking have cost companies billions. Latest wanna-cry ransomware attack has already expose several vulnerabilities. An important reason for failed security measures that cripple in front of advance threats is the incompetency of information security professionals.

IT security is normally considered a job of high tech professionals expert in coding, scripting but with no business acumen. This has resulted in efforts that were not aligned with business objectives and goals. Several certifications are available in market that accredit the expertise of information security professionals. The certifications help potential recruiters and market as a whole to verify the information security expertise of a professional.

In the sea of growing certifications Certified Information System Security Professional (CISSP) emerged as the gold standard due to its excellent alignment between technical expertise and business knowledge. CISSP is the most globally recognized certification in the information security market. Required by the world’s most security-conscious organizations, CISSP is the industry-leading credential that assures you have the deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

Definition and purpose of CISSP is clearly elaborated by ISC2, the organization that conducts CISSP certification program. They state “The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks” Hence CISSP exam tests and verify the person’s knowledge and skills both in technical and managerial domains. In the following section I will elaborate various questions that arise in the mind of CISSP aspirants.

• 

HOW CAN I PASS THE CISSP? You can if you have 5 years of information security experience in any two fields out of 8 domains of CISSP and you pass the test. CISSP covers a wide array of topics and that makes it worthy. The 8 domains of CISSP are: 1. Security and Risk Management 2. Asset Security 3. Security Engineering 4. Communications and Network Security 5. Identity and Access Management 6. Security Assessment and Testing 7. Security Operations 8. Software Development Security WHAT IS ON THE CISSP TEST? A successful journey starts once the goal is well defined and understood. Understanding CISSP test, what it is, how it test you and how tough it is can really set you on strong base for the gigantic task. The long 6 hour 250 multiple choice questions test, test your knowledge, patience and persistence. It requires a lot of study, practice tests, practical experience and strong conceptual grasp on CISSP knowledge areas. The test consist of multiple choice questions with the following distribution percentage of questions. 1. Security and Risk Management 16% 2. Asset Security 10% 3. Security Engineering 12% 4. Communication and Network Security 12% 5. Identity and Access Management 13% 6. Security Assessment and Testing 11% 7. Security Operations 16% 8. Software Development Security 10% As you witness, the questions will be well spread across all domains and sincere efforts have to be made to master all 8 domains. All the questions in CISSP do not carry equal marks. The value of each questions is based on its difficulty level. In addition to this, 25 questions are experimental and added for test purpose only. These questions are not rated for calculating your final score. However you cannot differentiate between these experimental test questions and the graded ones. HOW TO PREPARE FOR THE CISSP TEST CISSP requires knowledge of all the 8 domains mentioned above. You will need the following resources to prepare for the exam: 1. Books 2. CISSP Boot Camp Training Your choice of book will help you determine the scope and milestones of your study. We recommend Eleventh Hour CISSP®: Study Guide 3rd Edition and CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide 7th Edition. These are some of the highest rated books on Amazon with various 5 star reviews. They are both well written and concise.  thinQtank® Learning is offering an industry unique seven-day training camp in which students can receive the (ISC)2 CISSP certification training.This course is the most comprehensive review of information security concepts and industry best practices, and covers the eight domains of the official CISSP CBK (Common Body of Knowledge). You will gain knowledge in information security that will increase your ability to successfully implement and manage security programs in any organization or government entity. You will learn how to determine who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture. Policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets are also covered in this course.

• 

When: January 4 – 10, 2021
Where: Denver CO and Live Instruction Online