You can spend your whole life trying to gain the width or depth of knowledge necessary to do the job competently, and every day feel you know a little less than the day before.
It's often unclear whether it is a technical field or a management one, with passionate advocates arguing both that there are too many policy wonks and it's time to get back to our technical roots, and that there are too many technical specialists who can't see the wood for the trees.
Choosing CISSP Against that background it is no wonder there is a deep cynicism of training programmes and professional qualifications in particular.
The one qualification that employers seem to value above all others is CISSP. It requires both technical understanding and business context.
Comments from industry colleagues and a quick reading of the syllabus convinced me that, whilst i'd have to call on all my experience in IT, business and risk, I would also need some form of refresher training to stand any chance of passing.
Choosing Firebrand I rapidly found that the information security training market was fragmented with no clear or consistent view of the quality of courses of training providers.
I was particularly concerned that it would be impossible to cover the CISSP syllabus in a short course.
After some months looking in detail into the options and talking with colleagues, I picked a 7 day residential intensive CISSP boot camp from training provider Firebrand, and tried to arrive with an open mind.
The Course The instructor - flown in from the US for the course - was unquestionably an expert and able to explain theory both clearly and quickly.
This was essential, as to pack the course into the week and get us prepared for an exam on day seven required an early morning start, full morning and afternoon sessions, and for many a return after dinner for more study.
We rattled through at a rate of two domains per day for the week, returning at the end of the week to those areas generating most concern.
Course materials were good, being based on ISC2′s official guide to the CISSP examination, complemented by an instructor who knew the strengths and weaknesses of the text and where to look for additional information and explanations.
Given the intensive nature of the week you do need good accommodation, excellent food, and opportunities to relax.
By day 2 I had a routine going - gym, breakfast, course, lunch, course, dinner, and back to my room to catch up on the world.
The food was excellent and there was always enough of it, although you had to order at lunchtime and it was easy to forget your choice at the end of the day.
The CISSP Exam Exam day itself was almost an anti-climax, with a fairly leisurely start.
The exam is scheduled to last 6 hours, but time is not the issue.
The issue with this exam is resilience - after about 100 questions I felt I was losing the will to live, and there are 250 in the exam.
Still though the course content and the focus of the instructor was a genuine help, and I came back time and time again to elements of the week that, by putting what you know in the context of ISC2′s requirements, helps you answer the question.
If you are going to do CISSP or a similar certification, this is the way to do it.
This Cyber News was published on securityboulevard.com. Publication date: Mon, 12 Feb 2024 01:13:04 +0000