It’s finally Friday, which I’m always looking forward to, not because it’s the start of weekend but it’s the least teaching hour for me this semester on Fridays. So it means I have more time sitting in my office to do other work. As promised in my last post, I would like to write more about this Certified Information Systems Security Professional (CISSP) as I’m revising on the syllabus. Just like any other course, I thought it’s good to give an overview of this certification and my thoughts about it.
Here’s my summary about the 8 domains of information security topics that are the major focus in this CISSP syllabus:
On my first day of the training that I attended, the instructor was so kind to give us this overview plus the number of questions that are going to come up in the certification examination. He emphasized that the more questions there are in the domain, it means that domain is more important. The total number of questions in this exam is 250 multiple choices questions where 25 questions of the total are not rated questions. It means that these 25 questions do not carry any point for the overall total marks and these questions are the new untested questions. The instructor said we would never know which one would be these untested questions, no matter how much we do the exam practice. Scary at first but as with any other test, as long as we study and understand, no test is too difficult.
I’m not sure if I’m considered lucky or not. By the time I enrolled to the training, the CISSP syllabus has just been changed. Originally, it had 10 domains instead of 8. Good thing is I get to study lesser domains but not necessary lesser contents (if you get what I mean). Bad thing is most of the reference books or the best audio lectures out there are all referring to the old syllabus. Although the content does not vary that much, it’s hard to match with the new domains at first. So I went to search for any source that help in matching these domains and I finally made a summary of this:
Now this makes more sense to me and I can read the old syllabus in relevance to the new domains. Some domains do not change much and some just consolidate better in the new domains. I will start revising on Domain 1 which should be my stronger domain of all. I have also started trying out Microsoft OneNote to build my notes. Let’s see how it goes.
Hopefully, for anyone who is interesting to take CISSP, this post will be a good first impression and an overview. For those not interested in information security, sorry I bore you. Haha!