Mike Chapple

(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide


Скачать книгу

is partial credit given for multiple-part questions if you get only some of the elements correct. So, pay attention to questions with checkboxes, and be sure to select as many items as necessary to properly address the question.

      You will be provided with a dry-erase board and a marker to jot down thoughts and make notes. But nothing written on that board will be used to alter your score. That board must be returned to the test administrator prior to departing the test facility.

      To maximize your test-taking activities, here are some general guidelines:

       Read each question, then read the answer options, and then reread the question.

       Eliminate wrong answers before selecting the correct one.

       Watch for double negatives.

       Be sure you understand what the question is asking.

      Manage your time. You can take breaks during your test, but this will consume some of your test time. You might consider bringing a drink and snacks, but your food and drink will be stored for you away from the testing area, and that break time will count against your test time limit. Be sure to bring any medications or other essential items, but leave all things electronic at home or in your car. You should avoid wearing anything on your wrists, including watches, fitness trackers, and jewelry. You are not allowed to bring any form of noise-canceling headsets or earbuds, although you can use foam earplugs. We also recommend wearing comfortable clothes and taking a light jacket with you (some testing locations are a bit chilly).

      You may want to review the (ISC)² Certification Acronym and (ISC)² CISSP Glossary documents here:

        www.isc2.org/-/media/Files/Certification-Acronym-Glossary.ashx

        www.isc2.org/Certifications/CISSP/CISSP-Student-Glossary

      Finally, (ISC)² exam policies are subject to change. Please be sure to check isc2.org for the current policies before you register and take the exam.

      Study and Exam Preparation Tips

      We recommend planning for a month or so of nightly intensive study for the CISSP exam. Here are some suggestions to maximize your learning time; you can modify them as necessary based on your own learning habits:

       Take one or two evenings to read each chapter in this book and work through its review material.

       Answer all the review questions and take the practice exams provided in the book and/or in the online test engine. Be sure to research each question that you get wrong in order to learn what you didn't know.

       Complete the written labs from each chapter.

       Read and understand the Exam Essentials.

       Review the (ISC)²'s Exam Outline: isc2.org.

       Use the flashcards included with the study tools to reinforce your understanding of concepts.

We recommend spending about half of your study time reading and reviewing concepts and the other half taking practice exams. Students have reported that the more time they spent taking practice exams, the better they retained test topics. In addition to the practice tests with this Study Guide, Sybex also publishes (ISC)² CISSP Certified Information Systems Security Professional Official Practice Tests, 3rd Edition (ISBN: 978-1-119-47592-7). It contains 100 or more practice questions for each domain and four additional full-sized practice exams. Like this Study Guide, it also comes with an online version of the questions.

      Completing the Certification Process

      Once you have been informed that you successfully passed the CISSP certification, there is one final step before you are actually awarded the CISSP certification. That final step is known as endorsement. Basically, this involves getting someone who is a CISSP, or other (ISC)2 certification holder, in good standing and familiar with your work history to submit an endorsement form on your behalf. Once you pass the CISSP exam, you will receive an email with instructions. However, you can review the endorsement application process at www.isc2.org/Endorsement.

      If you registered for CISSP, then you must complete endorsement within nine months of your exam. If you registered for Associate of (ISC)2, then you have six years from your exam data to complete endorsement. Once (ISC)2 accepts your endorsement, the certification process will be completed and you will be sent a welcome packet.

      Once you have achieved your CISSP certification, you must now work toward maintaining the certification. You will need to earn 120 Continuing Professional Education (CPE) credits by your third-year anniversary. For details on earning and reporting CPEs, please consult the (ISC)2 Continuing Professional Education (CPE) Handbook (www.isc2.org/-/media/ISC2/Certifications/CPE/CPE---Handbook.ashx) and the CPE Opportunities page (www.isc2.org/Membership/CPE-Opportunities). You will also be required to pay an annual maintenance fee (AMF) upon earning your certification and at each annual anniversary. For details on the AMF, please see the (ISC)2 CPE Handbook and www.isc2.org/Policies-Procedures/Member-Policies.

      Each chapter includes common elements to help you focus your studies and test your knowledge. Here are descriptions of those elements:

       Real-World Scenarios As you work through each chapter, you'll find descriptions of typical and plausible workplace situations where an understanding of the security strategies and approaches relevant to the chapter content could play a role in fixing problems or in fending off potential difficulties. This gives readers a chance to see how specific security policies, guidelines, or practices should or may be applied to the workplace.

       Tips and Notes Throughout each chapter you will see inserted statements that you should pay additional attention to. These items are often focused details related to the chapter section or related important material.

       Summaries The summary is a brief review of the chapter to sum up what was covered.

       Exam Essentials The Exam Essentials highlight topics that could appear on the exam in some form. Although we obviously do not know exactly what will be included on a particular exam, this section reinforces significant concepts that are key to understanding the concepts and topics of the chapter. The Exam Essentials are the minimum knowledge you want to retain from a chapter.

       Written Labs Each chapter includes written labs that synthesize various concepts and topics that appear in the chapter. These raise questions that are designed to help you put together various pieces you've encountered individually in the chapter and assemble them to propose or describe potential security strategies or solutions. We highly encourage you to write out your answers before viewing our suggested solutions in Appendix B.

       Chapter Review Questions Each chapter includes practice questions that have been designed to measure your knowledge of key ideas that were discussed in the chapter. After you finish each chapter, answer the questions; if some of your answers are incorrect, it's an indication that you need to spend some more time studying the corresponding topics. The answers to the practice questions can be found in Appendix A.

      Studying the material in the (ISC)2 CISSP: Certified Information Systems Security Professional Official Study Guide, Ninth Edition is an important part of preparing