+ Reply to Thread
Results 1 to 6 of 6
  1. Junior Member
    Join Date
    Jul 2014
    Posts
    14
    #1

    Default Failed again ISSMP 23th September

    I think the heading says it all,original post is here
    Failing CISSP-ISSMP exam 24th-June-17

    Marks this time 619.Last was 564 . Improvement but on cost to 1400$ on studying material. Real loser I'm.I need you guys help to clear the confusion over. I have used 600+ cism exam questions
    link here
    https://www.exam-labs.com/exam/CISM?viewall=1

    but
    the confusion remains For e.g

    1) When a vulnerability is found the security officer should do first report to it management or asses the likelihood. In my opinion there is no point of going to management If you don't have the impact analysis done.

    2) On ethics if a former employee is contacted should he help the new employer answer personal questions or put the questions to other dept and decline the request?

    3) Are control here to provide acceptable range or parameters or they are here to determine assessment requirements.? Acceptable ranges thats where standards exists? But I can be wrong any suggestions.

    4) can in any case security manager have risk acceptance authority?

    5) operational security can be best ensured via security controls in terms of policies that are embedded in approved documentation or be present operational security guidelines to be audited annually? My view if they are not documented they are never audited?

    6)if auditor is facing resistance from internal teams, should he ask the security manager to have their liaison ensure that audit checklist is forwarded and communicated between auditor and target team?My weakness is leadership, ethics and governance according to exam results. What can i do?

    7) If some organization tells me about type of business they are in, and inform me their business suffer no risk, and in discussion I can pick out area e.g integrity where the risk applies, should I recommend the risky area or suggest full risk assessment. Also, there is no budget concern raised by the organization management which approach to follow.
    Last edited by asadzz; 09-23-2017 at 03:38 PM.
    Reply With Quote Quote  

  2. SS
  3. Junior Member
    Join Date
    May 2010
    Posts
    29
    #2
    It difficult to hear you couldn't meet the pass mark again. Concentration exams are mostly difficult. I am planning to write it in Dec. maybe we can study together. In that case we sharpen each other for the exam. Get in touch if u are interested.
    Reply With Quote Quote  

  4. Senior Member stryder144's Avatar
    Join Date
    Nov 2012
    Location
    Denver, CO
    Posts
    1,378

    Certifications
    CompTIA A+, Network+, Security+, Server+, Linux+, CySA+, & Cloud+; MCSA: Windows 7, ITIL F/CSI/OSA
    #3
    Just replying to the first point: you always contact management first to let them know what is going on and that you are going to provide a more detailed analysis once the investigation is complete. There are time-scales that need to be followed and any delay could look bad for the company.
    The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia

    Connect With Me || My Blog Site || Follow Me
    Reply With Quote Quote  

  5. Junior Member
    Join Date
    Jul 2014
    Posts
    14
    #4
    I know its hard, but i'm giving it next month. Money no issue. Respect and honor is. I will give this paper till i past. You can msg me for details.
    Reply With Quote Quote  

  6. Junior Member
    Join Date
    May 2010
    Posts
    29
    #5
    I have sent you a private email
    Reply With Quote Quote  

  7. Junior Member Registered Member
    Join Date
    Aug 2017
    Posts
    4

    Certifications
    CISSP, ISSMP, CISM, CRISC
    #6
    asadzz
    I've tried to contact you through the forum but I couldn't.


    I'm taking the ISSMP next Tuesday.
    I've read the CBK and was pretty confident until I read about your journey and especially your opinion on the CBK content being not helpful at all during the exam.


    I've passed the CISM recently; I'm counting on what I've read on this forum about the similarities in content.


    I know we can't talk much about the exam content but can you give some examples of topics that you now think that should've been included on the CBK?
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks