+ Reply to Thread
Results 1 to 6 of 6

Thread: Starting CISSP

  1. Senior Member
    Join Date
    Sep 2006
    Location
    San Francisco Bay Area
    Posts
    2,055

    Certifications
    None?
    #1

    Default Starting CISSP

    Alright, back in the cert game. This time for real. Boss is pushing me on this one. Basically the division of the company I am in is very ISC2 oriented on the politics and friends side of things.

    Experience -

    Domain 1. Security and Risk Management
    - I been a member of our internal security operations management team for near 7 years.

    Domain 2. Asset Security
    - I personally have managed our OS and network security automation for 3 data centers for 7 years.

    Domain 3. Security Architecture and Engineering
    - I have run/managed our SIEM operations for over 5 years.

    Domain 4. Communication and Network Security
    - My previous job I worked doing SMB office security for about 4 years and considerable more experienece misc tacked on at my current job working with F5 , Juniper and network automation.

    Domain 5. Identity and Access Management (IAM)
    - two jobs ago I did 3 years working with access management, then another 2-3 years consulting on AD design and security for SMB.

    Domain 6. Security Assessment and Testing
    - I have been apart of our Qualys, Red/blue team and compliance audits for near 6 years.

    Domain 7. Security Operations
    - Over a decade here and the last few jobs

    Domain 8. Software Development Security

    - Honestly, I kinda suck here. I have dont some light tests on the sites I support, I have never really been a direct owner of the software development lifecycle. Problaby my weakest area. Looking at completing this program to support closing my gaps here https://app.pluralsight.com/paths/ce...ssional-csslpr .


    Beyond meeting the requirements for the time of training I also hold "Approved Credential on the (ISC)˛ Approved List"
    CompTIA Security+
    MCSE
    MCITP

    Materials
    cbtnuggets.com for the overview of the concepts, it's the 2015 version, but its just for on the treadmill.
    (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide
    CISSP Official (ISC)2 Practice Tests, 2e


    Generally I like to keep dive into certifications deeper than is required for the pass. So also branching into Cloud+ and a few other things as supporting materials. But traditionally I don't bother with most certs unless I see real value on dice.com etc. But this one the boss is pushing me hard to get active in ISC2.
    Last edited by Daniel333; 08-11-2018 at 10:26 PM.
    -Daniel
    Reply With Quote Quote  

  2. SS
  3. Senior Member
    Join Date
    Sep 2006
    Location
    San Francisco Bay Area
    Posts
    2,055

    Certifications
    None?
    #2
    Cloud+ Done!
    In prepping for the Cloud aspects of the CISSP I went ahead and self-bootcamped the Cloud Essential and Cloud+ Exam from compTIA. The process exposed some gaps in Storage, Federated Identity and Application life-cycle.

    Bootcamp - Scheduled
    Right now I have a 5 day CISSP bootcamp schedule for end of the month just to surface more weaknesses.

    In the Pipe
    But after that I am going to break down and work through some Windows 2016/Azure training on Federated Identify and go volunteer to help with our federation projects at work to close the gap some.
    Last edited by Daniel333; 08-16-2018 at 10:59 PM.
    -Daniel
    Reply With Quote Quote  

  4. Senior Member bjpeter's Avatar
    Join Date
    Jul 2015
    Location
    Honolulu, Hawaii
    Posts
    128

    Certifications
    CCSK, OCEJPAD, CSSLP, Server+, Cloud+, CCP, CASP, Mobility+, Storage+, OCP Java SE 8 Professional, Security+, OCM Java SE 6 Developer
    #3
    Quote Originally Posted by Daniel333 View Post
    Cloud+ Done!
    In prepping for the Cloud aspects of the CISSP I went ahead and self-bootcamped the Cloud Essential and Cloud+ Exam from compTIA. The process exposed some gaps in Storage, Federated Identity and Application life-cycle.

    Bootcamp - Scheduled
    Right now I have a 5 day CISSP bootcamp schedule for end of the month just to surface more weaknesses.

    In the Pipe
    But after that I am going to break down and work through some Windows 2016/Azure training on Federated Identify and go volunteer to help with our federation projects at work to close the gap some.
    Good luck with studying for the CISSP exam! I am going to take it too after I get my Linux+/LPIC-1 certification.
    2019 Goals: CISSP, CySA+, PenTest+
    2018 Goals: Linux+/LPIC-1
    Achieved: CCSKv4, OCE Java EE 6 JPA Developer, CSSLP, Server+, Cloud+, Arcitura Certified Cloud Professional, CASP, Mobility+, Storage+ Powered by SNIA, Android Certified Application Developer, OCP Java SE 8 Programmer, Security+, OCM Java SE 6 Developer, B.S. and M.S. in Computer Science
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Oct 2017
    Location
    Asia
    Posts
    281

    Certifications
    CISSP, CASP, CRISC, CISA, ISO27001 LA, CISM (application pending)
    #4
    Good job on the Cloud+ pass!

    If I may, would suggest adding the CISSP course in Cybrary.it by Kelly Handerhan (still the 2015 course also) and the free practice tests at https://www.mhprofessionalresources....=AccessControl
    Last edited by Info_Sec_Wannabe; 08-17-2018 at 02:14 AM. Reason: Updated link
    Reply With Quote Quote  

  6. Scruffy-looking nerfherdr tedjames's Avatar
    Join Date
    Jan 2014
    Location
    Surf City, TX
    Posts
    775

    Certifications
    SSCP, Security+, eJPT +4
    #5
    Quote Originally Posted by Info_Sec_Wannabe View Post
    Good job on the Cloud+ pass!

    If I may, would suggest adding the CISSP course in Cybrary.it by Kelly Handerhan (still the 2015 course also) and the free practice tests at https://www.mhprofessionalresources....=AccessControl
    Looks like it's still set up for the old 10-domain test. Interestingly, when I remove the ?id=AccessControl from the address, I get the following errors:

    Warning: include(exams/.inc.htm): failed to open stream: No such file or directory in /web/sites/books/htdocs/sites/CISSPExams/exam.php on line 47

    Warning: include(): Failed opening 'exams/.inc.htm' for inclusion (include_path='.:/web/sites/books/pear/share/pear:/web/sites/books/smarty/libs:/web/sites/books/pear') in /web/sites/books/htdocs/sites/CISSPExams/exam.php on line 47

    Nothing like leaving your website wide open.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Oct 2017
    Location
    Asia
    Posts
    281

    Certifications
    CISSP, CASP, CRISC, CISA, ISO27001 LA, CISM (application pending)
    #6
    Quote Originally Posted by tedjames View Post
    Looks like it's still set up for the old 10-domain test. Interestingly, when I remove the ?id=AccessControl from the address, I get the following errors:

    Warning: include(exams/.inc.htm): failed to open stream: No such file or directory in /web/sites/books/htdocs/sites/CISSPExams/exam.php on line 47

    Warning: include(): Failed opening 'exams/.inc.htm' for inclusion (include_path='.:/web/sites/books/pear/share/pear:/web/sites/books/smarty/libs:/web/sites/books/pear') in /web/sites/books/htdocs/sites/CISSPExams/exam.php on line 47

    Nothing like leaving your website wide open.
    Yes, although most of the concepts still apply. Oh... haven't checked that before.. the irony of it..
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks