WOMEN IN CYBERSECURITY - CISSP STUDY GROUP
Preparing for the CISSP exam:
It can be quite a challenge to prepare yourself for the CISSP exam.
However if you plan correctly you can pass the test at your first attempt. Over the course of the next few weeks we will be using a few different means to study for this exam. This will be an interactive study group. Carlo or myself will NOT be doing all the talking because we are not the experts in many of these subjects, however we will be the co-facilitators. We will be counting on each an every one of you to provide input and share material, tidbits, tricks, and whatever else you may have to help yourself and others.
Before we began we suggest that everyone go to this website (https://www.isc2.org/cissp-how-to-certify.aspx) and make sure you have the right experience to get certified after you take the test. Basically you can take the test but if you don’t have the right qualification you will not be able to get certified as a CISSP but you can become an Associate. Don't have the experience? Become an Associate of (ISC)² by successfully passing the CISSP exam. You'll have 6 years to earn your experience to become a CISSP. Please be familiar.
Tanya’s background; I’ve been in the Information Assurance field for over 14 years mainly in the Federal Government field working for various companies as a contractor. I’ve worked for CACI, Oracle, and SAIC to name a few. I worked on projects with Tricare Management Authority, Nuclear Regulatory Commission, Import/Export Bank, Veterans Affairs, Homeland Security, Dept of Army, Higher Ed, Medical Institutions and my favorite the USMC. I’m bias though because I spent 11 years in the Marine Corps and I am a Disabled Vet. I give this disclaimer because sometimes my tone may be direct but I don’t mean any harm.
Carlo’s background: I have a 10+ years of CyberSecurity experience in the private sector, from small, mid and large corporations, have obtained security certifications from Comptia and Security Technology Vendors like Juniper, Trendmicro, Qualys, CERT/CSIRT, I am a male member of WSC and I participated in the Cyberjutsu Training Academy, I consider myself a Security evangelist and a strong team player with high leadership and coaching skills, great aptitude for teaching, I pursue to be a Cyber Security trainer at all levels, unleashing peoples potential is my passion, participate actively as a mentor in the Cyberpatriot competition and manage the internal training plans for the Global Security team at TNS (current employer), there I serve as a senior cybersecurity analyst in the SOC at TNS (1K+ users, offices in 3 regions of world, global presence in 60 countries, Telecom, Payments and Financial services divisions)
We strongly encourage all participants interested in this study group to please come prepared to participate in the study groups. This means that you have read the material and studied the Domain we will be discussing prior to our meeting. If you are just mildly interested in this exam and not yet ready to take the test please be mindful of those of us who are preparing to take the test in few short weeks.
During this Study Group we will mainly review different Practice Exams Questions & Answers, review terms and subject matters that participants are having issues with. This exam is like none other; you cannot just memorize terms or formulas, you have to know the material.
• If you can, register for a CISSP class -> Women in CyberSecurity is currently not advertising a class yet but typically there is a price for this. ($300 for non-members $210 for members). This class is separate and distinct from this Study Group.
• You need to buy at least one study book to study for the exam. We will be covering material from the below books along with other resources. A must have is the (ISC)2 Official Study Guide Seventh Edition - the best in my opinion. Optional Study Materials include:
o Sunflower PDF – I will send to all registered participants
o Eric Conrad 11th Hour
• Read about the exam (on this group, on http://www.cccure.org, blogs...)
• Make yourself a study plan
o Our Study Group will meet twice a week on a continuous basis until we pass the baton. If you can’t make the study session email or call me and I’ll see what I can do.
• Buy yourself some index cards to create notes/flashcards
o Suggest these cards contain material that you need more study time. Jot down notes and read more on the subject/term etc.
• Start to read/learn each domain
o Prior to each meeting ensure you have read the chapter of the material we will be discussion/reviewing.
o Bring to each study session any questions you may have on the material we will be discussing that session.
Start to test yourself with questions and answers
o http://www.cccure.org/ although this material is free would suggest paying for the paid subscription.
o Access Control
o Application Development Security
o BCP and DR
▪ Cryptography mind maps
o Law and Ethics
o Physical Security
o Go to the SANS website and watch the webcast about the exam (you need to register - it is free). https://www.sans.org/webcasts/successful-passing-cissp-95594
o Free practice exams for the CISSP, Security+ 301, CEH V7 and V8, SSCP freepracticetests.org
o Prepare yourself with scenario-based questions (more and more in the exam). A cheap product here - https://www.cccure.com/cart/products/CISSP-Scenario-Based-Questions-Part-1-of-2.html
• Set a date to take the exam; mine will be soon.
Here is the schedule: Monday and Wednesday, 700p -800p EST. We will review the domains on a continuous basis.
Security and Risk Management
Communication & Network Security
Identity & Access Management
Security Assessment & Testing
Software Development Security
- Understanding, Applying, and Enforcing Software Security)
Tanya can be reach at firstname.lastname@example.org and Carlo can be reach at email@example.com, in the case of immediate attention please call or text Tanya (703) 462-4483 or Carlo at (571) 420-3792. Make sure to identify yourself in all communication as a participant of the study group. I get many calls, text and emails. Either way we will be sure to respond as soon as we can.