Author Interview: Michael Gregg
Author: CISSP Exam Cram 2
Page 2 of
2 1 2
Published 10/13/2005
By Anne Martinez
GoCertify: What is the hardest part of achieving CISSP certification?
Michael Gregg: The six hour exam! Exam candidates are allotted six hours to complete the test and most people take at least three to four hours. While you may breeze through many of the questions, you will find those that are more difficult and are not based on simple facts are the ones that can be memorized. These questions are more conceptual and open to interpretation; many of these are focused on standards, principles, or best practices.
GoCertify: What is the easiest part of achieving CISSP certification?
Michael Gregg: Making the decision to just do it! Signing up is the easy part. Just go to the ISC2 website and signup for the exam. You can sign up for an exam date way in advance. I like this as it's great to anchor that commitment and helps you to realize that you've got to really buckle down and start studying.
GoCertify: What is the exam like?
Michael Gregg: It's different than many other security certifications. Unlike a Microsoft exam, you cannot just show up at a local prometric site expecting to take the CISSP exam. ISC2 only offers the test in specific locations at predetermined times. It's best to check the ISC2 website to find when the test will be held at a location close by. You'll have to wait for your
results to be emailed to you and that may take several weeks.
GoCertify: What is the best way to prepare for the exam?
Michael Gregg: Go to the ISC2 website and download a copy of the CBK (common body of knowledge). It will give you a good idea of what the test covers and what you'll need to know to pass. If an individual has a strong background in all ten domains, a review seminar, some reading, and a couple of good prep books like my Exam Cram 2 CISSP and Exam Cram 2 CISSP Question book may be enough. If you don't feel as strong in some of the domains; you may want to consider forming a study group, attending a training class, taking a week long boot camp, or even taking the training over a longer period of time. Villanova University offers CISSP training online as part of the Masters of Security certificate program. I was one of the developers for that course and am also an adjunct professor for Villanova University.
GoCertify: What other advice do you have about CISSP certification?
Michael Gregg: If you meet the requirements to take the exam, stop putting it off. If you cannot do it this year, make a new year's resolution to complete your studies and get certified in 2006. I am not going to tell you that a certification is going to guarantee you a job or even get you a raise. You should become certified because you want to grow personally and professionally in the field of security, to gain respect among your peers, for your own personal satisfaction, and because it can increase your marketability. Many years ago, one of my early mentors told me, "Mike, there are two paths in life, growth and change, while both are painful,
choose growth as it will always open doors of opportunity."
###
