Certification Practice Exams!
Home | News | Articles | Certifications | Quizzes | Practice Tests | Books | Training | FAQ | Freebies
GoCertify.com logo
TOOLBOX
Counselor
Cost Calculator

Certification Watch
Get the latest certification news by email!
First name:

Last name:

*Your email address:

* Enter this security code:

Our Other Sites
GoExam
Certification practice tests with free demos to download.

GoTraining
Get Training on what you need.

CertificationBooks
Find the certification book you're looking for.

SearchCertify
links, links and more certification links!

Cheap Web Tricks
No cost or low cost tools for the frugal Webmaster
Author Interview:

Susan Hansche

CoAuthor of The Official (ISC)2 Guide to the CISSP Exam

Page 1 of 2     1  2

This is the official study guide for the CISSP Exam, created by the exam's certifying organization (ISC)2. Based on the CISSP course, this book doubles as an authoritative infosec textbook. The entire work has been reviewed by past ISSA President and ISSA/(ISC)2 Co-Founder Hal Tipton. Both of the guide's co-authors hold CISSP certifications, and each of its ten CBK subject areas has been reviewed by multiple CISSPs, all of whom are recognized industry experts. We asked CoAuthor Susan Hansche to tell us about the CISSP and how her book can help you achieve this prestgious certification.

CISSP book cover

The Official (ISC)2 Guide to the CISSP Exam

List Price $69.95 (USD)
Buy it at Amazon.com
GoCertify: What kind and how much experience should someone have before considering attempting the CISSP exam?

Hansche: (ISC)2 requires four years of experience in the information system security field (or three years experience plus a college degree), so at a minimum the CISSP candidate should meet the (ISC)2 requirements. The first part of the question, what kind of experience should someone have, is more difficult to answer. Since there are 10 domains, which are by themselves well defined and developed fields, it helps the candidate to have solid experience in at least four or five of the fields, such as Security Management, Access Control, Application Program Security, Telecommunications, and Security Architectures; some experience in two or three, such as Operations, Business Continuity Planning, and Physical Security, and some understanding about the remaining domains, such as Cryptography and Law, Investigations, and Ethics. It does not matter which domains the candidate has the most experience as all are equally important to successfully passing the exam.

GoCertify: Is it possible for a relative newcomer to security to study using your book and other methods and achieve certification fairly quickly?

Hansche: Yes, but that is not the intention. Although our book was specifically written with the goal of providing more depth than the typical CISSP study guide, newcomers to the field should first gain some practical experience. It may not be possible in all situations, but working with a mentor or current CISSP will be more beneficial in learning the field. This experience will lead the newcomer to obtaining the certification - essentially the more you know from practical experience the easier it is to pass the exam.

GoCertify: CISSP seems to be highly regarded as a security certification. Why do you think it garners so much respect?

Hansche: While there are certifications available for each of the domains, the CISSP is a comprehensive exam of the industry. For example, a business continuity planner may qualify for a Certified Business Continuity Professional (CBCP); a system administrator may have a Cisco or technical certification; or, an auditor may receive the Certified Information Systems Auditor (CISA), but the combination of all that knowledge and more into one single certification is the differentiator. Thus, the respect for the CISSP certification is based on the extensive knowledge of many fields that is needed to pass the exam.

GoCertify: What is the most difficult part of the CISSP exam and how can candidates successfully prepare for it?

Hansche: It depends - even though this answer is somewhat of a cliché, there are several difficult parts of the exam. For some, it will depend on how long it has been since they have taken a multiple-choice exam. If it has been 20+ years since they sat for an exam the test taking aspect can be daunting and difficult. Thus, part of the process for all candidates is remembering (or learning) how to read, understand, and answer multiple-choice questions. Others will find specific domains very difficult, usually because they have not been exposed to them or have no practical experience. For example, those with experience as network/system managers find the physical security domain difficult, while a physical security professional will find the telecommunications domain complex.

GoCertify: Do you feel that there is a high demand for people with CISSP certification and do you think it will grow, shrink, or stay the same over the next few years?

Hansche: The high demand is solid and will continue to grow. The capabilities of automating information systems continue to increase and provide benefits to organizations. These abilities lead to increased use of the systems, which in turn lead to a continuing need to protect the system and its information. I like to view it from a historical perspective. Think about what were the hot IT trends in the 1960s, '70s, '80s, and '90s. During those decades, technology improved and provided users with more processing speed, memory, storage, connectivity, bandwidth, etc. Essentially, the improvements in information technology have lead to a dependence on using automated systems to process and store information, this increased reliance has led to a greater need to protect the systems. Security is the growth area in the 2000s!

next page Page 1 of 2     1  2





 
(c) copyright 1998-2008 Anventure.  All Rights Reserved.
contact us | advertise | privacy policy