×

Loading...
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务
Ad by
  • 推荐 OXIO 加拿大高速网络,最低月费仅$40. 使用推荐码 RCR37MB 可获得一个月的免费服务

@Hamilton

(ISC)2's website has details about CISSP certification. Just go to http://www.isc2.org and check.

secfan(WhoAmI?)
CISSP is not an easy test. 250 questions in six hours and you must correctly answer at least 70 percent of them. And the questions cover so many domains. I have a networking background and it took me several months preparing for the CISSP exam by self study. Luckily, I passed. The most difficult domains for most CISSP candidates are physical security, law, investigation & ethincs and business continuity palnning. The reason is because most CISSP candidates have engineering backgrounds and their jobs are rarely related to the domains I mentioned above.

If you want to take this exam, give yourself several months to prepare for it. Don't rush to the exam unless you don't care paying the examination fee. I believe most Chinese professionlas who want to pass this exam can make it if they have appropriate background and study hard enough.
(#1135220@0)
Last Updated: 2003-4-11
This post has been archived. It cannot be replied.
Report

Replies, comments and Discussions:

  • 工作学习 / IT杂谈 / 关于(ISC)2的认证, 有没有DX有这个证书. 在CANADA如何烤??? -qzh(胡子); 2003-4-11 {1549} (#1135005@0)
    本文发表在 rolia.net 枫下论坛(ISC)2划定共通知识框架(CBK),作为CISSP的考察范围,CBK包括10个领域:

    安全管理实务(Security Management Practices)


    概念和目标
    风险管理
    策略和程序
    信息分类
    信息安全职务和责任
    信息安全意识
    事件处理
    访问控制(Access Control Systems)


    概念
    注意事项
    授权和认证
    单点登陆
    集中访问控制
    分散访问控制
    访问控制技术
    访问控制审计
    通信和网络安全(Telecommunications and Network Security)


    通信安全管理
    网络协议
    认证和授权
    数据通信
    互联网和网络安全
    入侵方法
    多媒体安全
    事件响应管理
    密码学(Cryptography)


    历史
    定义
    加密的应用和用途
    协议及标准
    基本技术
    加密系统
    对称/非对称加密
    数字签名
    使用加密技术的电子邮件安全
    使用加密技术的互联网安全
    密码管理
    PKI
    密码分析和攻击
    输出问题
    安全体系和模型(Security Architecture and Models)


    计算机科学及体系
    安全和控制的概念
    安全模型
    评估标准
    主机安全
    服务器安全
    网络架构
    网络安全
    IP安全架构
    运作安全(Operations Security)


    资源
    特权
    监控机制
    滥用
    控制方法
    原则
    应用程序与系统开发(Applications and Systems Development)


    定义
    安全目标和威胁
    系统开发周期
    安全架构
    变更控制
    应用软件开发和安全措施
    数据库和数据存储
    知识系统
    业务连续性计划与灾难恢复 (Business Continuity Planning and Disaster Recovery Planning)


    业务连续性概念
    灾难恢复概念
    灾难恢复计划程序
    程序管理
    潜在漏洞评估
    计划的制定和维护
    计划测试
    预防措施
    法律、犯罪调查及道德规范(Law ,Investigations ,and Ethics)


    法律和法规
    犯罪调查
    信息安全道德
    物理安全(Physical Security)

    设施管理
    人员安全
    物理控制更多精彩文章及讨论,请光临枫下论坛 rolia.net
    • (ISC)2's website has details about CISSP certification. Just go to http://www.isc2.org and check. -secfan(WhoAmI?); 2003-4-11 {849} (#1135220@0)
      CISSP is not an easy test. 250 questions in six hours and you must correctly answer at least 70 percent of them. And the questions cover so many domains. I have a networking background and it took me several months preparing for the CISSP exam by self study. Luckily, I passed. The most difficult domains for most CISSP candidates are physical security, law, investigation & ethincs and business continuity palnning. The reason is because most CISSP candidates have engineering backgrounds and their jobs are rarely related to the domains I mentioned above.

      If you want to take this exam, give yourself several months to prepare for it. Don't rush to the exam unless you don't care paying the examination fee. I believe most Chinese professionlas who want to pass this exam can make it if they have appropriate background and study hard enough.
      • Thanks for the insightful information! -dennis2(Dennis); 2003-4-11 (#1135443@0)
      • Thanks For Your Advice, Man. -qzh(胡子); 2003-4-11 (#1135573@0)
      • GIAC and CISSP, which one is better? Anybody want to study GIAC? -kpax(kosmo); 2003-4-15 (#1141450@0)
        • You can't say which one is better. CISSP is focus on security theories while GIAC is more hands-on. If you want to get a management position such as CISO then CISSP is the best choice. -secfan(WhoAmI?); 2003-4-15 {305} (#1141849@0)
          If you want to be a top level security techie, then GIAC is a good choice.

          My employer requires me to have CISSP but not GIAC. But I think GIAC might be more appropriate for me since I am not at a management position. I want to learn the knowledge required to pass GIAC test but I won't take the test.
    • I have it and I'd like to help you if you want to pursue it. Please sent me your phone number and I will give you a call. -shu(shu); 2003-4-11 (#1135451@0)
      • Pls check your email. -qzh(胡子); 2003-4-11 (#1135578@0)
      • i also very interested in CISSP, please contact with me.thanks -dagongzi(dagongzi); 2003-4-13 (#1138546@0)

More Topics

  • Anti-Gravity Technology Hidden in Nature - Viktor Grebennikov
  • 在空间上呆一年,吃什么?有红烧肉吗?有猪头肉吗?没有的话我不去。
  • Ancient Egyptian electricity inside the Great Pyramid of Giza
  • Elon Musk Unveils UFO Fighter Jet That Defies Physics
  • 视频:中国公司火箭回收,最后一步失败爆炸
    • 枫下论坛主坛工作学习IT杂谈