By Sarah Morgan
Your CISSP exam and curriculum is changing. With the release of a brand new exam blueprint and updated CISSP domains imminent, the material you're revising now will soon be out of date.
The switch will be made on April 16th 2015, when the ten CISSP CBK domains will be reduced to eight.
Don’t get caught out by the 2015 domain refresh. Take a look at these up-to-date revision resources, aligned to the 8 brand new CISSP domains.
1. Official (ISC)2 Guide to the CISSP CBK, Fourth Edition (ISC2 Press) Hardcover – 10 Apr 2015
Released last week, you don’t get any more up-to-date than (ISC)2’s Official Guide to the CISSP CBK.
This official guide, endorsed by (ISC)2 and edited by Adam Gordon, covers the refreshed technical content added to the CISSP CBK. The book provides a comprehensive guide to the eight CISSP domains and includes illustrated examples, practical exercises and real-life scenarios.
How to buy it:
And remember, if you’re an (ISC)2 member, you’ll get 50% off Official (ISC)2 textbooks!
2. The NEW 2015 CISSP Exam. Brace Yourself (and prepare yourself)! Webcast with Dave miller
Dave Miller has been an IT security specialist since 1980, is a published author and lecturer. So it’s no surprise he’s been following the new CISSP CBK with interest.
His comprehensive webcast, originally hosted March 17th 2015, is now available for free online at Oreily.com. The 93 minute webcast covers an abundance of CISSP topics including:
- A review of the 2012 CISSP certification exam
- The new CISSP 2015 examination
- CISSP certification requirements
- New test-worthy topics
- How to prepare for the new CBK and CISSP exam
- Conclusion: Q&A
To watch the webcast, sign up here.
3. (ISC)2 Overview & Key areas of knowledge in the 8 new CISSP domains
(ISC)2 has released a candidate information bulletin in line with the new CISSP exam blueprint. This massive document includes overviews of each of the 8 brand new CISSP domains alongside the key areas of knowledge you’ll need to understand to pass your exam.
This resource is excellent for any professional who needs a quick refresher on what’s contained in the new CISSP domains.
However, don’t treat the information found here as replacements for experience or knowledge - (ISC)2 state that, “[The candidate information bulletins] were developed to provide candidates with basic information…the outlines are not intended to be in-depth reviews of the examination.”
Access the document here.
4. (ISC)2 sample exam questions
Also included in the (ISC)2 CISSP candidate bulletin are sample questions, aligned to the new exam blueprint. We’ve included them below:
1. Which one of the following is the MOST important security consideration when selecting a new computer facility?
a. Local law enforcement response times
b. Adjacent to competitors’ facilities
c. Aircraft flight paths
d. Utility infrastructure
2. Which one of the following describes a SYN flood attack?
a. Rapid transmission of Internet Relay Chat (IRC) messages
b. Creating a high number of half-open connections
c. Disabling the Domain Name Service (DNS) server
d. Excessive list linking of users and files
3. Which one of the following is a limitation of fuzzing, as it relates to secure software development best practice?
a. Access to the source code is required
b. Not all discovered issues are exploitable
c. Issues must be accessible through an open interface
d. Is not suitable where code development is outsourced
Find the answers on Page 33 of the CISSP candidate bulletin.
Got a burning CISSP question?
If you’ve got more questions, take a look at our CISSP FAQ covering the new exam blueprint.
And if you need to get certified with accelerated CISSP training, good news – Firebrand are the only authorised (ISC)2 partner in the UK and will be teaching the latest 2015 CISSP material from the 20th April 2015.
About the Author:
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.