Friday, 24 October 2014

How to become a CISSP


By 


CISSP is a global standard, widely recognized as the information and cybersecurity benchmark certification.

It’s an advanced cert that demonstrates a wealth of IT security knowledge and experience. If you want to ascend the ranks of information security, a CISSP can be an incredibly valuable asset.

The CISSP is a demonstration of your information security acumen and fundamental step for the senior role of Chief Information Security Officer (CISO). With the CISSP, you’ll have a common baseline and standardisation of knowledge, a proven record of ethics and a solid reputation of professional conduct (crucial for a business leader and any striving for senior level positions).

How to become a CISSP

The journey to becoming a CISSP takes hard work and dedication. If it didn’t, this certification wouldn’t be so valuable.

There are five steps to becoming (and maintaining a) CISSP:
  1. Meet the experience requirements
  2. Pass the exam 
  3. Obtain an Endorsement
  4. Prepare for an Audit
  5. Recertification

Don't let the bad guys in.
morguefile / larryfarr

1. Meet the experience requirements 

In order to even register for your CISSP exam, you’ll need to prove you possess five (or more) years of professional experience in information security. 

Plus, you’re history of professional experience must have involved at least two of the following 10 domains present in the CISSP Common Body of Knowledge (CBK):

  1. Access Control
  2. Telecommunications and Network Security
  3. Information Security Governance and Risk Management
  4. Software Development Security
  5. Cryptography
  6. Security Architecture and Design
  7. Operations Security
  8. Business continuity and Disaster Recovery Planning
  9. Legal, Regulations, Investigations and Compliance
  10. Physical (Environmental) Security 

(ISC)2 provide one-year reductions in professional experience if you possess on of the following:

  • A four-year college degree
  • You hold a credential from (ISC)2’s approved list. Examples include: MCSE, MCSA, MCITP CompTIA Security+, the CISA / CISM and the CCNP (to name just a few)
  • An advanced degree in information security from the U.S. National Centre of Academic Excellence in Information Assurance Education (CAE/IAE)

It’s worth noting that you cannot combine these qualifications, regardless of how many you possess, you can only receive a maximum reduction of one year.


2. Pass the exam

So you’ve accumulated 5 years of information security experience (or 4 years with the 1 year waiver) and your work embraces two of the 10 CISSP CBK domains.

But before you can even sit the exam you’ll also have to complete the Candidate agreement, confirming your aforementioned experience, and legally committing to the Code of Ethics. You’ll then be required to successfully answer four questions regarding your criminal history and related background.

Now you just need to pass the exam, right? Well, as you can imagine, passing the CISSP exam is going to take some serious preparation.

In fact, in the words of (ISC)2 – ‘The vast breadth of knowledge and experience required to pass the CISSP is what sets it apart.’

The CISSP exam will test your knowledge of the 10 CISSP domains. Achieving the standard of knowledge you need to pass the exam takes time and dedication.

Many CISSP holders recommend taking up to 15 days off work, just to round off your 4 month revision journey. If you can’t afford to take this much time off work, there are always more efficient ways to achieve your CISSP, like training courses or varying speeds.

Now, book the exam – do it early and you’ll save money. But, please note: some training providers do include the exam cost in their training package.

Either way, it’s time for your exam. Be ready for a test of endurance – you’ll have 6 hours to answer as many of the 250 multiple choice questions as you can. 
 

3. Obtain an Endorsement 

Congratulations, you passed your exam! But you’re not done yet. You’ll now have to proposition an active (ISC)2 credential holder to attest to your industry experience.
They’ll have to fill out an endorsement form for you. Once (ISC)2 receives and approves the endorsement, you can finally take up the mantle of a fully-qualified CISSP.


4. Prepare for an audit

(ISC)2 randomly submits some of its CISSP professionals to audits. It’s never a good idea to skew the facts on your application, especially so if you’re singled out for an audit.

If you are found to have incorrect or falsified data on your application, you’re going to lose your CISSP. Honesty really is the best policy.


5. Maintaining your certification 

To remain a member of the (ISC)2, and to keep your CISSP certification, you must:

  • Abide by the (ISC)2 Code of Ethics
  • Obtain and submit the required Continuing Professional Education credits (CPEs)
  • Submit Annual Maintenance Fees (AMFs) upon receipt of annual invoices

The information security landscape is constantly in flux, perhaps no more so than information security. As a result, your CISSP must be maintained with CPEs – a minimum of 20 CPEs every year for the first two years of the three-year cycle.

Even if you satisfy the CPE requirements of your first or second year, your tally must still equal 120 by the end of the third year.

CPE’s can be gained through live educational events and online seminars (available to (ISC)2 members only).

If your certification is terminated, you’ll need to retake the examination before you can return to being CISSP certified. You’ll also be charged a $35 reinstatement fee upon recertification (though this pales in comparison to working through the 6 hour exam once more).



Got what it takes?

If you’ve got the experience, determination and drive to crush the CISSP but don’t want to take several weeks off work – try an accelerated course. You could be certified in only 5 working days.

Related articles:


About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 23 October 2014

Get 65 Free Microsoft E-books, no strings attached


By 


Eric Ligman, Senior Sales Excellence Manager at Microsoft has uploaded a massive treasure trove of free Microsoft eBooks. Christmas has definitely arrived early.

And it’s not the first time Mr Lingman has done this. Last summer he uploaded a small collection of free Microsoft eBooks and was overwhelmed by the phenomenal response. Now he’s back, with a lot more.

These eBooks are completely free and, as Eric puts it – ‘are not time-bombed; there is no catch.’

Almost every eBook is available in EPUB, DOC and MOBI formats. From Kindle to Kobo, you’ll get complete E-reader compatibility.

Over 3.5million eBooks have been downloaded so far from Eric’s personal blog.

Here’s the full list of free eBooks with download links:



Office & Office 365

image
Microsoft Office 365 for professionals and small businesses: Help and How To
EPUB
MOBI
PDF



SharePoint
image
Explore SharePoint 2013
EPUB
MOBI
PDF
image
Deployment guide for SharePoint 2013
EPUB 
MOBI 
PDF
image
Test Lab Guide: eBook for SharePoint Server 2013 Intranet and Team Sites
EPUB
MOBI
PDF
DOC
image
Create a Balanced Scorecard (SharePoint Server 2010)

EPUB
MOBI
PDF
image
SharePoint Server for Business Intelligence
EPUB
MOBI
PDF



SQL Server
image
5 Tips for a Smooth SSIS Upgrade to SQL Server 2012
EPUB 
MOBI 
PDF
image
A Hitchiker's Guide to Microsoft StreamInsight Queries 

EPUB
MOBI 
PDF
image
Data Mining Extensions (DMX) Reference

EPUB 
MOBI
PDF
image
Data Quality Services  

EPUB
MOBI
PDF
image
High Availability Solutions 

EPUB
MOBI 
DF
image
Master Data Services

EPUB 
MOBI
PDF
image
Monitor and Tune for Performance

EPUB 
MOBI 
PDF
image
Multidimensional Expressions (MDX) Reference

EPUB 
MOBI
PDF
image
SQL Server Distributed Replay

EPUB
MOBI
PDF
image
Transact-SQL Data Definition Language (DDL) Reference

EPUB
MOBI 
PDF
image
XQuery Language Reference 

EPUB 
MOBI
PDF
image
Extracting and Loading SharePoint Data in SQL Server Integration Services 

EPUB 
MOBI
PDF
image
Integration Services: Extending Packages with Scripting 

EPUB 
MOBI
PDF
image
Multidimensional Model Programming
EPUB 
MOBI
PDF
image
Optimized Bulk Loading of Data into Oracle

EPUB
MOBI
PDF
image
Planning Disaster Recovery for Microsoft SQL Server Reporting Services in SharePoint Integrated Mode
EPUB
MOBI 
PDF
image
SQL Server 2012 Tutorials: Reporting Services

EPUB 
MOBI
PDF
image
SQL Server 2012 Tutorials: Writing Transact-SQL Statements

EPUB
MOBI 
PDF
image
SQL Server Community FAQs Manual

EPUB
MOBI 
PDF



System Center
image
Cmdlet Reference for App Controller in System Center 2012 SP
1
EPUB
MOBI
PDF
image
Technical Documentation for System Center 2012 - Virtual Machine Manager

EPUB 
MOBI
PDF



Visual Studio
image
Better Unit Testing with Microsoft Fakes
EPUB 
MOBI
PDF
image
Dependency Injection with Unity 

PDF
image
Developer's Guide to Microsoft Enterprise Library (Second Edition)

PDF
image
Testing for Continuous Delivery with Visual Studio 2012 

PDF
image
Upgrade Team Foundation Server 2012: the ultimate upgrade guide

EPUB 
MOBI
PDF



Web Development
image
ASP.NET Multi-Tier Windows Azure Application Using Storage Tables, Queues, and Blobs

EPUB 
MOBI 
PDF
image
ASP.NET Web Deployment using Visual Studio 

EPUB
MOBI 
PDF
image
Developing Modern Mobile Web Apps 

EPUB
MOBI
PDF
image
The Entity Framework 4.0 and ASP.NET Web Forms – Getting Started
EPUB
MOBI
PDF
image
Getting Started with the Entity Framework 4.1 using ASP.NET MVC

EPUB 
MOBI
PDF
image
Project Silk: Client-Side Web Development for Modern Browsers
PDF



Windows
image
Administrator's Guide for Microsoft Application Virtualization (App-V) 5.0

EPUB
MOBI 
PDF
image
Administrator’s Guide for Microsoft BitLocker Administration and Monitoring 1.0

EPUB
MOBI 
PDF
image
Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset (DaRT) 7

EPUB
MOBI 
PDF
image
Administrator’s Guide for Microsoft Diagnostics and Recovery Toolset (DaRT) 8.0
EPUB 
MOBI 
PDF
image
Administrator’s Guide for Microsoft User Experience Virtualization (UE-V) 1.0

EPUB 
MOBI
PDF
image
Developing an end-to-end Windows Store app using C++ and XAML: Hilo


PDF
image
Developing an end-to-end Windows Store app using JavaScript: Hilo
PDF
image
Prism for the Windows Runtime: Developing a 

Windows Store business app using C#, XAML, and Prism 

PDF
image
Programming Windows 8 Apps with HTML, CSS, and JavaScript
EPUB
MOBI
PDF



Windows Azure
image
Autoscaling Application Block and Transient Fault Handling Application Block Reference 

EPUB
MOBI 
PDF
image
Create Your First Application: Node.js and Windows Azure
EPUB 
MOBI 
PDF
image
Developing Multi-tenant Applications for the Cloud on Windows Azure (3rd Edition) 

PDF
image
Drupal on Windows Azure
EPUB 
MOBI 
PDF
image
Exploring CQRS and Event Sourcing: A journey into high scalability, availability, and maintainability with Windows Azure 

PDF
image
Migrating Data-Centric Applications to Windows Azure
EPUB 
MOBI
PDF
image
Moving Applications to the Cloud on Windows Azure (3rd Edition)

PDF
image
Using Windows Azure Mobile Services to Cloud-Enable your iOS Apps
EPUB 
MOBI
PDF
image
Using Windows Azure Mobile Services to Cloud-Enable Your Windows Phone 8 Apps
EPUB
MOBI 
PDF
image
Using Windows Azure Mobile Services to Cloud-Enable your Windows Store Apps in C#
EPUB 
MOBI 
PDF
image
Using Windows Azure Mobile Services to Cloud-Enable Your Windows Store Apps in JavaScript

EPUB 
MOBI
PDF
image
Windows Azure and SQL Database Tutorials 

EPUB
MOBI
PDF



Windows Server
image
A Guide to Claims-Based Identity and Access Control, Second Edition
PDF
image
Introducing Windows Server 2012

EPUB 
MOBI 
PDF
image
TCP/IP Fundamentals for Microsoft Windows 

PDF




Alternatively, you can navigate to Eric’s blog to find the same content.

If you know anybody who would find these resources helpful, direct them towards this amazing Microsoft treasure trove.

And, if you yourself found these resources useful, make sure to say ‘Cheers!’ to Eric Ligman. You can find him on Twitter, Facebook, LinkedIn, and of course, his blog.


About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry.