(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide. Mike Chapple. Читать онлайн. Newlib. NEWLIB.NET

Автор: Mike Chapple
Издательство: John Wiley & Sons Limited
Серия:
Жанр произведения: Зарубежная компьютерная литература
Год издания: 0
isbn: 9781119786245
Скачать книгу
maintain professionalism in the field of information systems security. You can find it in the Information section on the (ISC)2 website at isc2.org.

      (ISC)2 also offers an entry program known as an Associate of (ISC)². This program allows someone without any or enough experience to qualify as a CISSP to take the CISSP exam anyway and then obtain experience afterward. Associates are granted six years to obtain five years of security experience. Only after providing proof of such experience, usually by means of endorsement and a résumé, can the individual be awarded CISSP certification.

      The CISSP exam focuses on security from a 30,000-foot view; it deals more with theory and concept than implementation and procedure. It is very broad but not very deep. To successfully complete this exam, you'll need to be familiar with every domain but not necessarily be a master of each domain.

      The CISSP exam is in an adaptive format that (ISC)2 calls CISSP-CAT (Computerized Adaptive Testing). For complete details of this new version of exam presentation, please see www.isc2.org/certifications/CISSP/CISSP-CAT.

      The CISSP-CAT exam will have a minimum of 100 questions and a maximum of 150. Not all items you are presented with count toward your score or passing status. These unscored items are called pretest questions by (ISC)², whereas the scored items are called operational items. The questions are not labeled on the exam as to whether they are scored (i.e., operational items) or unscored (i.e., pretest questions). Test candidates will receive 25 unscored items on their exam, regardless of whether they achieve a passing rank at question 100 or see all of the 150 questions.

      The CISSP-CAT grants a maximum of three hours to take the exam. If you run out of time before achieving a passing rank, you will automatically fail.

      The CISSP-CAT does not allow you to return to a previous question to change your answer. Your answer selection is final once you leave a question by submitting your answer selection.

      The CISSP-CAT does not have a published or set score to achieve. Instead, you must demonstrate the ability to answer above the (ISC)2 bar for passing, called the passing standard (which is not disclosed), within the last 75 operational items (i.e., questions).

      If you do not pass the CISSP exam on your first attempt, you are allowed to retake the CISSP exam under the following conditions:

       You can take the CISSP exam a maximum of four times per 12-month period.

       You must wait 30 days after your first attempt before trying a second time.

       You must wait an additional 60 days after your second attempt before trying a third time.

       You must wait an additional 90 days after your third or subsequent attempts before trying again.

      The exam retake policy was updated in October 2020; you can read the official policy here: www.isc2.org/Exams/After-Your-Exam.

      You will need to pay full price for each additional exam attempt.

      It is not possible to take the previous English paper-based or CBT (computer-based testing) flat 250-question version of the exam. CISSP is now available only in the CBT CISSP-CAT format in English through (ISC)2-authorized Pearson VUE test centers in authorized markets.

      

In early 2021, (ISC)2 via Pearson Vue performed an online exam proctoring pilot for CISSP. The results of this pilot will be evaluated by Q3 2021 and a decision on how to proceed will be made by (ISC)2 based on those results at that time. Keep an eye on the (ISC)2 blog for updated information about online proctored remote CISSP exam offerings.

      The CISSP exam is available in English, French, German, Brazilian Portuguese, Spanish (Modern), Japanese, Simplified Chinese, and Korean. These non-English versions of CISSP are still administered using the 250-question linear, fixed-form, flat exam.

      For more details and the most up-to-date information on the CISSP exam direct from (ISC)2, please visit www.isc2.org/Certifications/CISSP and download the CISSP Ultimate Guide and the CISSP Exam Outline (currently located in the “2: Register and Prepare for the Exam” section). You might also find useful information on the (ISC)2 blog at blog.isc2.org/isc2_blog. For example, there is a good article posted in October 2020 titled “Why Does the CISSP Exam Change?” (blog.isc2.org/isc2_blog/2020/10/why-does-the-cissp-exam-change.html).

      CISSP Exam Question Types

      You must select the one correct or best answer and mark it. In some cases, the correct answer will be obvious to you. In other cases, several answers may seem correct. In these instances, you must choose the best answer for the question asked. Watch for general, specific, universal, superset, and subset answer selections. In other cases, none of the answers will seem correct. In these instances, you'll need to select the least incorrect answer.

      Some multiple-choice questions may require that you select more than one answer; if so, these will state what is necessary to provide a complete answer.

      In addition to the standard multiple-choice question format, the exam may include a few advanced question formats, which (ISC)2 calls advanced innovative questions. These include drag-and-drop questions and hotspot questions. These types of questions require you to place topics or concepts in order of operations, in priority preference, or in relation to proper positioning for the needed solution. Specifically, the drag-and-drop questions require the test taker to move labels or icons to mark items on an image. The hotspot questions require the test taker to pinpoint a location on an image with a crosshair marker. These question concepts are easy to work with and understand, but be careful about your accuracy when dropping or marking.

      Advice on Taking the Exam

      The CISSP exam consists of two key elements. First, you need to know the material from the eight domains. Second, you must have good test-taking skills. You have a maximum of 3 hours to achieve a passing standard with the potential to see up to 150 questions. Thus, you will have on average just over a minute for each question, so it is important to work quickly, without rushing, but also without wasting time.

      Question skipping is no longer allowed on the CISSP exam, and you're also not allowed to jump around, so one way or another, you have to come up with your best answer on each question. We recommend that you attempt to eliminate as many answer options as possible before making a guess. Then you can make educated guesses from a reduced set of options to increase your chance of getting a question correct.

      Also note that (ISC)2 does