Security Management Strategies for the CIOAccess "First person: Editor Andrew Briney on how to pass the CISSP exam"
This article is part of the June 2003 issue of Defense-in-Depth: Securing the network from the perimeter to the core
Certifiable: A newly minted CISSP gives you the inside scoop on information security's most coveted -- and controversial -- certification. I just took the CISSP exam, and I'm here to testify: Everything you've heard about it is true. It's both disarmingly easy and bewilderingly difficult. It's both legitimately challenging and totally unfair. It's both incredibly rewarding and pull-out-your-hair-and-scream-to-the-heavens aggravating. It's a mystery wrapped in riddle inside an enigma. It's both disarmingly easy and bewilderingly difficult. It's both legitimately challenging and totally unfair. It's both incredibly rewarding and pull-out-your-hair-and-scream-to-the-heavens aggravating. And here's the punch line: The exam is a metaphor for the CISSP credential itself. The CISSP is the undisputed heavyweight champion of infosec certifications, the gold standard, the pièce de résistance. Yet it's routinely ridiculed as a "paper certification," lacking depth or practical application. Even those who proudly use it like a third name--"Hi, I'd like to order a pizza; ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Designing a defense-in-depth network security model
by Joel Snyder, Contributor
We challenged networking and firewall vendors to provide defense-in-depth security from the perimeter to the core. Their responses give us a glimpse into the future of enterprise network security.
-
First person: Editor Andrew Briney on how to pass the CISSP exam
by Andrew Briney
Newly minted CISSP Andrew Briney explains how to pass the CISSP exam, infosec's most coveted and controversial certification.
-
CISSP study plan: CISSP prep books, guides and resources
by Andrew Briney
Check out Andrew Briney's CISSP study plan recommendations on the best CISSP prep books, guides and websites.
-
The security risk management lifecycle framework
by Andrew Briney
Learn about the seven steps in the enterprise information security risk management lifecycle framework.
-
Designing a defense-in-depth network security model
by Joel Snyder, Contributor
-
-
Top challenges facing defense-in-depth firewall technology
by Joel Snyder, Contributor
Defense-in-depth firewall technology may offer value, but there are six barriers thwarting firewall technology on the port level.
-
Preparing for CISSP exam questions: What to expect
by Andrew Briney
Anybody who says the CISSP exam is easy isn't telling the whole story. There are plenty of difficult questions--some legitimate, some goofy.
-
Roundtable: Practical strategies for enterprise-wide risk management
by Andrew Briney
Four CISOs explore practical strategies for managing enterprise risk-from classification to assessment to monitoring to response.
-
Keeping security initiatives on track through executive, management turnover
by Anne Saita
How to keep enterprise security initiatives on track...even when there are cracks in the corporate ladder.
-
Top challenges facing defense-in-depth firewall technology
by Joel Snyder, Contributor
-
Columns
-
Achieving compliance with the California SB 1386 privacy law
by Randy Sabett, Contributor
California's new SB 1386 privacy law is full of ambiguity, but if you do business there, you'd better get your guard up.
-
Test center: CORE IMPACT 3.1 automated pen testing tool
by Scott Sidel, Contributor
Numerous mistakes tarnish the benefits of CORE Security's CORE IMPACT 3.1 automated pen testing tool.
-
POF fingerprint scanning tools mitigate OS fingerprinting vulnerabilities
by Marcus J. Ranum, Contributor
Nmap's silent parnter, POF is an OS fingerprinting tool for the good guys.
-
How to learn IT security in your spare time
by Dana W. Paxson, Contributor
When considering how to learn IT security, never underestimate the power of a few minutes of downtime.
-
Achieving compliance with the California SB 1386 privacy law
by Randy Sabett, Contributor
More Premium Content Accessible For Free
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...
Emerging threat detection techniques and products
E-Handbook
Advanced persistent threat (APT) has been a used and abused term in the security industry, but security experts say targeted attacks are a growing ...
The rapid evolution of MDM solutions
E-Zine
Mobile device management (MDM) continues to grow at a feverish pace, both in terms of adoption and mobile security features. BYOD policies, and the ...