After the Exam
After you have passed the exam, you will need to gain continuing education credits each year to maintain your certification. Your certification will come up for renewal every three years, so you'll need to obtain 120 continuing education credits (CPE) or retake the exam. Retaking the exam is probably not a likely choice. These are some ways to gain CPEs to keep your certification current:
- Write a book.
- Read a book. (Only one per year can be used for credit.) This will give you a couple of credits, but not enough to keep your certification current.
- Do volunteer work that is approved by ISC2. When you are certified, you can log on to the ISC2 website for more information. A variety of volunteer work is available, including proctoring the CISSP exam.
- Attend a training class. Just about any type of technology training class is accepted, as long as it is tied to one of the domains.
- Teach a training class.
- Attend a college-level security class.
As you can see, the goal here is to help you stay current. As technology changes, we all must continue to learn to keep up the pace.
Now that we have covered some of the ways in which to assess you exam readiness, let's move on to Chapter 1, "The CISSP Certification Exam," where you will learn more about how the exam is structured and some effective test-taking strategies.
The CISSP Cram Sheet
- PHYSICAL SECURITY
- SECURITY-MANAGEMENT PRACTICES
- ACCESS-CONTROL SYSTEMS AND METHODOLOGY
- SECURITY MODELS AND ARCHITECTURES
- TELECOMMUNICATIONS AND NETWORK SECURITY
- APPLICATION AND SYSTEMS-DEVELOPMENT SECURITY
- OPERATIONS SECURITY
- BUSINESS CONTINUITY PLANNING
- LAW, INVESTIGATIONS, AND ETHICS
- CRYPTOGRAPHY
A Note from Series Editor Ed Tittel
About the Author
Acknowledgments
We Want to Hear from You!
Introduction
- Introduction
- How to Prepare for the Exam
- Taking a Certification Exam
- Tracking Your CISSP Status
- About This Book
Self-Assessment
- Self-Assessment
- CISSPs in the Real World
- The Ideal CISSP Candidate
- Put Yourself to the Test
- After the Exam
The CISSP Certification Exam
- The CISSP Certification Exam
- Assessing Exam Readiness
- Taking the Exam
- Multiple-Choice Question Format
- Exam Strategy
- Question-Handling Strategies
- Mastering the Inner Game
Physical Security
- Physical Security
- Physical Security Risks
- Requirements for New Site Locations
- Building Defense in Depth
- Environmental Controls
- Electrical Power
- Equipment Life Cycle
- Fire Prevention, Detection, and Suppression
- Exam Prep Questions
- Answers to Exam Prep Questions
Security-Management Practices
- Security-Management Practices
- The Risk of Poor Security Management
- The Role of CIA
- Risk Assessment
- Policies, Procedures, Standards, Baselines, and Guidelines
- Implementation
- Training and Education
- Auditing Your Security Infrastructure
- Exam Prep Questions
- Answers to Exam Prep Questions
Access-Control Systems and Methodology
- Access-Control Systems and Methodology
- Threats Against Access Control
- Access-Control Types
- Identification, Authentication, and Authorization
- Single Sign-On
- Data Access Controls
- Intrusion-Detection Systems (IDS)
- Penetration Testing
- Honeypots
- Exam Prep Questions
- Answers to Exam Prep Questions
System Architecture and Models
- System Architecture and Models
- Common Flaws in the Security Architecture
- Computer System Architecture
- Security Mechanisms
- Security Models of Control
- Documents and Guidelines
- System Validation
- Exam Prep Questions
- Answers to Exam Prep Questions
Telecommunications and Network Security
- Telecommunications and Network Security
- Threats to Network Security
- LANs and Their Components
- WANS and Their Components
- Network Models and Standards
- Network Equipment
- Access Methods and Remote Connectivity
- Message Privacy
- Network Access Controls
- Exam Prep Questions
- Answers to Exam Prep Questions
Applications and Systems-Development Security
- Applications and Systems-Development Security
- Malicious Code
- Failure States
- The System Development Life Cycle
- Software-Development Methods
- Change Management
- Programming Languages
- Database Management
- Exam Prep Questions
- Answers to Exam Prep Questions
Operations Security
- Operations Security
- Hack Attacks
- Operational Security
- Auditing and Monitoring
- Categories of Control
- Fax Control
- Ethical Hacking
- Contingency Planning, Backup, and Recovery
- Exam Prep Questions
- Answers to Exam Prep Questions
Business Continuity Planning
- Business Continuity Planning
- The Risks of Poor Business Planning
- Business Continuity Management
- Business Continuity Plan (BCP)
- Disaster Recovery Planning (DRP)
- Exam Prep Questions
- Answers to Exam Prep Questions
Law, Investigations, and Ethics
- Law, Investigations, and Ethics
- Computer Crimes
- Common Attacks
- Ethics
- International Property Laws
- Parameters of Investigation
- Forensics
- Major Legal Systems
- Exam Prep Questions
- Answers to Exam Prep Questions
Cryptography
- Cryptography
- Cryptographic Basics
- History of Encryption
- Symmetric Encryption
- Asymmetric Encryption
- Integrity and Authentication
- Steganography
- Public Key Infrastructure (PKI)
- Cryptographic Services
- Cryptographic Attacks
- Exam Prep Questions
- Answers to Exam Prep Questions
Practice Exam 1
Answers to Practice Exam 1
Practice Exam 2
Answers to Practice Exam 2
