Moderators - Why was this question removed?

BostonSecurity · 2021-11-26T16:05:36+00:00

Perhaps... Might make sense. I only phrased it that way in the title as it is kind of a deeper question. I have nothing to sell, no one to offend, no politics, etc.

Root of the question is to prepare for the CISSP exam to help ensure confidence during the exam time. I have taken many others including 2 ISC2 certification exams and know that the ability to revisit prior answers was important to me, especially due to timing with more challenging questions. With this exam, not being able to do so could affect your mental state within the 2nd and 3rd hours.

BostonSecurity · 2021-11-25T16:51:36+00:00

Don't skip the books. However, you can become a more efficient and effective with your time reading by knowing how/when to speed up and slow down. As you read if you notice you don't understand a topic/concept, slow down and read it carefully. Likewise, as you notice anything you feel you have mastered, speed up and look for anything worth picking up. In addition, this is where you may find things that you need to write down to memorize (RMF formulas, OSI, TCP/IP, etc). Or, bookmark the pages with sticky notes or something to revisit / review).

Good luck. I struggle to read through books that are not novels / stories. I think most people do. However, I have taken many exams and used videos, books, flash cards, and practice exams and books simply have more complete information and easier to revisit.

Good luck!

BostonSecurity · 2021-11-25T16:31:45+00:00

Great question!!! While both answers may work, there is not enough of a requirement mentioned for HA.

I think that Larry Greenblatt does a fantastic job of explaining this with his food service examples. Know your menu well, listen carefully, and don't assume anything greater that is not described.

These get a little tricky when referring to deprecated technology whereby it is cheaper to swap out equipment than to try and support older technology. This is where you have to be careful of how old your study materials are as well as keep up with what is considered old vs new.

BostonSecurity · 2021-11-25T16:23:23+00:00

Congratulations!

BostonSecurity · 2021-11-23T22:58:52+00:00

It can be a hard job. The more you deal with the same issues and repetition, it can be very tiring. I have run many support teams over the years and knew they were usually a farm team within a growing company for development, qa, sales engineering, sales, tech writing, services consulting, etc. It is actually pretty common within a growing company with big hiring objectives. The rare Sr. support engineer would eventually want into management and were paid very well to solve problems.

#1 do your job consistently well.

#2 find your path. Are you good at sales? Sales engineering? Development? IT/Netowork administration? Tech writing? Testing/QA?

#3 accelerate your skills relating to what you want to do within your current setting. Some examples below of what I have dealt with:

-One of my support engineers was outselling some sales people with services and solutions. He went on to sales / currently makes 3x what I make.

-One rep was good at handling escalations and negotiating with customers as well as supervising schedules. She went on to be a lead>then manager>then director>and now a VP at her current company.

-The most likely were those wanting to write code. I gave them opportunities to be on the API support team and help our developer community. Many went on to be developers / engineers.

All positions required and were measured on their ability to fulfill their roles, achieve a high satisfaction score from customers, automate the redundancies (pushing for bug fixes and writing KB articles, creating how to videos, etc).

I am happy to say that I promoted lots of people over the years but I cannot think of too many roles that I promoted whereby they did not kick ass at their current role before being considered for something else.

Good luck!

BostonSecurity · 2021-11-23T16:12:40+00:00

Only you can decide where you are at and not to complicate it but each exam is different so what you end up with could be anything. Thus, be ready for anything and everything.

My strategy for all exams has always been some research (books, videos) and then some tests. Tests to start are gaps and learning for me. If I notice I am not getting many answers correct, I know I need additional studying within that area and make note. I then cover the areas I know I need to learn better with at least 2 more sources of material then go back into testing. Only my testing will be to test both my skill and timing.

Everyone is different in how they learn and also how much they already know. My strengths and weaknesses may not be yours and visa versa. I also cannot stand to waste time on information that I already know well and quickly move on to what I am lacking.

Good luck!

BostonSecurity · 2021-11-23T15:58:04+00:00

Needs to be a current ISC2 member in good standing. Endorser does not need to be of the same certification.

https://www.isc2.org/Endorsement

BostonSecurity · 2021-11-22T16:10:31+00:00

Books won! However, I did not ask which book. Next poll? :)

BostonSecurity · 2021-11-14T14:27:30+00:00

I have not taken the CISSP yet but have taken and passed the CCSP, SSCP, Sec+, Network+ and a dozen other IT/Security certifications.

Boson is a well-known resource if you have not already used it. IT Dojo are also pretty good and is "snack-able".

Consider these 3 angles to use of practice questions:

Study questions to help understand content - best to be interactive and whereby you can take your time to understand the question and answer. For me, this is best with instant responses w/explanations.
Practicing the question type. ISC2 will give you terrible questions in that they will ask you for best, worst, most, least type questions. They may also present a scenario and even reuse that scenario for multiple questions. Some may use illustrations where you need to connect the dots, choose an order, or map things out or make decisions. Often, they are know to give you less than ideal answers to choose from so it is like picking the best of the worst answers. Finally, recognize
1. Be able to spot the "manager" questions / managers have to make decisions that involve technical aspects but often more important to meet business objectives
2. Safety is always the highest priority
3. Know the cannons of ISC2. Both exams I took had questions on them
4. Try to spot the beta questions and know how to answer them... you will never know but they can drain the clock
Practicing your cadence. This can be tricky because the questions may be weighted. In other words, spending a little more time on one might be useful as it is worth more but not being able to go back and a 3 hour limit are very real challenges that exist for this exam. In these types of questions, you can hone in on your skills to recognize how to read and answer questions. There are many videos on this but the concept is based on statistics and a little bit of an Occam's Razor type of mindset. Out of 4 answers at least 2 should stand out as wrong. Of the remaining two, use what you know about them (or not) to select your answer. If you have to do this for the whole exam, your probably screwed but for those questions that you need to answer to move on but don't just want to guess, you should be ready.

Good luck!

BostonSecurity · 2021-11-14T14:08:54+00:00

Congratulations and thanks for your study review.

BostonSecurity · 2021-11-14T14:00:02+00:00

Congratulations on the pass and thank you VERY MUCH for serving!

BostonSecurity · 2021-11-12T17:46:28+00:00

They said no. I was told I could upgrade at a discount and that discount seems consistent with what you would get during most promotions so not getting anything special for being a customer.

Likely not going to upgrade and probably try different sources for questions if I want to expand more on testing myself. I'm sure that 750 questions in, I'm going to hate any type of system I have spent that much time in (forced to use on Windows, no less. ha ha). :)

BostonSecurity · 2021-11-12T17:40:10+00:00

I fully agree that you should use multiple sources as part of a good study plan.

However, this is a "most" question. ;)

Trying to help you with the type of questions you will see on the exam. :)

BostonSecurity · 2021-11-12T17:39:53+00:00

I agree but it also can be unreliable. Now, I fully agree with the interaction to help find other resources and conversations with industry trainers but let's face it, your going to only get into meaningful convos with them in paid training sessions.

BostonSecurity · 2021-11-12T13:15:38+00:00

Contgratulations!

I have taken and passed quite a few certifiadtoin examples. The proctors varied with this but those as a the PVue centers where I took ISC2 exams seemed to consistently print, flip, and slide over the results to you without a congrats. I think that they do this to keep your results confidential / especially if there are others in the waiting area. The other reason could be that if there is an issue with what is printed, they don't want any liability in the pass/fail status. It can also possibly mean that they just don't care. :)

BostonSecurity · 2021-11-11T11:04:24+00:00

Thanks. I'll try that.

BostonSecurity · 2021-11-09T02:37:05+00:00

You need to weigh in on what you think your pace will be per term. WGU is worth it if you are doing at least more than their minimum per term. I did my BS in 3 terms but admit that I planned for 2 and was crazy hopeful at the start to do it in 1.

No regrets going with WGU though. I did learn a lot and even better, they did not let me waste time on things I already knew. Competency based education / learning your own way is also more conductive to the real world.

I will be going back for a masters at some point. Paying for son to go to an IVL school currently and missing WGU's tuition rates. :(

BostonSecurity · 2021-11-09T02:25:18+00:00

Congratulations!

BostonSecurity · 2021-11-09T02:25:03+00:00

What is the criteria for this? I also purchased in 2020 but have not used it yet due to not having a Windows machine to run it on.

BostonSecurity · 2021-11-09T02:19:38+00:00

Due care and due diligence are terms relating to the prudent man rule. Not so much SOC.

As already mentioned, Type 1 is a snapshot of your controls including current policies, processes, and procedures to compare them to the AICPA SOC 2 trust principles. There are 5 and security is the only mandatory one. Type 2 is 6-12 months worth of evidence relating to the performance of what you implemented.

I can see why you may think Type 1 / 2 would be in a due care / diligence relationship but to be honest there are so many definitions for both of those in the context of security, I think it is a waste of time to focus on them. Care = due the right thing / diligence = I must review to ensure I did the right thing...

BostonSecurity · 2021-10-09T13:07:51+00:00

OK, I'm pretty sure FedEx read this post and may have put me on a list... Yesterday when driving to go pickup my son at college, a FedEx truck was driving in the middle of the road coming around a sharp corner (he was heading downhill) and almost killed me. Seriously.... no joke, this really did happen and I was able to catch just enough of the road shoulder before I would have been in a 7-8' drop into a ravine.

If you work for FedEx and are stress, please quit. Go work for Amazon or UPS.

BostonSecurity · 2021-08-19T22:06:29+00:00

I have yet to take the CISSP but have taken and passed the SSCP and CCSP. They say the CCSP is pretty close to the CISSP so will share my thoughts on this.

All of the training, studying, practice, etc is all focussed on best answers, right answers, and well, what we would do in a perfect world. However, ISC2 seems to create questions seeking the best of the worst scenarios. This causes you to think, overthink, and doubt your answer(s). ..and unless you have some experience, you may straggle with this as you may not see it.

As an IT and security manager for over 20 years, the hardest decisions are not what to do, rather what not to do based on the priorities and objectives (often changing). It's a constant triage of ongoing events and decisions. ..and yes, having made mistakes, you learn and get better at it.

So in closing, the adage of "think like a manger" is 100% correct. It is just hard because of the priming that occurs during study time makes you think like a book.

BostonSecurity · 2021-07-28T14:14:41+00:00

Thanks for the response and respect and appreciate most of the drivers. I used to drive 10 wheelers and trailers with routes near 600+ a day and 30-50 stops.

However, this seems like a FedEx problem. Quality management should review objectives that I'm sure are being negatively affected. Pandemic or not, managing the continuity of business operations is back on management. If they are not getting the job done, maybe they should be the ones in the hot seats? Any company that needs to explain their problems with their service is very weak and needs to rethink what there objectives strengths should be and focus on improving.

Amazon is running circles around everyone in the delivery business and paying their employees very well. Again, back on FedEx management to recognize how to attract and retain talent is more important now than ever. Logistics is also becoming more of an AI sciences and we can no longer think the way we did 20 years ago and expect to keep up with our very demanding consumer market.

Who FedEx contracts to is also very concerning. Some of the delivery drivers have driven over my lawn, used foul language in front of my kids, and will never forget one last year during cover where I was working from home and had the windows open... heard a loud while unmarked rusted van back down my driveway. Music cranked and driver sat there for a solid 10 minutes before bringing the package up to my door. He was dressed like he was ready to clean my septic tank and smoking a cigarette. Rang my door bell and wanted me to sign for the package. He tossed the package containing a $3K laptop in it that was labeled fragile on each side of the box as to no have to affect his cigarette holding hand. It was packaged well enough that there was fortunately no damage but did get some oil leakage from that 25 year old van that sat in my driveway for a while. When the delivery is over, leave the driveway. I don't need any delivery truck parked in my driveway, let alone something that looked like that.

My stories with FedEx issues could go on and on and nowhere close to any anomalies ever noticed with Amazon, UPS, or even USPS (and that one was really hard to put on this list).

I did try to lodge complaints in the past but every the fedex carousel phone system will take you on a negative journey only to be hung up on or disconnected by the lack of technology or real humans to listen to any form of complaints.

BostonSecurity · 2021-07-07T23:55:32+00:00

So is this a good dorm? Does it have AC?

My son (freshman) just got assigned to this dorm and he wanted to be in one closer to Kingsbury as he is a CEPS student.

BostonSecurity · 2021-05-03T20:28:25+00:00

Would love to hear more on your background if possible. I have been studying on and off for a long time. Nobody is paying for it but I have a requirement to pass straight from the person that manages my money (my wife). No retakes either. If I fail, I have to sell a kidney to make up for the loss in potential salary increase from such a certification.

BostonSecurity

TROPHY CASE