Friday, 22 December 2017

(ISC)2 Launches New CISSP® Exam Format to Help Bring More Cybersecurity Professionals into the Field

(ISC) ²® announced today that it has changed the format of its CISSP exam (English version only) in a fixed, linear way to Computerized Adaptive Tests (CAT). CAT is the computerized delivery of test elements tailored exclusively to the ability of an individual candidate. The CAT value for candidates includes that it is more efficient, has shorter test administration sessions, and is more accurate when assessing competence. The maximum administration time for CISSP CAT is three hours, which allows more opportunities for administration of exams.

"This evolution in the way we administer our exams is an important investment in the future of our certification programs," said Dr. Casey Marks, vice president of professional programs, (ISC) ². "The implementation of CAT strengthens the commitment (ISC) ² to meet the critical demand of cybersecurity professionals around the world by providing a fair, valid, reliable and efficient exam administration process. CAT offers numerous benefits to candidates, including a more accurate and efficient evaluation of a candidate's competence, more opportunities for exam administration and shorter exam administration sessions. "

As of today, the CISSP CAT exams will be available exclusively through the Pearson professional centers (PPCs) and the selected Pearson VUE (ISC) ² test centers (PVTC Selects).

About the superior certification of Cybersecurity

The Certified Security Systems Security Professional (CISSP) is the main cybersecurity certification for those involved in the design, development and management of the overall security stance of an organization, from the cybersecurity strategy to practical implementation. It requires at least five years of full-time work experience in two of the eight domains. The CISSP is one of the first IT security certifications that meets the stringent requirements of the ISO / IEC 17024 standard, a global benchmark for evaluating and certifying staff.

About (ISC) ²®

(ISC) ² is an international non-profit association dedicated to inspiring a safe and secure cyber world. Best known for the acclaimed Certified Security Systems Security Professional (CISSP®) certification, (ISC) ² offers a portfolio of credentials that are part of a holistic and programmatic approach to security. Our membership, which has more than 125,000 members, is made up of certified computer security, cybernetics and IT professionals who are making a difference and helping us move forward in the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation: the Center for Cybersecurity and Education ™.

Wednesday, 8 November 2017

14,500 Cybersecurity Professionals Join (ISC)2 Online Community in First 30 Days


More than 14,500 cybersecurity professionals have joined the new online community (ISC) ² since its launch last month. The Community (ISC) ² is an open forum for members (ISC) ² and other security experts to connect, share best practices and help advance the cybersecurity profession.

"The members of (ISC) ² represent some of the best minds in the field of cybersecurity, and our new community provides a platform for them to collaborate directly on a wide range of issues, trends and job challenges," said (ISC) ² CEO David Shearer, CISSP. "It is very exciting to see so many cyber security professionals join the community in this way quickly and immediately begin to help each other in building careers, continuing their professional education, discussing the proposed cyber legislation and more." The community (ISC) ² It captures the pulse of the cybersecurity profession and offers a great understanding of the challenges and opportunities that security professionals face every day. "

The Community (ISC) ² is open to anyone interested in involving cybersecurity professionals in discussions related to cybersecurity, information, software and infrastructure. The main conversations so far include:

  •     Discussion of the new NIST passwords guidelines
  •     Share knowledge in the E.U. General regulation of data protection (GDPR)
  •     Tips to respond to the KRACK exploit to secure wireless devices
  •     Share best practices for vulnerability management
  •     Volunteer opportunities to educate children about cybersecurity

Join the conversation

Visit community.isc2.org to learn what the world's leading cybersecurity experts say about the latest security trends and the problems facing the profession.

About (ISC) ²

(ISC) ² is an international non-profit association dedicated to inspiring a safe and secure cyber world. Best known for the acclaimed Certified Security Systems Security Professional (CISSP®) certification, (ISC) 2 offers a portfolio of credentials that are part of a holistic and programmatic approach to security. Our membership, which has more than 125,000 members, is made up of certified computer security, cybernetics and IT professionals who are making a difference and helping us move forward in the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation: the Center for Cybersecurity and Education.


Wednesday, 13 September 2017

Cybersecurity Certification Mega Bundle, Save 93%


We have a large amount in the Mega cyber security certification package at the Geeky Gadgets Deals store today.

The Mega Bundle cyber security certification package is available in our shop for $ 69, a 93% savings over the regular price.

Cybersecurity is a booming business these days after several high-profile hacks and data dumps. As such, qualified security experts are in demand, and you can work to get into this high paying industry with this extensive course that covers study materials for three elite certification exams. Aligned to ISACA, this training will prepare you to attend the CISA, CISM and CISSP certification exams so you can take advantage of your learning in a new career.


  •     Study for CISA, CISM and CISSP certification exams
  •     Understand information security audits, assurances, guidelines, standards and best practices.
  •     Improve your understanding of IS audit processes
  •     Develop the experience to manage, design, monitor and evaluate the security of a company's information
  •     Define the architecture, build and maintain a secure business environment using globally approved   Information Security standards

Monday, 12 June 2017

How to Pass: CISSP Practice Exam


Taking a certification exam of any kind is a commitment, it requires time and money, none of which you want to lose. For those serious about taking the CISSP exam, you will want to make sure you pass on the first try. This publication will offer guidance and reviews as well as a tool to help you succeed in obtaining your certification: The CISSP practice exam.

We have seen many talks in forums surrounding useful study tools and we want to offer you some tips.

Trust is key

    Although I suspected that I was doing well on the exam, as I grew more psychologically exhausted, the doubt began to creep in ... GREAT TIME. By the time I finished reviewing my marked questions, I thought I should not put my hopes up. When I clicked the finish button and did not immediately get my score, my heart sank. In the back of my mind I had already given up studying another 8 weeks and then tried the exam again. But, when I got to the front desk I got the paper. PAST! Woot, Woot!

    It was almost like taking some different exams combined into one. Some questions were surprisingly clear with only an obviously-correct response. While other questions appeared to be from a completely different examination, where the questions were much less clear with three out of four answers could be correct. Many were the type of "think like a C-Level" I had read, while other questions obviously wanted you to think like a coach ... Fortunately, it was quite obvious what role you were expected to play in a particular matter , At least for me.

    Another thing I want to mention though it might have been just my perception changing as I felt more and more mentally fatigued, but the questions seemed to be a bit more difficult as the test progressed. I swear the first 100 questions looked like something you might see in the + safety exam, but later in the exam things seemed to be much more difficult. Mind Trick? I do not know, but I wanted to mention it.

        Brchap, Member of Cybrary

For the complete review of this test and the study materials used to pass, read the full post here.

It seems however, the most important to bear talk about the design of the exam. The CISSP is an extensive test, obviously designed to force the examiner and push beyond a simple scenario of questions and answers.

Entering the test with confidence after having prepared the best of your skills is the best way to tackle such a rigorous examination. Do not let a test go into your head. You know what you have prepared and what you have not prepared. That's why a practice exam is so valuable.

What is a practice exam?

With the CISSP practice exam, you gain 6 months of access to a world of information that can help you succeed in the exam, including analysis of your strengths and weaknesses. This hands-on exam has some options available to improve your learning experience:

    Customize your test experience by configuring your practice exam to fit your specific study needs. Select items by test objective, set study preferences, and control how your responses are accessed.

    Select presets. These exams are done to provide a test experience similar to a real test environment. They are timed and filter questions like the certification exam. This option will help you determine your preparation for the certification exam.

    Flashcard review allows you to review concepts in a self-rated and unlimited environment. With hundreds of questions, these premade flashcards will help you understand the concepts covered in the actual certification exam.

How will it help me?

If used correctly, the CISSP practice exam will help you pass because you will ultimately be given a simulated exam in the same format with the same time as a real exam. Often, we are not accustomed to taking a test this way, so it helps us to feel comfortable that the material, not the environment, is the focus. Everything comes back to trust.

Likewise, you will get specific feedback to the subject areas that need improvement so you can spend time reviewing what you do not know rather than wasting time reviewing all the content.

We recommend first passing the exam in the evaluation mode (option 2, as mentioned above) to see what you know and do not know to go to the exam. Then use options 1 and 3 to drill down into specific topics that need improvement. Finally, go through Option 2 as many times as necessary until you are comfortable entering the actual test.

Transcender CISSP Practice Exam Reviews

    [I] paid 4k for a CISSP Training Boot Camp and it was a waste of money ... I stayed in class and listened to absurd nonsense about things I already knew! By the middle of the second day I left and bought a 30 day Transcender license to CISSP and studied for 4 days and took the exam as scheduled. I can not say it was an easy test ... but Transcender got me familiar with the basic reasoning to understand what they were asking for. I have to say that I will use these to get the role of a few others that will enhance my stature in today's IT world. Transcender is the best !!

        J.S.

    Transcend picks up where even the best CISSP books leave out - and then blows away. I found the exam simulations to be a great preparation for the real thing. The exams covered all concepts thoroughly and perfectly mimicked the real test environment. I also found their answer explanations to be better written than any I've found in those $ 50.00 books. When people ask me what I did to pass the test, I tell them: "I got the Transcender.


Where can I get mine?

An ISC2: Certified Information Systems Security Professional (CISSP) practice exam is available in the new Cybrary market. You can find here additional study materials for this exam and a variety of others there as well.

Tuesday, 26 January 2016

Why Cybersecurity Certifications Matter Or Not

Cybersecurity certification qualifications are becoming the norm in many job descriptions today as organizations seek quantifiable ways of measuring prospective employees’ expertise. However, certification alone should not be the yardstick in determining how well a potential candidate will fit into an organization. At the end of the day, experience as well as certification should be the criteria for hiring most security professionals, experts say.


Security certifications cover a range of disciplines and emerging security trends, from cloud computing to secure software coding to overall security management. So security professionals should have a grasp on where they want to take their careers as they try to determine what credentials are right for them.

Philip Casesa, director of product development and portfolio management with (ISC)², says certification validates that a security professional has a specific set of skills and capabilities. For human resources managers, certification provides a screening mechanism to match potential candidates with the skills, knowledge, and experience an organization is looking for in a security professional, he says.

Certification can also mean more dollars for a security professional. According to The 2015 (ISC)² Global Information Security Workforce Study, security professionals with certifications generally are paid $25,000 more than professionals who did not have certifications.

“Collectively, the average annual salary among the security professionals surveyed was $97,778. Differences between (ISC) ² members and other security practitioners exist. Non-member security practitioners reported an average annual salary of $76,363. The salaries among security professionals with an (ISC) 2 membership averaged $103,117 annually, a 35% premium over non-members,” according to the survey of 14,000 security practitioners globally.

The study did not drill down on the benefits of a specific certification over another, Casesa says. “Talking about what makes one certification more valuable than another really gets into what you want as a professional or what an organization is looking for,” he says.

Companies such as Cisco, Microsoft, and Oracle, for example, offer certifications specific to their products, to help ensure that professionals are qualified to install and maintain the products. And while those certifications are limited to specific products, that may be enough for an employer who wants those specific skills.

(ISC)² provides vendor-neutral certifications that focus on principles, knowledge, and capabilities associated with information security, Casesa says. (ISC)² provides two key certifications:  the Certified Information Systems Security Professional (CISSP) and Systems Security Certified Practitioner (SSCP) for information security professionals, as well as certification in areas such as information security, system security, authorization, software development, digital forensics, and healthcare.

Other certification organizations include ISACA, which defines the roles of information systems governance, security, and auditing for information assurance professionals worldwide; the Cloud Security Alliance, which partners with (ISC)² on cloud computing certification; the E-Council, which offers an ethical hacking credential; and the SANS Institute, which offers testing and validation for secure software coding and penetration testing.

All of the various security certifications are compatible, but cover different security aspects and expertise. “Depending on what role you are looking for and where you want to take your career will determine what credentials are right for you,” Casesa says.

Certification a double-edged sword?


However, certification alone is not the answer. What about professionals who pass the tests and earn the certs but still do not have the experience and qualifications to handle today’s security threats?

“Certification is a good thing. There’s nothing wrong with having certification,” says Muneer Baig, president and CEO of security consultancy SYSUSA. Baig, who holds at least ten certifications, says that having certification as the only benchmark to validate a professional’s skills and knowledge, which seems to be a common occurrence these days given the computer talent shortage, is just wrong. 

Anyone with a good memory and who is a good absorber of text will be able to pass the CISSP exam because it covers what is in the CISSP book and study materials, Baig says. Even so, it is not an easy exam: it takes at least six hours and includes 250 questions.

“You are asked the same questions but in different ways to make sure you know what you are talking about. Having knowledge of the industry helps significantly,” but a good reader stands a good chance of passing the exam, he notes.

Baig says he has come across people without certifications who have experience and are more knowledgeable about security than some people who are certified. Therefore, to measure how well a person might perform on the job, you need a combination of certification and a person has validated qualifications, Baig says. "Any other way is a risk," he says.

“I don’t have a CISSP, but I have an undergrad and Masters [degree] in computer security and a graduate certificate in computer security,” says Adam Vincent, CEO of ThreatConnect, a developer of enterprise intelligence solutions. “However, I have a strong academic foundation and I did the job of a CISSP for eight- to 10 years, so I have the experience on the job of running security programs.”

Vincent says he would have learned some new things going through the CISSP program. The goal is to look at certification as a person’s academic foundation, which says that they can learn, memorize, and hopefully, remember most of what they learned when they come into your company. “But at the end of the day you have to look at what they have done and are capable of based on their experience,” Vincent says.

Casesa says aside from the test element to certification exams, security professionals have to demonstrate auditable experience in the areas they are being tested in. For instance, in the case of CISSP, they need five years of paid full-time work experience in two of the eight domains of the CISSP Common Body of Knowledge (CBK), which covers critical topics in security including risk management, cloud computing, mobile security, application development security, and more.

Moreover, in order to maintain their certification, professionals have to continue education and work in the security profession or the certification can be revoked, Casesa says.

“We consider certification really a lifetime commitment,” he says. Certification says, “you have made a commitment to your industry, your profession, and your career, and it will endure as long as the letters [certification acronyms] are on the other side of your name.”