Showing posts from 2017

Launch of CISSP Computerized Adaptive Testing (CAT)

(ISC) ² has introduced Computerized Adaptive Testing (CAT) for all English CISSP exams worldwide beginning 19th Dec 2017.
Important Points:
1.The exam outline remains the same. You do not need to change any reading or study material. 2.The exam time has been halved. The exam is now 3 hours long and not 6 hours. 3.No of questions have been reduced to 125 from 250. [ 25 questions are for research purposes. They will not be explicitly marked. ] 4. The CAT is only for English CISSP takers. No change in other languages. 5.The exam cost (699 USD) and the retake policy remains the same.
How will it work?
Each candidate taking the CISSP exam will start with a question that is well below the passing standard. Based on your response, the scoring algorithm will present you with a more difficult question if you answered the previous question correctly or an easy questions if you answered the previous question incorrectly. The computer will try to judge your ability and knowledge based on your responses a…

Launch of Practice Questions

It has been some time since I have written on my blog. I was thinking of how to help all the aspirants of these exams. When I prepared for the SSCP and the CISSP exams, I found that there was a dearth of FREE practice questions on the internet.
Hence, it is a humble attempt by me to ensure that you get a lot of practice questions to practice for FREE. I have not segregated the questions by any exams. It is imperative that you attempt the question irrespective of the fact that whether it is easy or difficult. The practice questions will be updated every week.

Looking forward to your support and comments to improve the content on this website.

I'm also working on the video course for SSCP which will be uploaded in a few days.

What to expect in SSCP exam?

It’s the D-Day and you are ready for the exam. Days of hard work will now be put to test. You have prepared hard and are ready to take the exam. So what to expect in SSCP exam? Read on to find out.
Quick Pointers:
Check you have kept 2 identification cards.The ID cards must have a signature on them. One of them must be an address proof.You have the booking confirmation from Pearson Vue.Reach the center 30-40 minutes in advance.Attempt all questions. The wrong answers don’t count against you.
Know Your Enemy
SSCP is a 3-hour long exam offered by (ISC)2. It has 125 questions which are based on 7 domains. 
Following are the domains along with their weight:
1. Access Controls (16%) 2. Security Operations and Administration (17%) 3. Risk Identification, Monitoring, and Analysis (12%) 4. Incident Response and Recovery (13%) 5. Cryptography (9%) 6. Network and Communications Security (16%) 7. Systems and Application Security (17%)
Many people are experts only in 1 or 2 domains. It is important to unders…

What to expect in CISSP exam?

It’s the D-Day and you are nervous… Your heart is beating fast or you are extremely calm. You are just having nice thoughts or extremely petrified as to what will happen in the exam. Everyone faces unique challenges in preparing for the exam. Now that you have done the preparation and revision and are ready to face the beast; read on to find out what ammunition you need to slay this beast… 
Know Your Enemy
Much is available on blogs and ISC2 website detailing what will be the CISSP exam all about. You will have 250 questions to be answered in 6 hours. Many argue that CISSP is not that tough as people portray it. It's only who has experienced this exam can share the real challenges of this exam. 
So here are the real challenges which I faced:
Vastness – It is rightly said “CISSP is an inch deep and mile wide” exam. The enormity of the domains and the material associated with is huge. But hey, you have already prepared and are appearing for the exam. So why to talk about it now? The …

How to Pass SSCP Exam in the First Attempt

Systems Security Certified Practitioner (SSCP) exam is offered by (ISC)2. When I prepared for this exam, there was hardly any material for preparation or blog posts to help me understand the experience of this exam. In this blog post, I will try to explain to you how to study for this exam and the experience of this exam. 
Before I begin, let me congratulate on your journey to becoming an SSCP. Although this certification may not be highly recognized as the CISSP certification, still it shows your employer and the world that you are really interested to pursue your career in this field. You become a practitioner in this field.
What is SSCP?
You would like to read CISSP vs SSCP in case you want to have a comparison between the exams. SSCP is a 3-hour long examination having 125 questions. You are required to score a minimum of 700 out of 1000. 25 questions are not graded as they are research oriented questions. It is important to note that since these questions are not graded, you need …

CISSP vs SSCP Certification

Basis CISSP SSCP Offered by ISC2 ISC2 Length of the exam 6 hours 3 hours Number of questions 250 125 Question Format Multiple choice + Drag & Drop + Hotspot Questions Multiple Choice Questions Passing Grade 700 out of 1000 700 out of 1000 Exam Availability English, French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean, Visually impaired English, Japanese, and Brazilian Portuguese Testing Center Pearson VUE Testing Center Pearson VUE Testing Center Number of Domains

[Opinion] Will Machine Learning in Cyber Security open a Pandora’s Box?

Machine Learning is the buzz word nowadays. Huge numbers of courses on machine learning have mushroomed online and companies are running after professionals who are an expert in that. As per Udacity, which has developed a course on machine learning in collaboration with Google defines it as “Machine learning represents a key evolution in the fields of computer science, data analysis, software engineering, and artificial intelligence.”
Wiki, however, explains it in a better manner rather than just throwing jargons. It says that machine learning gives "computers the ability to learn without being explicitly programmed.” Much understandable!! In simpler terms, computers start learning processes and develop a deduction capability rather than just perform what it is programmed to do.
When such machines are made to learn to defend our networks and organizations from an information security point of view,  good and bad things will happen. Read on....
According to an article published in Te…

Quick Tips for SSCP Exam

Let me say “All the best” to you, before I start giving you tips for the SSCP exam. These tips are not mandatory to follow, but will surely help you to manage and crack the exam.
Systems Security Certified Practitioner (SSCP) is a three-hour long exam which contains 125 questions. You can call this as the younger brother of CISSP. I gave this exam in July 2014 and passed in the first attempt.
You have to schedule an exam through (ISC)2  website which further takes you to booking the exam at a Pearson Vue center. Reach the exam center approximately 45 minutes in advance before your scheduled time. This will help you to settle down. Start early so as to reach early rather than waiting on the way thinking whether you will reach on time or not.When you will reach the Pearson Vue center, you will be given a set of instructions to read. These instructions are different from the NDA to be signed for the SSCP exam. In case you have any queries regarding the instructions, feel free to ask the pr…

What is CIA?

The Three Pillars – CIA
Anything in Information security ultimately boils down to ensuring that either or all of three pillars is ensured. These three pillars are – Confidentiality, Integrity, and Availability.

It is thus extremely important that you understand the meaning of these terms. From an exam perspective, a lot many questions will be focused on identifying the following: Which of three pillars is violated?Which of the three pillars is ensured if a certain action is taken?What will a certain control ensure to provide or protect?
Even from an organizational perspective, all the policies, procedures, standards and guidelines are made to ensure that the three pillars of information security are catered for. So, let’s understand these concepts now. Before I begin, let’s be very clear that I’m not going to write down the definitions provided by any agency or organization. You can get them in any book and they are mostly as clear as mud. It is important to study these definitions too, how…