Posts

What to expect in SSCP exam?

Image
It’s the D-Day and you are ready for the exam. Days of hard work will now be put to test. You have prepared hard and are ready to take the exam. So what to expect in SSCP exam? Read on to find out. Quick Pointers: Check you have kept 2 identification cards. The ID cards must have a signature on them. One of them must be an address proof. You have the booking confirmation from Pearson Vue. Reach the center 30-40 minutes in advance. Attempt all questions. The wrong answers don’t count against you. Know Your Enemy SSCP is a 3-hour long exam offered by (ISC)2 . It has 125 questions which are based on 7 domains.  Following are the domains along with their weight: 1. Access Controls (16%) 2. Security Operations and Administration (17%) 3. Risk Identification, Monitoring, and Analysis (12%) 4. Incident Response and Recovery (13%) 5. Cryptography (9%) 6. Network and Communications Security (16%) 7. Systems and Application Security (17%) Many peo

What to expect in CISSP exam?

Image
It’s the D-Day and you are nervous… Your heart is beating fast or you are extremely calm. You are just having nice thoughts or extremely petrified as to what will happen in the exam. Everyone faces unique challenges in preparing for the exam. Now that you have done the preparation and revision and are ready to face the beast; read on to find out what ammunition you need to slay this beast…  Know Your Enemy Much is available on blogs and ISC2 website detailing what will be the CISSP exam all about. You will have 250 questions to be answered in 6 hours. Many argue that CISSP is not that tough as people portray it. It's only who has experienced this exam can share the real challenges of this exam.  So here are the real challenges which I faced: Vastness – It is rightly said “CISSP is an inch deep and mile wide” exam. The enormity of the domains and the material associated with is huge. But hey, you have already prepared and are appearing for the exam. So why to

How to Pass SSCP Exam in the First Attempt

Image
Systems Security Certified Practitioner (SSCP) exam is offered by (ISC)2 . When I prepared for this exam, there was hardly any material for preparation or blog posts to help me understand the experience of this exam. In this blog post, I will try to explain to you how to study for this exam and the experience of this exam.  Before I begin, let me congratulate on your journey to becoming an SSCP. Although this certification may not be highly recognized as the CISSP certification, still it shows your employer and the world that you are really interested to pursue your career in this field. You become a practitioner in this field. What is SSCP? You would like to read CISSP vs SSCP in case you want to have a comparison between the exams. SSCP is a 3-hour long examination having 125 questions. You are required to score a minimum of 700 out of 1000. 25 questions are not graded as they are research oriented questions. It is important to note that since these questions are

CISSP vs SSCP Certification

Image
                                      Basis CISSP SSCP Offered by ISC2 ISC2 Length of the exam 6 hours 3 hours Number of questions 250 125 Question Format Multiple choice + Drag & Drop + Hotspot Questions Multiple Choice Questions Passing Grade 700 out of 1000 700 out of 1000 Exam Availability English, French, German, Brazilian Portuguese, Spanish, Japanese, Simplified Chinese, Korean, Visually impaired English, Japanese, and Brazilian Portuguese Testing Center Pearson VUE Testing Center Pearson VUE Testing Center Number of Domains 8 7 Domains ( Weightage) 1. Security and Risk Management (16%) 2. Asset Security (10%) 3. Security Engineering (12%) 4. Communications and Network Security (12%) 5. Identity and Access Management (13%) 6. Security Assessment and Testing (11%) 7. Security Operations

[Opinion] Will Machine Learning in Cyber Security open a Pandora’s Box?

Image
Machine Learning is the buzz word nowadays. Huge numbers of courses on machine learning have mushroomed online and companies are running after professionals who are an expert in that. As per Udacity , which has developed a course on machine learning in collaboration with Google defines it as “Machine learning represents a key evolution in the fields of computer science, data analysis, software engineering, and artificial intelligence.” Wiki , however, explains it in a better manner rather than just throwing jargons. It says that machine learning gives "computers the ability to learn without being explicitly programmed.” Much understandable!! In simpler terms, computers start learning processes and develop a deduction capability rather than just perform what it is programmed to do. When such machines are made to learn to defend our networks and organizations from an information security point of view,  good and bad things will happen. Read on.... Acc

Quick Tips for SSCP Exam

Image
Let me say “All the best” to you, before I start giving you tips for the SSCP exam. These tips are not mandatory to follow, but will surely help you to manage and crack the exam. Systems Security Certified Practitioner (SSCP) is a three-hour long exam which contains 125 questions. You can call this as the younger brother of CISSP. I gave this exam in July 2014 and passed in the first attempt. You have to schedule an exam through (ISC) 2  website which further takes you to booking the exam at a Pearson Vue center. Reach the exam center approximately 45 minutes in advance before your scheduled time. This will help you to settle down. Start early so as to reach early rather than waiting on the way thinking whether you will reach on time or not. When you will reach the Pearson Vue center, you will be given a set of instructions to read. These instructions are different from the NDA to be signed for the SSCP exam. In case you have any queries regarding the instructions, f

What is CIA?

Image
The Three Pillars – CIA Anything in Information security ultimately boils down to ensuring that either or all of three pillars is ensured. These three pillars are – Confidentiality, Integrity, and Availability. It is thus extremely important that you understand the meaning of these terms. From an exam perspective, a lot many questions will be focused on identifying the following: Which of three pillars is violated? Which of the three pillars is ensured if a certain action is taken?   What will a certain control ensure to provide or protect? Even from an organizational perspective, all the policies, procedures, standards and guidelines are made to ensure that the three pillars of information security are catered for. So, let’s understand these concepts now. Before I begin, let’s be very clear that I’m not going to write down the definitions provided by any agency or organization. You can get them in any book and they are mostly as clear as mud. It

[Opinion] Its High Time ….

Image
The recent spate of cyber-attacks has served as an eye opener for many organizations and individuals. Organizations which were using unpatched software had no security teams, no incident response policy and procedures etc. clearly were the ones who had to bear the maximum brunt of such attacks. There were many who did not get affected as they took the right steps at the right time and gave due importance to security and security teams in their organization. Lots of points mentioned below have been long debated in organizations. But it’s high time that they are taken seriously and religiously implemented. CISO/CSO should be a part of Board Meetings In most organizations, security is still considered an IT job. The CSO reports to either the CIO or admin head or some senior business person. The organizations mostly appoint a CSO just to ensure that regulatory compliances (in some countries) are taken care of. They are really not interested in considering