[Cisspstudy] Exam strategy
tka4ov at inbox.lv
tka4ov at inbox.lv
Sat Jan 16 11:36:08 EST 2010
Hi all,
just got "congratulations..." letter from ISC! Thank you Clement, and
the rest of the crew for providing this great resource. It really
helped me A LOT! To "give back to the community", I would like to
share my exam strategy. I am not going to talk about preparation for
the exam, because the topic was discussed so many times here...
Exam was physically hard for most people. You have to stay focused
for 6 hours (I used all 6 hours to complete 250 questions).The exam
strategy taught me by my collegue saved me.
1. Until the day before the exam, DO study hard!
day before the exam...
2. Try to not overload yourself with the last-minute reading. If you
want to refresh memories, reserve 1 hour in the morning and go trough
study cramm (prepare it yourself). Do not read more! You have done
everything you could, nothing will make difference now.
3. Go to bed at 21.00 latest. But just before that take a walk to the
place where you are going to take the exam, it will help you to sleep
better, and to avoid panic in the morning.
4. Sleep well!
on the day of the exam...
5. Wake up and have some carbohydrates for lunch. They will give you
power for the rest of the day (marathon runners eat that to stay in
concious). Muesly are great! Drink green (herbal) tea. Do not overeat.
6. Arrive in advance, check in, sit down.
7. If proctor will offer to visit the facilities, DO SO. It will save
you those 5-10 minutes, that are so much needed at the end.
exam starts...
8. 6 hours, 250 questions + filling the answer sheet (do not
underestimate it!). Make roughly 45 questions per hour. If you do
that, you will have 225 in 5 hours. That will leave you 1 hour to
complete 25 questions and draw 250 circles on answer sheet (quite a
task)
9. Have 3 breaks! It was hard for me to sit still for 6 hours. I have
started to lose concertration after second hour. So I did 5 minutes
break. Had a banana (easy to digest, tastes good) and had a zip of
HERBAL tea from a thermo-cup I brought with me.
10. Next pause after 4th hour. Have 10 min break - green tea/ mineral
water. Bread +cheese +salad. No heavy stuff!
11. Last 5 min pause after 5th hour. EAT SUGAR! It will give you
boost of energy for the last hour. Drink licozade, coca-cola, BLACK
tea. Have a snickers or twix. Remember Rocky Balboa! This is the last
round. After intake of sugars, and the last hour of work you will be
deadly tired, but it doesn`t matter, because this is the last hour of
exam. Do your best!
after exam...
12. Welcome to the month of pain! You have to forget about the exam
and just wait. It is hard, but do NOT write to ISC asking how you did.
Do not schedule another exam, thinking that you have failed for sure.
Everything you can do now is just wait. This was the longest month of
my life :)
Tips:
a. Work with booklet, not answer sheet. Read the question, draw minus
next to two options that are obviously wrong, if you can answer now -
circle the right one. If not, do not stop on the question - go to the
next one.
b. underline the important words. It will help when you come back to
the question for review.
c. when transferring your questions to the answer sheet. BE CAREFUL!
One mistake can make you fail miserably.
*
Do not start your exam by drinking coca-cola or eating chocolate
bars. They are just giving you temporary boost, that will end, and
you will fall asleep after hour.
e. Study hard! The exam is difficult, and you have to know a lot! I
know smart guys that failed to become CISSP. Start studying in
advance, if you are starting 2 month before exam – you are trowing
your money away.
Thanks for reading, I hope it will help someone!
P.S. Sorry for mistakes, I am not native speaker and rely heavily on
MS office spell checker.
 
Quoting cisspstudy-request at cccure.org [1]: Send cisspstudy mailing
list submissions to
cisspstudy at cccure.org
To subscribe or unsubscribe via the World Wide Web, visit
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
or, via email, send a message with subject or body 'help' to
cisspstudy-request at cccure.org
You can reach the person managing the list at
cisspstudy-owner at cccure.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of cisspstudy digest..."
Today's Topics:
1. Question on IDS (Saurabh Bhargava)
2. Re: Question on IDS (Jef A.)
----------------------------------------------------------------------
Message: 1
Date: Fri, 15 Jan 2010 16:52:29 +0530 (IST)
From: Saurabh Bhargava
To: The CISSP Study Mailing list
Subject: [Cisspstudy] Question on IDS
Message-ID:
Content-Type: text/plain; charset="utf-8"
Hello Everyone:
Need your thoughts on below question:
1. which of the following is the is a weakness of both statistical
anomaly detection and pattern matching
A. Lack of learning model
B. inability to run in real time
C. Requirement to monitor every event
D. Lack of ability to scale
I think answer is C but author says its A.
My reasoning - Statistical IDS creates a profile of ?normal? and
compares activities to this profile. For that, its put in leaning mode
and if an attack was happening during "learning" mode, it may go
undetected in production environment as well.
Pattern matching depends on signatures so may not be able to pick up
"zero day" attacks.
Thoughts pls?
cheers, SB
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
------------------------------
Message: 2
Date: Fri, 15 Jan 2010 08:23:10 -0500
From: "Jef A."
To: The CISSP Study Mailing list
Subject: Re: [Cisspstudy] Question on IDS
Message-ID:
Content-Type: text/plain; charset="windows-1252"
This question confused me a bit also but this is my reasoning for
choosing
C. I was immediately able to rule out choices B & D because they
just didn't apply. In regards to answer A i considered the idea
that
statistical anomaly detection is actually learning by comparing
current
activities to behavior that it believes to be normal. Pattern
matching
doesn't learn at all because it is only looking for a specific
pattern, it
is not capable of finding any deviations from that pattern. However
the
requirement to monitor every event is something that both devices
must do
and i guess they are considering it a weakness.
i am curious to here what others have to say about this questions.
On Fri, Jan 15, 2010 at 6:22 AM, Saurabh Bhargava
wrote:
>
> Hello Everyone:
>
> Need your thoughts on below question:
>
> 1. which of the following is the is a weakness of both statistical
anomaly
> detection and pattern matching
>
> A. Lack of learning model
> B. inability to run in real time
> C. Requirement to monitor every event
> D. Lack of ability to scale
>
> I think answer is C but author says its A.
>
> My reasoning - Statistical IDS creates a profile of ?normal? and
compares
> activities to this profile. For that, its put in leaning mode and
if an
> attack was happening during "learning" mode, it may go undetected
in
> production environment as well.
>
> Pattern matching depends on signatures so may not be able to pick
up "zero
> day" attacks.
>
>
> Thoughts pls?
>
> cheers, SB
>
>
>
>
> _______________________________________________
> cisspstudy mailing list
> cisspstudy at cccure.org
> http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
------------------------------
_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
End of cisspstudy Digest, Vol 19, Issue 9
*****************************************
-- Tavs bezmaksas pasts Inbox.lv
Links:
------
[1] mailto:cisspstudy-request at cccure.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20100116/c4bd278d/attachment-0001.html>
More information about the cisspstudy
mailing list