Questions tagged [cissp]

CISSP is an abreviation for Certified Information Systems Security Professional. It is a certification offered by the International Information Systems Security Certification Consortium, AKA: (ISC)^2.

The CISSP is a widely recognized certification in the IT Security industry. Its requirements include:

Five years of security experience in relevant job roles.
- One year may be waived for having a four-year college degree, MS in information security, or certain other certifications.
- Candidates who do not meet this requirement may be certified as an "Associate of (ISC)²" for until they obtain the experience, up to six years.
Acceptance of CISSP Code of Ethics.
Potential audit of qualifications.
Completion of an exam, with an acceptable score.
Endorsement by a member of (ISC)² who is in good standing.

44 questions

votes

1 answer

CISSP Certification

Possible Duplicate: Good (preferably free) resource for CISSP practice questions I am currently reviewing and aiming for a CISSP certification on the fourth quarter of this year. I've been reading the late Tipton's official isc2 guide for the…

cissp

asked Jun 18 '12 at 13:22

John Santos

votes

2 answers

What's the difference between "access aggregation" and "authorization creep"?

I'm studying for the CISSP and am getting hung up on some terminology. Specifically, I'm confused on the difference between access aggregation and authorization creep. In both cases, it seems to me that an individual users are gaining more access…

cissp

asked May 06 '17 at 14:46

Mike B

3,458
4
32
42

vote

2 answers

What's a practical example of a Trusted Computing Base?

I'm studying for the CISSP exam and trying to wrap my mind around the concept of a Trusted Computing Base. Can someone provide a practical example? The recurring definition I see is that it's a "combination of hardware, software, and controls that…

cissp

asked Apr 26 '17 at 13:54

Mike B

3,458
4
32
42

vote

0 answers

What's a practical example of "declassification"?

I'm studying for the CISSP exam and trying to wrap my mind around the term "declassification". Can someone provide a practical example? I get that declassification is necessary once "an asset no longer warrants or needs the protection of its…

cissp

asked Apr 18 '17 at 14:04

Mike B

3,458
4
32
42

votes

1 answer

Is there a great cheap or free site for the CISSP exam?

CCCure is not free and many others that are recommended on the site are not free....any suggestions?

cissp

asked Feb 11 '15 at 19:19

Dizzy

votes

2 answers

How Anomaly Analysis is differentiating from Heuristic analysis

Taking a look at the discription of both kinds, orientation seems the same. while it isn't the same I can't figure the difference. In a Heuristic scan it looks for suspicious or malicious behaviors in a file, Anomaly analysis looks for anomalies in…

cissp

asked Apr 01 '20 at 15:39

inter

votes

1 answer

security related certificate

I work in cyber security r&d for several years. Meanwhile, I have obtained a CEH (Certified Ethical Hacker) certificate and a CISSP certificate. I wish to move to security industry instead of r&d environment as my next step plan. Thus, what kind of…

cissp

asked Sep 05 '18 at 01:52

TJCLK

votes

1 answer

Clarification on "data hiding" and how it applies to hardware?

I'm studying for the CISSP exam and one of the practice questions in my study guide has me a bit confused. The question is: Which of the following is NOT considered an example of data hiding? A. Preventing an authorized reader of an object from…

cissp

asked Apr 19 '17 at 13:38

Mike B

3,458
4
32
42