Documents that an ISSE Should Know

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
5 hours 58 minutes
Difficulty
Intermediate
CEU/CPE
6
Video Transcription
00:00
>> Welcome back to Cybrary ISSE course,
00:00
I'm your instructor, Brad Rhodes.
00:00
Let's look at the documents that an ISSE should know.
00:00
We're going to talk through the NIST series again.
00:00
We're going to highlight the IATF,
00:00
so that's the Information Assurance Technical Framework.
00:00
Now we're going to talk about the CBK,
00:00
the Common Book of Knowledge.
00:00
The NIST series we just went through,
00:00
but it's important to look at them again.
00:00
You should, as you're preparing for
00:00
the ISSEP concentration exam, know these guides.
00:00
I'm not saying to know them in extensive depth,
00:00
but you need to go through them at least
00:00
once before you sit for the exam.
00:00
Because again, there's so many pieces of
00:00
materials that can be pulled out of for the ISSEP exam,
00:00
and a lot of those are coming from these guidances, why?
00:00
Just like everything else,
00:00
the organization that puts together
00:00
the CISSP and these concentrations ISC2,
00:00
they utilize the NIST standards
00:00
because in general they're the best things going.
00:00
You need to be aware of and know the materials
00:00
that come from each of these particular guides.
00:00
[NOISE] The IATF,
00:00
the Information Assurance Technical Framework written
00:00
by the National Security Agency in 2002?
00:00
Yes, it is an older reference.
00:00
You should be aware of it.
00:00
You should also study
00:00
these two particular chapters. These will help you.
00:00
These will give you ideas, insights,
00:00
contexts for the ISSEP content, in particular.
00:00
The vast majority of what we see in terms of
00:00
ISSEP processes today are found in Chapter 3,
00:00
Information System Security Engineering Process,
00:00
and that's where a lot of that material comes from.
00:00
The needs. All the way down to assessment,
00:00
comes directly from that guidance.
00:00
Then last but not least is, is there a book?
00:00
Yes, there is a book.
00:00
It is the book pictured here,
00:00
the official ISC guide to the CISSP-ISSEP CBK.
00:00
It is very old,
00:00
and when I see very old,
00:00
it's 14 years old as of the publication of this course.
00:00
It has not been rewritten.
00:00
There's a single version of it,
00:00
a single edition of it.
00:00
It is still the best thing
00:00
going for studying for the CISSP-ISSEP exam.
00:00
There's still copies available,
00:00
you can get a new copy,
00:00
used copies of various booksellers.
00:00
But I highly encourage you to get this particular book,
00:00
and I would also note
00:00
that one of the things that's great about
00:00
this book is it's got sample
00:00
exam questions at the back of it.
00:00
Now, these may not be the most up-to-date exam questions,
00:00
but they will get you into the context
00:00
of how questions are asked on the ISSEP exam,
00:00
so you definitely want to
00:00
have a copy of this book in your study.
00:00
Also it's a great book as
00:00
a reference on your shelf as an ISSEP.
00:00
In this lesson, we looked at the NIST series,
00:00
we talked about the IATF again
00:00
and highlighted the chapters of import.
00:00
Then we talked about the fact
00:00
that if you're studying and are
00:00
honestly going to sit the ISSEP concentration exam,
00:00
you need to purchase the official guidebook,
00:00
even though it is a bit old. We'll see you next time.
Up Next