- The CISSP is a "mile wide and an inch deep." Don't learn everything. Focus on concepts. Only exception to this rule is Crypto and Physical security. Memorize that stuff.
- The easeiest way to understand the test is to follow the domain structure and use it as a mental scaffolding with which you hang knolwedge.
- I used a version of this book: https://www.amazon.com/Official-ISC-Guide-CISSP-Press/dp/1482262754
- Reading the book is super dull and you will hate yourself if you try and read cover to cover. In fact just about every review says the same thing. The point they miss is that this book has EVERYTHING YOU NEED. That's why you should not read it all.
- Take out some paper, open the book and go through each domain creating an outline of the domain > paragraph headings > 3-5 spaces for bullet points.
- Leave the spaces for later. You can fill it in after your first practice exam.
- After I completed outlining the book, I took a full 150 question practice e
Ben Pruce BatteryCandy
BatteryCandy
/ CISSP-Study.md
Created
November 8, 2019 14:06
BatteryCandy
/ gist:f5d89fa2366ff9a82e8c694b3e22a341
Created
November 19, 2019 22:37
Run cloudmapper against all accounts, rename each file and create an index.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| profile=$(awk '/\[/ {print $2}' ~/.aws/config | sed 's/.$//') | |
| profiles=( $profile ) | |
| for i in "${profiles[@]}" | |
| do | |
| python3 cloudmapper.py iam_report --account $i | |
| mv ./web/account-data/iam_report.html ./web/account-data/iam_report_${i}.html | |
| done |