security.crudtastic.com

Well, I guess it had to happen. Seeing as I just passed the CISM exam I’ve decided to go and do the CISA exam. All in all I probably should have done it the other way round .. but where I worked they thought it would be more beneficial if I did a CISM. They could be right .. I’m not too convinced though.

So I signed up today to sit the June 2009 exam, got myself a copy of the study guide and the practice questions database. I don’t believe I’ll have much trouble with this one, it all looks pretty straight forward and it’s stuff that I do everyday at work.

I’ll maybe get a copy of the CBT Nuggets prep stuff, it was pretty handy to have when I did the CISM .. I put a copy of all the video files onto my iPhone so I could watch them while I was at the gym. I guess I used a similar technique as when I was studying for the CISSP exam, I bombarded myself with information at all times (just hoping that some of it would stick), it’s kind of like that episode of the Simpsons when Homer gets the subliminal tapes t listen to while he’s sleeping (only mine aren’t a weight loss tape).

I’ll put all my notes up on zoho again as a few people have found it useful.

Anyway .. more news as I get my stuff and start actually doing some study (at least I’ll make sure I don’t leave it all till the last minute).

Peace out nerdlingers!

Update 2: Got my results back finally. I passed with flying colours! Turns out one of the guys sitting the CGEIT was actually from my office (new hire in the Audit/Risk team). I will at some stage come back and write up a study guide (seeing as the exam is only twice a year I have a bit of time to put it up).

Update: Hey all … just a real quick update. I sat the CISM exam yesterday. It was as I expected, not too easy, not too hard .. Will I pass?? Who knows (I have to wait for 2 months to find out though). There was about 20 people taking various ISACA exams, 2 were for the CISM, 2 were for the CGEIT, and the rest were doing CISA (I kinda wish I’d done a CISA now – but i’ll do that one in June I think). All in all it was a very similar experience to the CISSP exam (as in the examination process), 200 multiple choice questions in 4 hours. There was no big stand outs for me … just a couple of really trick questions, and some questions I had no idea about what so ever (eliminate all stupid answers and took and educational guess). Anyway .. I’m off on holidays now, away from all computers. I might make a post when I get back on my whole study plan etc for the exam and some deeper thoughts, hopefully it’ll help someone out in the June exam!

Well, I’ve been pretty quiet over the last few weeks (or is it months, I can never really tell). There’s the usual Christmas rush, I’m sure all companies go through it .. you shut down for Christmas so everyone is in a rush to get all the things they’ve put off for the year done before THEY go on holidays! Anyway, this year I did things a bit smarter this year, I’ve taken some time off during that busy rush period (hahah suckers) so I can study for my CISM exam (the actual exam is on the 13th of December) .. then have a week off .. then back to work just as everyone is leaving to go on holidays.

Anyway .. as I said earlier I’ll be sitting my CISM exam in the coming weeks, so i’ve been furiously studying to get ready (and I really think i’m well prepared for this exam). I’ve been using this great little collaboration site (zoho.com) to keep all the notes i’ve taken while I was studying for future reference, and to help anyone else out. They are by no means a complete study guide that will prepare you and get you through an exam .. but they could be good as a quick reference while you’re studying.. or back at the office or something.

Click here for the CISM study notes

I hope this helps someone out there .. like I said, it’s more for my own personal reference at a later more than anything. As with any exam you should always try and get the official study material (it’s not always possible, I had such a hard time when I was studying for my CISSP exam .. and as soon as I did the exam I saw the official study guide in every bookstore i went to), and if you really struggle with getting your head around things hit a bootcamp or knowledge session or something.

Hopefully i’ll be able to update this post in a few weeks with news that i’ve passed (or maybe failed – booo). WhenI pass i’ll try and do another post with some helpful study tips. Keep in mind that ISACA only do the exams every 6 months – plenty of time to get ready for the next exam

So, things are a bit quiet at the moment. I’m just having a bit of a break before I gear right up for the December CISM exam (click on the image to go to the ISACA website). Not a lot has been happening really.

I will be mentoring a Security Essentials course in Brisbane next Feb for all those people who can’t attend a SANS event. Hopefully everything will go off without a hitch, and I should have all the students pumped up and excited about security .. and ready to sit their GIAC GSEC Exam.

Microsoft TechEd Australia is coming up very soon (a week or so away I think – best check travel and accomodation) down in Sydney. I’m going to go along and do the security track, but like every TechEd, I’m sure i’ll end up ditching some of those lectures for some of the ones that demostrate the cool new stuff they’re working on.

Anyway, that’s all for now. Just thought I should at least put an update on here.