Posts Tagged ‘CISSP’

CPE tracker

Thursday, July 14th, 2022

If you are lucky enough, you are certified in some field. Very likely, you need to gather continuous professional education credit to keep the certification valid. Actually, not a bad thing in itself and it does make sense in fast-paced fields like technology.

However, if you have several certifications that you need to keep alive, then keeping track of your CPE credits can be challenging.

Enter the CPE tracker I put together. It’s free to use, obviously, but use it at your own risk.

Warning points:

  • Not all CPEs are equal. Please check with your certification organisation what is acceptable as CPE and what is not
  • Most organisations make a recommendation such as “in order to make re-certification achievable, please try to achieve <insert_arbitrary_number> CPE credits per year – this might differ per organisation and the CPE credit you can earn might differ as per definition
  • Same as with the recommended number of CPE credits per year, the cut-off date per 12-months cycle might not always be January 1st – keep this in mind

Here is the general usage:

  • Copy the 2021 and rename it to 2022, 2023, etc.
  • In the A column, enter the name of the CPE you earned, e.g. “Codecademy SecDevOps in Python”
  • In the B column in the same row, enter how many CPE credits this will give you, e.g. 3 (this might differ per organisation, see the warning points)
  • In the certification column, drop an x if you want to use the CPE with a certification. This will automatically add those CPE credits to the amount of credit you have earned for this certification
  • Most organisations require some CPE proof, like the upload of course completion certification. Once you complete the upload, you can set the UL column (stands for “upload”) to the y value from the dropdown field

Some features:

  • Left top indicates how many days are left in the current year, giving you a rough indication how much you will have to hurry.
    This is based on the Settings sheet and calculated using today’s date. The general settings is using January 1st of the next calendar year but obviously you can change that e.g. to August 1st
  • The CPE credit score is conditionally formatted in red until the score equals or becomes greater than the recommended CPE score per year, also in the Settings sheet
  • No macros are used or were harmed while making the sheet. If you are asked to activate macros, it’s not my original sheet, be very careful.

Download:

  • Zip file containing a LibreOffice Calc version and an Excel version

sha256 checksum:

shasum -a 256 CPEtrackerArchive.zip
e6370259b0be5015e85040ef5876fb5c1ee8ef94d0d323925c3f33b0e8e03629 CPEtrackerArchive.zip

Update 20220721:

Nothing like using your own tools…. I started tracking my own CPEs but also found a problem with the number of days calculation so I’ll fix that and upload the newer version. stay tuned.

CISSP-ISSMP – happy ….

Monday, July 11th, 2022

…. to report that I passed the exam last week. It’s been in the making a couple of months and I finally found the courage to take the plunge.

On the weekend, I sent in the endorsement and it will take a couple of weeks for (ISC)2 to process it, as usual.

Now with both those exams (ISACA CRISC and CISSP-ISSMP) finally (and successfully) behind me, I can move on to something new.

I’ve previously dabbled in some pentesting and I would like very much give OSCP a try while casually reading about and learning for the ISACA CDPSE. Let’s see how it goes and how far I can take it….

Update from 1 week later: Already processed by (ISC)2. All good. Certified. Yay me.

CISSP-ISSMP…. still WIP

Sunday, May 15th, 2022

I’ve been working at this for a while…. I got a paid self-study course which I finished but access to the learning material expired already. At least I can still access the flash cards.

The official CBK book has terrible reviews on Amazon. I wonder what that leaves me with. I’m tempted to pay for some online ISSMP questions.

Since there is a big overlap of material with the ISACA CISM and ISACA CRISC, I actually should be able to nail this anyway (see my other posts)

Update 20220519:

I ordered the official CBK book. Several people pointed out how they were using that book to study for the exam and it’s a much cheaper alternative to re-purchase the CISSP-ISSMP online self-study course. So I guess it can’t hard. Plus I like physical books.

CISM exam soon…

Saturday, December 14th, 2019

Soon after getting certified as CISSP, I started stuying for the CISM exam. I’m done with the textbook (All-In-One CISM by Peter H. Gregory, 2018 – which I can recommend) and I am making good progress on the pracice questions on Kaplan (former Transcender),

The original plan was to take the exam around February but maybe I can speed things up and take the exam in January already.

Still on my list…. CKAD (needs review) and CISA (book ordered).

An awesome series continues…. CISSP exam passed

Friday, September 13th, 2019

On 20190912, I took and passed the CISSP exam after several months of preparation. Yay for me!

What about that series I mentioned? It’s becoming scary but I haven’t failed any IT exam / certification so far… MCP, LPIC, federal tests, CompTIA and now the CISSP exam. Of course I’m glad about this, but it’s getting spooky.

What was the test experience like? The checks until the actual exam starts is the most annoying part… identification, NDA, vene scan, everything twice. To some degree I can understand that, but the vene scan in top of passport checks? Hm…

One thing on the actual exam I was quite worried about is that you cannot go back to previous questions… click Next, no way to go back. So many times I did not feel particularly confident about the selected reply… but you can’t go back, so worrying about it is useless.

The other thing I was not prepared for was the questions that asked for best something / most appropriate something… practice questions were more fact-based and if anything they asked “what is the first thing to do when…” or “the last thing to do when…” – which is a different dimension from “what is the best thing to do when…” as that implies the listed possibilites could all be correct but one is ‘more’ correct and the deciding factor is not necessarily a technical factor.

Anyway, I felt quite burned out after 80 questions and was hoping that I would not have go higher than a 100 questions. Which is exactly what happened… the result is not even shown on the screen, only on the printout. I did not feel confident regarding the result so imagine my surprise.

Here’s what I used for preparation:
Linux Academy CISSP preparation course
Official CISSP Guide 3rd edition 2016
Some lectures on pluralsight.com and many practice questions on kaplan.com (linked to pluralsight)
Some lectures provided by thorteaches.com
An app called CISSP Professional with practice questions