Security exam tips

Written on 21 December 2018, 05:07pm

Tagged with: , , , , ,

After successfully passing 3 IT security exams this year, here are some high level tips:

  • schedule your exam well in advance to avoid procrastination
  • study from at least two sources
  • use quizzes: they make a huge difference in memorizing things
  • use the learning channels compatible to your brain (ex. I always prefer text or classroom training instead of audio or video)
  • Right before the exam: get a good night sleep the night before
  • schedule your exam in the morning when your brain is fresh
  • try to clear your mind in the hours before the exam
  • resist the temptation to go one more time through your materials before the exam
  • During the exam: keep an eye on the watch
  • don’t go back to a question: make the best effort to answer and then forget it (some exams will not even allow you to revise a question)
  • don’t change your answer (exception: when you realize that you misread the question)

And some basic, but interesting things about security:

  • people are the most important asset
  • but humans are also the weakest link in every security program
  • security is always about protecting the CIA triad
  • security controls can bring the risk to an acceptable level, but there is no such thing as risk zero
  • a company exists for the sole reason of making profit. This means that they will always look at the return of investment as primary metric in evaluating any security control
  • security is not a one-time project to fix things, but rather an ongoing program that needs to be planned and revised periodically
  • complexity is the enemy of security
  • as a security professional, you must learn to tailor your language to your audience
  • you are just an adviser, but not a decision-maker
  • you should act as a prudent man. Like this guy would:
https://breakingbad.fandom.com/wiki/Mike_Ehrmantraut

IMG_6087 What do you expect from a 5-years old going in kindergarten? Know the letters, the numbers, count to 10? Write something? Listen to the teacher?
Well, these are important, but he will learn them, eventually…
Here’s what I think it’s more important:

– communicate with others
– be a sociable person
– develop the curiosity to explore things
– laugh to any little thing

Here’s an additional wishlist found by another parent – Philip Kovacs, in an Open letter to my son’s kindergarten teacher:

– a little kinder, a little more courageous, and a little more compassionate.
– perseverance, impulse control, resiliency, and how to think about thinking.
I believe these skills and capacities will get him far in life, regardless of how good he is at trigonometry later.
– Most importantly, I need him to leave your classroom loving to learn.