CISSP (Certified Information Systems Security Professional)

Ok, I won’t keep you waiting.

I wrote the CISSP today and I passed.  Yay!!!

How do I feel?  I’m glad it’s over.

I started studying for it about a month ago.  Unlike other certifications, the CISSP has multiple study guides that are not even published by ISC.  I studied from the seventh edition by James Michael Stewart, Mike Chappel, and Darril Gibson mostly because that’s what my study group agreed on.

I gave the study guide a first read without trying to memorize or take notes.  Then I proceeded that flip through the flashcards and practice exams included with the study guide.  Then I decided to read through the study guide a 2nd time with attention to memorizing and taking notes.

I still felt I needed some additional sources for study material.  As a result, I purchased Transcender & Pass4sure exams.  They definitely help to accentuate my understanding of the material.

Finally, I flipped through my notes and the study guide a few more times prior to the exam.


The exam is tough.  It is not regurgitation of the study guide.

For software developers and project managers, this exam is not easy.  I think system & security administrators will have a much easier time.  That is not to say that the exam is technical because it isn’t.  But administrator types will be able to apply experience to many of the questions.

Will I proceed to the CSSLP or other security exams (e.g. CEH)?

Stay tuned…

Advertisements

Coach Skills for the Agile Workplace

I recently took a 3 day Agile coaching course taught by Sue Johnston.  There were 8 attendees and most (if not all) had more coaching experience than myself.

What was evident from the get go was all the bad habits I had picked up.  During our practice sessions it was difficult to break out of those bad habits but by the 3rd day I think started to realize when those habits were sneaking in.

I really enjoyed this course and I found that “coaching” is applicable to much more than Agile.  You can use it when you’re having a conversation with someone or you can even coach yourself.

I started using what I learned immediately and I plan to continue doing so.  It probably makes sense to also take a step back and re-read Lyssa Adkins book, Coaching Agile Teams.

The main take away for me is that I need to stop telling the team what to do and “coach” them to figure out the answer themselves.

*Completion of the course (and a quiz) also provides the ICP-ACC certification through ICAgile.

 

 

2016 Top 3 IT Trends

Here are my predictions in no particular order…

Security:

Security continues to be a hot topic especially since the hack of the Ashley Madison site.  Prior to that it seemed that security was only really taken seriously by the high volume websites and large organizations.  In 2016, it is highly likely that organizations across the board will pay more attention to security.  All it takes is a single hack to put a company out of business.

With that said, security certifications are likely to be in demand.  Here’s a link for more information:

Best Information Security Certifications For 2016

Containerization:

The popularity of Docker is on the rise and it should be.  Containerization makes sense for so many reasons.  The problem today is that it only really supports Linux.

Although Microsoft is behind in this game, it may not be that far behind.  Currently, the Azure Container Service does allow you to create and manage clusters of hosts pre-configured with Docker and others.  If Microsoft can build on that and include support for Windows Server containers, this area is sure to explode.

Big Data:

Having volumes of data doesn’t mean a lot if you don’t know what to do with it.  Employing the right analytics can give your organization that competitive edge.  The current toolset (e.g. Hadoop/Spark/etc.) is somewhat mature and continues to get better.

Big Data has many touch points but the ones that stand out the most are IoT (Internet of Things) and Cloud.  For this reason, I believe the presence of Big Data will continue to evolve.

TOGAF 9.1 Certified

Overall:

The 2nd part of the TOGAF certification is much different than the 1st exam.  While it’s still multiple choice, there are only 8 scenario based questions.  Furthermore, the answers are weighted so that you can receive partial credit for an incorrect response.

A pass is 60%.

My approach:

I took a similar approach as I did for the 1st exam:

I read the study guide twice and I reviewed it about 5 times after that.

 

I spent a total of 1 week studying.

Result:

90%

Final Thoughts:

While there is a sense of accomplishment in attaining this certification, it is difficult to express an opinion about TOGAF in general without having seen it first hand.

TOGAF 9.1 Foundation

Overall:

The foundation exam is part 1 (of 2) that is required to obtain the TOGAF certification.

There are no pre-requisites and there are no requirements to uphold the certification.  TOGAF is all about establishing an enterprise architecture practice.

 

The exam is based on the TOGAF study guide.  The foundation guide is not overly lengthy.

The exam is administered through Prometric so you have to attend a nearby testing centre to take the exam.

There are 40 questions and you have 1 hour.  A pass is 55%.

My approach:

I read the study guide twice and I reviewed it about 5 times after that.

I focused on the areas that are highly covered in the exam.  The study guide indicates how many questions are applied to each section.

As long as you have a thorough understanding of ADM, you should be fine.

I spent a total of 1 week studying for this exam.

Result:

97%

Final Thoughts:

Each exam is 320 USD.  That may be a consideration before attempting this certification.

I’ll post another blog on the results of part 2 (TOGAF 9.1 Certified):

https://markrajpal.com/2015/12/25/togaf-9-1-certified/

 

CSD (Certified Scrum Developer)

I’ve had my eye on the course for quite some time but unfortunately I’ve never seen it offered in Canada.  So I decided to take the course in Minneapolis.

It’s a 3 day course that is very technical (i.e. you will be coding).  It focuses on many aspects as programming but the ones that stand out to me are TDD and Refactoring.

If you’re looking to obtain the CSD certification there are some additional requirements.  You will need to take an additional 2 days of Scrum training.  So if you already have the CSM certification and you take this course, you will qualify for the CSD.

I was very pleased with the outcomes of this course.  We practiced additional techniques which included pair programming and CRC.  I would highly recommend this course because I think a Scrum team practicing what I learned (in just 3 days) would be highly productive.

Here is a partial list of the technologies we used:

  • Java
  • Jenkins
  • JUnit
  • Git
  • Gradle

I hope to see more of these hands-on technical courses.

CITA-F (Certified Information Technology Architect – Foundation)

Overall:

For those of you that aren’t familiar with this one, this is IASA’s foundation IT architect certification.  There are 3 more levels after this.

To uphold the certification you must complete CEUs.

There is a Canadian chapter in Toronto.

The exam is based on IASA’s ITABoK.  It’s a pretty good read even if you’re not pursuing a certification.

The exam is online and open book, but that doesn’t mean it’s easy.

There are 75 questions and you have 2.5 hours.  A pass is 70%.

My approach:

I read the ITABoK twice.

I did try to find online tools for exam preparation but I couldn’t find any.

IASA does offer a preparation course but I chose not to go that route.

Result:

74%

Final Thoughts:

At this point I’m not sure if I’ll pursue the other 3 levels.  The courses and exam fees get fairly pricey.  I’ll re-evaluate in a few months once I have a better feel for IASA.