refer to as the “old school” exam. You’re permitted to bring a foreign-language dictionary (nonelectronic and nontechnical) to the exam, if you need one. Also, testing options are available for the visually impaired. You need to indicate your preferences when you register for the exam.
After the Examination
In most cases, you’ll receive your unofficial test results at the testing center as soon as you complete your exam, followed by an official email from (ISC)2.
If, for some reason, you don’t pass the CISSP examination — say that you read only this chapter of CISSP For Dummies, for example — you’ll have to wait 30 days to try again. If that happens, we strongly recommend that you read the rest of this book during those 30 days! If you fail a second time, you’ll have to wait 90 days to try again. If that happens, we most strongly recommend and highly urge you to read the rest of this book — perhaps a few times — during those 90 days! Finally, if you fail on your third attempt, you’ll have to wait 180 days. You’ll have no more excuses; you’ll definitely need to read, reread, memorize, comprehend, recite, ingest, and regurgitate this book several times!
After earning your CISSP certification, you must remain an (ISC)2 member in good standing and renew your certification every three years. You can renew the CISSP certification by accumulating 120 Continuing Professional Education (CPE) credits or by retaking the CISSP examination. You must earn a minimum of 40 CPE credits during each year of your 3-year recertification cycle. You earn CPE credits for various activities, including taking educational courses or attending seminars and security conferences, belonging to association chapters and attending meetings, viewing vendor presentations, completing university or college courses, providing security training, publishing security articles or books, serving on relevant industry boards, taking part in self-study, and doing related volunteer work. You must document your annual CPE activities on the secure (ISC)2 website to receive proper credit. You’re also required to pay a $125 (U.S.) annual maintenance fee to (ISC)2. Maintenance fees are billed in arrears for the preceding year, and you can pay them in the secure members’ area of the (ISC)2 website.
Chapter 2
Putting Your Certification to Good Use
IN THIS CHAPTER
Although this book is devoted to helping you earn your CISSP certification, we thought it would be a good idea to include a few things you might consider doing after you’ve earned your CISSP. If you’re still exploring the CISSP certification, the information in this chapter will help you better understand many of the benefits of being a CISSP, including your role in helping others.
So what do you do after you earn your CISSP? You can do plenty of things to enhance your professional career and the global community. Here are just a few ideas!
Networking with Other Security Professionals
Unless you work for a large organization, there probably aren’t many other information security (infosec) professionals in your organization. You may be the only one! Yes, it can feel lonely at times, so we suggest that you find ways to make connections with infosec professionals in your area and beyond. Many of the activities described in this chapter provide networking opportunities. If you haven’t been much of a social butterfly before, and your professional network is somewhat limited, get ready to take your career to a whole new level as you meet like-minded security professionals and potentially build lifelong friendships.
THE POWER OF ONLINE BUSINESS NETWORKING
We promise that we have no affiliations with LinkedIn when we say it, but hear this: LinkedIn is one of the best business networking tools to come along since the telephone and the business card. LinkedIn can help you expand your networking horizons and help you make contacts with other business professionals in your company, your profession, your region, and far beyond.
Chances are that you aren’t new to LinkedIn, so we’ll skip the basics here. People in the infosec business are a bit particular, however, and that’s what we want to discuss. Infosec professionals tend to be skeptical. After all, we’re paid to be paranoid, as we sometimes say, because the bad guys (and gals) are out to get us. This skepticism relates to LinkedIn in this way: Most of us are wary of making connections with people we don’t know. So as you begin to network with other infosec professionals on LinkedIn, tread lightly, and proceed slowly. It’s best to start making connections with people you actually know and people you’ve actually met. If you make connection requests with infosec people you haven’t met, there’s a pretty good chance that they’ll ignore you or decline the request. They’re not being rude; they’re just aware of the fact that many scammers out there will build fake connections in the hope of earning your trust and pulling some kind of ruse later.
Similarly, if you’ve been one of those open networkers in the past, don’t be surprised if others are a bit reluctant to connect
