Читать книгу CISSP For Dummies - Peter H. Gregory - Страница 16

Getting hands-on experience may be easier said than done, but keep your eyes and ears open for learning opportunities while you prepare for the CISSP exam.

If you’re weak in networking or applications development, for example, talk to the networking group or developers in your company. They may be able to show you a few things that can help you make sense of the volumes of information that you’re trying to digest.

Your company or organization should have a security policy that’s readily available to its employees. Get a copy, and review its contents. Are critical elements missing? Do any supporting guidelines, standards, and procedures exist? If your company doesn’t have a security policy, perhaps now is a good time for you to educate management about issues of due care and due diligence as they relate to information security. Review your company’s plans for business continuity and disaster recovery, for example. Those plans don’t exist? Perhaps you can lead this initiative to help both yourself and your company.