Good day everyone, hope all is well. I just completed my exam and wow it was challenging. To start off I read a lot of reviews saying to outsource to different material and I agree 100 percent. isc2 is no where near enough to help you pass this exam. Unfortunately, I failed as well. Just focusing on isc2 will set you up for failure in my opinion. The material in isc2 goes over the bare minimum or surface level and on the exam its more deep dive or advanced in my opinion. I don't like to talk bad but I feel they set us up to fail on this one. I studied my butt off with different material daily and I felt like I had to take a guess and hope I was right on atleast a third of the exam. Some questions are worded weird to throw you off but other than that, this is not a friendly/beginner course in my opinion. My advice to anyone taking the test is to STUDY HARD AND OUTSOURCE!! Take multiple courses, read multiple books , etc. Don't rely just on isc2. To be frank, I did do mike chappels CC study guide (which is amazing in my opinion) and a couple of other things but I guess it wasn't enough. The worst part about it was when I got my scores back they tell you what you were proficient in and what you aren't and it said I was below proficient in a majority of the categories which makes me feel like idk what I'm doing. But like i said I studied the isc2 material, Aced all their exams and what not so idk. Anyway thanks for reading, hope this helps someone. Going to figure out my next move. God Bless.
Hi,
I am preparing for the cc exam, can you help me by sharing some of your outsources for the preparation?
I was really surprised that I failed this exam. I know I failed some questions but I responded very quickly to the ones I was pretty sure was the right answer. The tricky questions response took more time and on few I knew the answer could be wrong. I finished the exam having like more than 40 minutes left. If I felt insecure about most of the answers I would take more time on every question. I mentioned about the time and speed in answering questions but I don't want to discourage newbies that think that time is not enough. I want to stress that we are unique individuals with unique experience in IT fields. About the test results and the CBT algorithm since there is no transparency about how the score results are calculated anybody can assume anything including unfair results. It is like a black box , and you cannot come back to it for verification purpose, at least none of the candidates. Sorry if someone is disagree with me but a black box can be manipulable and be designed to be harder or easier throwing more difficult and tricky questions , or miscalculating the amount of right answers that could compensate the wrong answers.Just my opinion.
In my preparation I used and reviewed the free course from ISC , linkedin course and udemy course, going back and forth from questions to content including evaluating and reviewing all provided questions on tests. My perception is that I responded more than 80 % of the questions correctly in the exam.
In my case the result was that 2 domains appears as below proficiency and 3 above proficiency. I believed I passed the exam but the report was showing that I failed, and yes there is no way to request a verification of the test including the kind of questions generated according to the algorithm and the candidate. Is there any previous setup for specific candidate, is it fair for every candidate? Those are question which answers are unknown. It looked to me without any bad intention in saying this, that explainability, trust and transparency should be incorporated in the process when candidates fail the test. They want to know the why in details. It is difficult to trust in a black box. Same applies to AI and that is the reason that exists an ethical discussion since AI also represents a black box, and clients that use AI solution need to be sure that those features liket explanability, transparency, trust, fairness and no biases are embedded in the AI solution. Hope you understand my point. The purpose of this post is to contribute to promote better customer satisfaction with CBT tests. Thanks!
@jacint61 wrote:Sorry if someone is disagree with me but a black box can be manipulable and be designed to be harder or easier throwing more difficult and tricky questions , or miscalculating the amount of right answers that could compensate the wrong answers. Just my opinion.
Not going to disagree at all. You have just described the art of test-development. Every teacher knows how to write a test that everyone will fail or that everyone will pass. The trick is to adjust the difficulty of questions so that the grades have a normal distribution.
... there is no way to request a verification of the test including the kind of questions generated according to the algorithm and the candidate. Is there any previous setup for specific candidate, is it fair for every candidate?
(ISC)² does announce how many questions you will get from each domain and provides some information on how the grading works.
There is no need to request a verification because one is automatically performed after every exam. This is why the results provided at the end of the exam (at least if one passes) are termed "preliminary" and formal notification comes a few days later, once the "Psychometric Analysis" has been completed.
Beyond just analyzing if you were given a fair test and took it fairly, it also analyzes if the questions are performing as well as expected. Over time, bad questions (ones regularly answered wrong by those who pass) are removed from the test bank. So, continuous improvement is at work.
It looked to me without any bad intention in saying this, that explainability, trust and transparency should be incorporated in the process when candidates fail the test. They want to know the why in details.
There is a balance between helping you understand what you got wrong and protecting exam confidentiality. Back in "the day", one only received a pass/fail notification. Disclosing how well one did in each domain and putting them in order from best to worst was added to better advise on where one needed to study without risking the test-bank itself becoming public knowledge.
@jacint61 wrote:My perception is that I responded more than 80 % of the questions correctly in the exam.
Google "The Stages of Learning". It is common for those in the "UI" stage to overestimate their ability and to blame the exam when they fail. As one progresses to the "UC" stage, one tends to say "I get lucky".
It is definitely possible to pass. There are a lot of people taking these exams and a lot of people passing them. In a little under a year, 15,000 people have earned the CC. It is administered by PersonVue, a company that specializes in annually delivering 19 million exams for about 650 different companies. At these scales, if there were inbuilt "unfairness", it would come out in the statistics and the reputation.
I'd agree with @denbesten here, in that broadly they would like lots of people to take up the CC, so want as many people to pass as possible, there is a big effort here and we see that they are sunsetting HCISSP, and advising folk to go for CC. ISC2 clearly want as many people through CC as possible as it's extra revenue earlier on, plus gets people used to harder exams.
It's going to be the second most popular very soon. (ISC)² Member Counts (isc2.org)
Personally, I'm lukewarm - are members with CC ahead of Associate of ISC2 in voting, benefits, recognition or other things? Haven't checked it out but I'd hope not.
I don't see any benefit to having it be a certification rather than a certificate as its entry level, without requirements for experience.
It might be wise to reduce the scope of source material in references and outline if too many people struggle, but there will be metrics for that:
CBK Suggested References | (ISC)² (isc2.org)
Certified-in-Cybersecurity-Exam-Outline-Aug22.ashx (isc2.org)
One thing I'd guarantee is that ISC2 won't have set anyone up for failure. If there are issues with difficulty, then they will be addressed, but there's no way after spending all this money promoting CC they wouldn't want it to be a success.
I sat for the exam and I managed to pass. True the ISC2 material alone is not enough to make it. I think my experience also helped with answering the questions. I think also someone has to have a good command of English to fully understand what the question is requesting for. Good luck to all going for the exam.
@Early_Adopter wrote:
Personally, I'm lukewarm - are members with CC ahead of Associate of ISC2 in voting, benefits, recognition or other things? Haven't checked it out but I'd hope not.
The short answer is "yes." From my understanding, CC's, as certification holders, are full members; thus someone with no experience who passes the test is now on par with a CISSP with decades of experience, or as you note, they have more standing than associates, who passed the CISSP exam but just haven't accumulated the experience. Don't ask me to make sense of that.
The (ISC)2 was founded as a way of recognizing expertise. Part of that is/was passing an exam, but the larger element was experience and on-going commitment. Now that needle has shifted back to the thing we were founded to avoid. I understand the frustration of people who believe they are buying something when they sign up for bootcamps, study guides, etc. You feel like you didn't get what you paid for. I'll say this, however, the other (ISC)2 certs - namely the CISSP - were designed to test years of accumulated experience and knowledge. Sure, there were things on the exam that weren't in the study guides, but that was expected to test if you could know things out. IoTs for example - great, we have this fun acronym, but is this category any different from any other Internet host? Similar with cloud. Yes, there may be some new terminology, but this is just an evolution of time-sharing, grid computing, and other concepts that have been around for decades. That's the hidden value of experience - to be able to see that what is marketed as radical and new is really just an old issue with a new paint job.
Is the exam very hard like that? If all the questions arent from the material they provider, that means one needs to sit up
@JoePete Seems like a bad deal for associates, who have invested more time, and spent more on the exam.
It does seem with CC that ISC2 are having a pop at replacing CompTIA Security+, however I'm not sure that that will work out - look at the numbers of jobs requesting Security+ Vs CC. To your point ISC2 Endorsement meant someone was willing to vouch for your experience, and CC doesn't have that going for it.
Food for thought.