cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 
Newcomer II

Re: CISSP Failed Exam 11/2018

Congratulations!

Newcomer II

Re: CISSP Failed Exam 11/2018

The mistake you made, is assuming that the exam was simply going to ask you a"(what is 2 + 2?". The test is knowledge based, but asks questions in a way to make sure to understand the information Al knowledge and be able to co very it I to wisdom
Newcomer II

Re: CISSP Failed Exam 11/2018

Forgive the typos lol...informational....and convert
Newcomer III

Re: CISSP Failed Exam 11/2018

Congratulations!  Not for passing the exam, which is a great achievement, but for sticking with it.  Since you have successfully completed it, the following comments are not necessarily of value to you, but hopefully other candidates may find something useful in them.

 

As others have noted, the CISSP is not for the technician or engineer - although many of them have earned it - it is for the leadership that makes the risk-based business decisions about how and when to apply certain aspects of security.  In management the right answer is often elusive, and the wrong answer may be costly. Although we can learn from our own mistakes, and those made by others, the right answer may not be found in any textbook or practice question.  A person who is able to process a number of variables, and decide what is "best," or offers the "most" security in a given situation, is not necessarily going to arrive at a binary answer - it is often a judgement call.

 

It's too bad that "wearing the CEO hat" wasn't emphasized in your preparation.  Ben Malisow, an (ISC)2 instructor and industry thought leader, reminds his students not to "buy a $10 lock for a $5 bike."  The $10 lock might be the most secure, but is it the "best" choice to protect the $5 asset?  The security guy might want the $10 lock, but the owner of the bike (the CEO) might not see the value in it.

 

It's a bit harsh, and severely limits the candidate pool for this certification, but I believe that the experience requirements are insufficient.  Instead of 5 years in at least two of the domains, I believe a candidate should have considerable experience in all of the domains.  I have approximately 40 years of overall experience, including my military service and career in law enforcement, with additional experience as a coder, network engineer, firewall engineer, as well as project management, Agile, ITIL, and CMMI, so taking the test was fast and easy, although it was the most difficult I'd taken at that point in time.

 

Prior to that, the PMP was the most difficult exam.  For me, the Lean Six Sigma Blackbelt (after I'd earned my CISSP) was a challenge, as I am not strong in math, and my formal education stopped when I left home as a teenager.  However, I only sat for the certification exams after many years of proficiency in all of the above areas.  I only sat for the CISSP in March of 2017, after decades of experience.  Likewise, I've been neck-deep in cloud security for about 8 years, but just took the CCSP exam in October, the endorsement is still ongoing, so I can't claim the certification yet. Again, the CCSP test was easy, because the questions are similar to ones that I'm called upon to answer every day.

 

For anyone thinking of taking, or retaking, the test, if you don't have the experience to give you 100% confidence to answer a sufficient number of questions correctly, you might want hold off and spend some more time working in the field.


Lloyd Diernisse
CISSP | CCSP | LSSBB | PMP | CSM | CMMI-A | ITIL-Fv3
Cybersecurity Consultant to the U.S. Government
Newcomer III

Re: CISSP Failed Exam 11/2018

@CyberLead- Lloyd, those are strong words, but so spot-on. Well done, my friend!

Highlighted
Newcomer I

Re: CISSP Failed Exam 11/2018

I failed my first attempt as well.  During my first attempt in Nov of 2017 I can tell you for certain that I did not have a complete understanding of CIA and how it applied across the CBK's.  I studied for a year and eventually started to understand how CIA was interwoven in all aspects of information tech security. From the technical aspects of cryptography to artful use in project management, the exam and the interwoven concepts of CIA cover a very broad spectrum of concepts and implementation techniques.

 

On my second attempt in Oct of 2018, I passed the exam and I believe having a deep understanding of CIA is what did it for me.  I felt I understood the convoluted questions significantly more on the second attempt, even though their obscurity of the point made the questions just as difficult to understand.

Newcomer I

Re: CISSP Failed Exam 11/2018

Dr_C_Lace,

 

I am glad to hear you passed.  I failed my first attempt on December 18th.  After the exam I read your post and was screaming inside "I feel exatly the same way".  Frustrated and feeling tricked.  My study efforts at this point are very simular to yours.  Since you have now passed the exam, will you please provide me with some additional insight.  I am confused as to which resources to use and how. 

 

Thanks,

 

AJ   

Newcomer III

Re: CISSP Failed Exam 11/2018

For study and preparation, kindly consider a reply I posted in the thread Mentor Needed.


Lloyd Diernisse
CISSP | CCSP | LSSBB | PMP | CSM | CMMI-A | ITIL-Fv3
Cybersecurity Consultant to the U.S. Government
Newcomer III

Re: CISSP Failed Exam 11/2018

There's nothing more frustrating than failing an exam.  I prepared for about 4.5 months taking a very rigorous class that was pretty expensive.  I managed to pass on the first attempt, but it definitely felt like the actual test was nowhere near the test questions I received or studied.  I even took a CAT style exam in my preparation process as part of this course and the questions actually asked were worded very differently.  In an effort to trip up candidates and make sure that their question pool is protected, I felt they masked their question pool by changing the language of the test.  I found it really difficult and was asked all 150 questions, after which I was certain I failed.  I scored proficient in all the domains in a simulated exam prior to taking the real thing and it was like walking in and taking a different certification exam altogether.

 

Don't give up, and know that what you've studied is part of the test.  But you have to have extremely high reading comprehension in the language you take the test in.  There is a specific way to approach the exam questions other than just reading them and answering based off the answers given.  I won't say more than that- review how you approached the questions and refine your next attempt based off that.


---
Andrea Stansbury- CISSP
Newcomer III

Re: CISSP Failed Exam 11/2018

@dreastans,

 

Congratulations on passing the exam and thank you for sharing your frustrations.


Lloyd Diernisse
CISSP | CCSP | LSSBB | PMP | CSM | CMMI-A | ITIL-Fv3
Cybersecurity Consultant to the U.S. Government