Firstly, it's ok to be frustrated. Your post is similar to my OP. However, just don't give up. I posted the following after I'd passed:
"After taking the exam a second time, I almost got the impression that failing it once just to see how the exam is presented is part of studying for the exam. It sounds demented, but I don't know how else to put it. The way the questions are presented are like no other exam prep book presents test questions. You must:
1) select the BEST answer for an executive, not an engineer
2) avoid overly technical answers and stick to what is pragmatic
3) be an expert with the CBK concepts regarding CIA; whether it's in the test or not, it just makes you an expert
Never give up."
... has anybody found anything I could study that was even close to being on the test? ...
See the CISSP questions thread. Although none of the questions are on the exam (that would be an NDA violation), they do match the spirit and the followup discussion offers great insight into how to approach the exam.
My background: I've been working in this industry close to 40 years. I'm a former ArpaNet Engineer.
If you don't know what the ArpaNet is/was or who my former employer was (BBN, Bolt Beranek and Newman) You shouldn't be in this industry.
As someone on the older side of the age spectrum myself, here's an analogy that might work. Imagine an excellent mechanic well versed in the muscle-car era being asked to certify on modern vehicles. My response to a lot of the stuff I deal with today vs. 20 or 30 years ago is that it is that it is crap - not technology - much like that imaginary mechanic might shake his or her head at all the electronics and junk packed under a hood today. Then once I get passed my curmudgeonly response, I find some value in what I initially dismissed, but also realize that the new stuff isn't all that different, just old concepts repackaged with new or re-used acronyms (how many different definitions of MAC can we get?).
The Test stopped at 101 questions, it mostly asked, “What is the BEST…,” “What is the MOST likely…,” and “What is the MOST important…”, the format of those questions never saw any of the practice questions we did in class.
I think the test has always had that wording. There's seems to be consistent complaint about the quality of the questions. My sense is (ISC)2 is discovering some growing pains. As certification bodies go, I think the (ISC)2 has done a better job than most, but to blunt, certification is a great concept, but something very hard to implement and maintain. What (ISC)2 did ahead of others was the CPE and experience requirement. I think to be more genuine, it would be good to see it do more to qualify experience (maybe an apprenticeship model) because let's face it, security is not a multiple-choice exercise. But to shorten my comment, I think the (ISC)2 faces the challenge of having enough questions. Especially an adaptive test, you need a lot of questions, I think it is still working on building this massive database of good questions, but you have to fight through the poorly or incorrectly worded ones.
I hold numerous certs in other IT area's in fact too many to list last one being Security+.
There's a difference between IT and infosec, and even then there is a difference between infosec management (something the CISSP applies to) and an infosec technician/administrator. Sure there is a lot overlap, and ideally, there would be no such thing as security certification - I mean shouldn't security be part of everything and not this sort of separate concept? I digress, what I'm most curious about is what are the most useful certs or the best-done ones you have come across? I struggle with that, especially at hiring time. The biggest challenge is finding people who can genuinely do the job. The certs don't seem to prove that (to be honest). You have a lot of people who get the cert but have no experience. On the flip side you have some great folks out there who have no certification at all.
As I tell my students, "think like a manager!" and relate everything back to the CIA triad. How does _____ effect the C, the I, and/or the A?
Dr. Warren Mack, CISSP