Firstly, it's ok to be frustrated. Your post is similar to my OP. However, just don't give up. I posted the following after I'd passed:
"After taking the exam a second time, I almost got the impression that failing it once just to see how the exam is presented is part of studying for the exam. It sounds demented, but I don't know how else to put it. The way the questions are presented are like no other exam prep book presents test questions. You must:
1) select the BEST answer for an executive, not an engineer
2) avoid overly technical answers and stick to what is pragmatic
3) be an expert with the CBK concepts regarding CIA; whether it's in the test or not, it just makes you an expert
Never give up."
... has anybody found anything I could study that was even close to being on the test? ...
See the CISSP questions thread. Although none of the questions are on the exam (that would be an NDA violation), they do match the spirit and the followup discussion offers great insight into how to approach the exam.
My background: I've been working in this industry close to 40 years. I'm a former ArpaNet Engineer.
If you don't know what the ArpaNet is/was or who my former employer was (BBN, Bolt Beranek and Newman) You shouldn't be in this industry.
As someone on the older side of the age spectrum myself, here's an analogy that might work. Imagine an excellent mechanic well versed in the muscle-car era being asked to certify on modern vehicles. My response to a lot of the stuff I deal with today vs. 20 or 30 years ago is that it is that it is crap - not technology - much like that imaginary mechanic might shake his or her head at all the electronics and junk packed under a hood today. Then once I get passed my curmudgeonly response, I find some value in what I initially dismissed, but also realize that the new stuff isn't all that different, just old concepts repackaged with new or re-used acronyms (how many different definitions of MAC can we get?).
The Test stopped at 101 questions, it mostly asked, “What is the BEST…,” “What is the MOST likely…,” and “What is the MOST important…”, the format of those questions never saw any of the practice questions we did in class.
I think the test has always had that wording. There's seems to be consistent complaint about the quality of the questions. My sense is (ISC)2 is discovering some growing pains. As certification bodies go, I think the (ISC)2 has done a better job than most, but to blunt, certification is a great concept, but something very hard to implement and maintain. What (ISC)2 did ahead of others was the CPE and experience requirement. I think to be more genuine, it would be good to see it do more to qualify experience (maybe an apprenticeship model) because let's face it, security is not a multiple-choice exercise. But to shorten my comment, I think the (ISC)2 faces the challenge of having enough questions. Especially an adaptive test, you need a lot of questions, I think it is still working on building this massive database of good questions, but you have to fight through the poorly or incorrectly worded ones.
I hold numerous certs in other IT area's in fact too many to list last one being Security+.
There's a difference between IT and infosec, and even then there is a difference between infosec management (something the CISSP applies to) and an infosec technician/administrator. Sure there is a lot overlap, and ideally, there would be no such thing as security certification - I mean shouldn't security be part of everything and not this sort of separate concept? I digress, what I'm most curious about is what are the most useful certs or the best-done ones you have come across? I struggle with that, especially at hiring time. The biggest challenge is finding people who can genuinely do the job. The certs don't seem to prove that (to be honest). You have a lot of people who get the cert but have no experience. On the flip side you have some great folks out there who have no certification at all.
As I tell my students, "think like a manager!" and relate everything back to the CIA triad. How does _____ effect the C, the I, and/or the A?
Dr. Warren Mack, CISSP
I could not express my sentiments any better than you did. I took the CISSP in the old format 2 years ago and failed. Sat for the exam again last week and failed miserably AGAIN. Like you and many others, spent hours studying, felt confident I knew the material as presented in the ISC2 study material, spent the $700 again, got about 10-15 questions in and knew there was no chance I was going to pass. I agree that this test is designed to fail you. Not one question had "key" words that resembled the study materials or practice questions. I have several other industry certifications as well and they actually test you on the material you study. I don't know how to "study" for this absurd test either. It is a complete waste of time doing "practice" exams. If the actual test was like the practice exams, then I would actually pass. The real test is from left field. I am beyond frustrated at this point. I have been thru several books, practice tests, etc. Like you and many others, I have several years experience in Cyber. At this point, I feel like I would be better off taking the test and just guessing at the "BEST" answer. I think it's sheer luck if you pass. Why present such detailed material in the study material if you are not going to be tested on it? It's a total money making scam, not to mention wasted hours of my life that I cannot get back.