I’d say that if your approach to study for this exam is to memorize practice questions, then I’d say that you’re barking up the wrong tree. Learning the concepts is the only way to prepare for this exam. I was well-prepared by the time I had taken this exam based on prior exam prep and experience. About 30-35% of the questions that I know I got right were purely because I had seen the process, worked the process, or managed that process. This test will be very intuitive when you have the right experience along with your study prep and educational background.
Don’t give up. Just take it again. At least you know what you are up against. The questions are ambiguous, but they are supposed to be. If anyone can go and answer questions designed for the novice, then there’s reason to pay us these particular high salaries. Information security professionals are charged with dealing with very ambiguous scenarios.
I am reviewing the new Exam outline (https://www.isc2.org/Certifications/CISSP#accordion-7e403e39523740eebc4ea33286435c17) and will assess my knowledge and experience in light of that.
I hope to be able to add my voice to the others who have successfully passed the exam.
I think that you will be just fine with the right amount of due diligence in study habits. Just remember that the more experience you have, the least ambiguity you will find the questions to be. Absent that experience, there will be an overload of study, study, and more study. You will have to learn to answer even simple scenarios a number of different ways... then you know you will be ready.
I will state "Don't give up". I have had a coworker take it more than once, I'm not sure what he's getting stuck on as he doesn't talk about it. He's taken every CISSP boot camp work has allowed over the past five plus years, the Cyber Security Cert from the University of Washington, Cyber Security Cert training through Cal Poly which was prior to finishing his Masters Degree in Cyber Security from the University of Maryland and he is now going through another boot camp out of a University in St Louis that is offered on line. His wife states she will have her PHD before he gets his CISSP!
I took mine last night, I'm not looking at my results but I know I don't have the "xyz out of 700" on it or so my daughter has informed me. I already posted my shock out of taking it because most of the study material is technical not higher level. I reviewed videos and test questions through skill port, CCCure, from the book and practice tests from my boot camp instructor last year to also review his slides that he posted for the class.
I've seen discussions where people talked about the areas they missed, their test scores, that's a guideline to review because each test is going to be different. I personally don't know how many domains I've worked but it's been several, reviewing the material showed me where my strengths were along with my weaknesses as I have a tendency to second guess my answers. Taking the test was out of my comfort zone and I admit it especially after the first couple of questions because the fear and trepidation kicked in. I will state that I did my best to answer the questions from the way each question was worded and hope I passed. If not I will regroup in 90 days and take it again after I decompress in the next 30 days.
I would state continue to study, if you need to take a different ISC test versus the CISSP do so just to get over the intimidation factor. I intend to do that 🙂
Ambiguity is not the word I would use. More like, who lets another person write a test question that is so far off topic but mentions a key item to include four likely answers having to choose the best one. I felt like I went through the wringer but I now know how the questions are worded. I have stated I'm not looking at my results till the end of the month because of outside stresses but the test was really unbelievable and if anyone thinks the one I had covered all eight domains (yeah right in what universe) Mine covered maybe four if I am lucky, several of which I am confident in from the tech level not the management level. The paper might say eight but I would disagree with the way my test was done to include the questions asked that were talked about. In fact I have to go look up a definition because I don't think it went with the acronym that was used in the question.