cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
sam2
Newcomer I

Passed CISSP January 4th 2019

Glad to inform you that I passed the CISSP exam on 01/04/2019. After seeing the congratulations printout from the pearson vue's staff there was a sense of accomplishment, lot of relief and a bit of celebration.

I have about 18 years experience and 12 different certifications in IT, project management, BCM, Security, privacy domains and this was the 13th. I have been working as security and privacy head for a business group in my company.

Preparation: Though I wanted to take this exam long ago, but somehow the priorities kept on changing due to work, travel and family. Finally in September 2018, I made up my mind and started to study for CISSP seriously. The CAT version of 3 hours was of immense help for people like me having short attention span. Study material utilized: ISC2 CBK 8th edition, Shon harris all in one 7th edition, ISC2 sample questions guide, Online videos by Kelly Handerhan, NIST documents and questions available from different online sources. I had to read the ISC2 book and Shon Harris book cover to cover two times to understand the concepts. Though ISC2 book has all the content, there are specific topics that are covered in details by Shon Harris book. After completing the books first time, I started practicing with tests to evaluate the results of my concepts and understanding. Initially it was in early-mid 70's and continuously improved to go towards 90's. I disagree with lot of people who say that:

 

It's a management exam only. Just focus on finding the best option applicable. While selecting the controls, look for risk management and cost benefit analysis, instead of  just looking into the management aspects

 

Don't memorize, just understand. Memorizing concepts for some key topics is equally important along with retention and understanding the holistic picture. Eg: TCP/IP port numbers, TCSEC/ITSEC/CC, cryptographic algorithms, symmetric/asymmetric, security models (pros/cons, linkages) need to be memorized.

 

Venture out for multiple sample exam sources: I didn't buy boson or any other exam subscription and many other paid exam test options, simply relied on questions at the back of the ISC2 book after each chapter, ISC2 sample questions from their book/online portal, Shon harris book questions after chapters and exam bonus tests from all these sources. In total, I did more than 3000 questions from these sources along with free questions available on internet.

 

Prepare for 9-12 months. I completely disagree with preparing for a long period of time, even though it may work for participants with less industry experience. Eventually you need to have fresh memory about the concepts that you went through and I wonder if it's possible for someone who studied for 9-12 months period.

 

Overall I studied for about 1.5-2 hours every day for three months after office work and about 10 hours a days for the last two weeks to revise the concepts, memorize specific topics and practice tests.

 

Exam Day: My exam was in evening hours, therefore freshness of mind was of major concern for me. I slept for about 9 hours a day prior to exam and went through the summary contents prepared by a gentleman named Prashant Mohan (available free on internet). This was a good summary refresher before the exam. 

After clicking the photograph and palm scan, when I went inside the examination room and sat on the chair there were lots of questions going through my mind about the nature of questions and my ability to select one answer out of the four.

First 4-5 questions calmed me down. The complexity of the questions was different than what I practiced but I was able to apply the concepts learned through books and various sources. The key is to select the best answer in a particular scenario and applicable to a particular question. It's equally important to play on the basis of merit of the question as every question is different and nature of complexity keeps on changing, depending on how well you are answering and shuffling of specific domains. There were a few questions, that were really very tough but the exam asks you to select the "BEST" possible answer. It was a mix of psychometric and the knowledge acquired through experience and concepts from books.

After 90 minutes and 100 questions, my exam abruptly ended. To avoid any chance, I raised my hand and the supervisor keeping a vigil from the glass door came inside. She asked me to click "end exam" and I asked her about my result. The lady informed me to go to the reception where I was supposed to get the results. The walk from the examination room to reception was less than 100 meters but my heart was beating fast. Finally when I got to see the print-out showing "congratulations" there was an ease, a calmness and jubilation simultaneously. overall a feeling that's tough to describe. 

Good luck to all the candidates!

13 Replies
janespa
Viewer II

Congratulations on passing the CISSP exam. Welcome to ISC2. I wish you the best of luck in your infosec career.

sam2
Newcomer I

Many thanks.

urvishacharya
Newcomer I

Hey Sam, Congrats for passing toughest one. Guess what, i am scheduled to appear for an exam in less than 12 hrs from now. I am hoping for the same feeling which you have described. Wish me luck:) 

Many congratulations!