I passed my CISSP exam back around end of June. I've also held Security+ certification. From my experience both exams are very different. There is a reason even CompTIA  itself position CISSP as "expert" level certification and Security+ only has "Intermediate" on the IT certification road map, because the depth and breath of the knowledge domain they cover are different. 

https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf

 

Was the exam difficult? Definitely! But personally I feel it's the right exam for CISSP. It's not just about memorizing the terminology or content, it's also about understanding and being able to apply the knowledge to different situation and threat landscape that's constantly changing. So picking a best choice as answer for the question is very fitting, and realistic. Can't have one shoe fit them all. As CISSP, we are supposed to know the terminology and content. What's IPS? What's web proxy? What's change management? What's WAF? That's not the objective of the exam. In real life, customer/audience/manager would ask you: What is the BEST way to protect the environment? What is the MOST Important item to work on this quarter/fiscal year? If we do not have these technology, what will Most likely to happen? Can't tell them: sorry, it's not in the CBK~

 

The study method that works for me is to ask/learn from others: Without much programming background, I asked my colleague who is a developer about SSDLC and that help me understand the chapter; With no prior knowledge in audit, I sit through one and ask auditor questions regarding the process; I attended cybersecurity conferences and meetings to enforce knowledge area that I'm not familiar with. I took the opportunity to ask speaker additional questions to help me understand the concept. All I can say is work experience help, and there is a reason people form study groups. I read only one book, watched the training modules on Pluralsight. But experience and ideas I learn from my colleague attribute more to me passing the exam.

 

Hope you find the study method that work for you. 

> danyo (Newcomer I) posted a new reply in Career on 11-08-2018 02:42 PM in the (ISC)² Community :

>   1. Frustrated test takers seem to have
> a similar point of view with study guide test questions not being helpful
> and significant content not tested. Are there any recommended guides out
> there which can assist and improve test takers techniques with the (Most,
> Best, etc) questions in relation to the CISSP material?

No. Unfortunately.

Yes, a decent practice test, and some guidance behind it, would probably be of
enormous use. I've got a set of questions I've collected over many years, but I'm
loath to let it out of my control without expalanations behidn it, and I haven't had
the time to develop that.

I reviewed over a dozen guides, many with questions. I've also reviewed any
practice tests and sets I could come across. *None* of them really represent the
level and complexity of the real exam. (Many people try to make their practice
tests "harder" by putting in esoteric trivia, but that is not what the exam is about.)

I've submitted questions to the exam committee before: it's really hard to come up
with a single decent exam question. Multiply that by enough to make a decent
practice test ... well, nobody seems to be willing to put in that kind of work.

We could probably start a thread/topic on the "community" here, doing just that:
trying to develop realistic exam questions, critiquing why they are or aren't
correct, and then critiquing why they are or aren't "good enough" for the exam.
That might give candidates some idea of the real exam, and the complainers some
idea of how hard it is to maintain the exam ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
My parents went to Middle Earth and all I got was a lousy ring.
- Marty Helgesen
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

> nagarajan (Newcomer III) posted a new reply in Career on 11-08-2018 02:01 AM in the (ISC)² Community :

>   2. Gauge your understanding of domains/topics/subjects by
> explaining to others. If you know something well then you can explain them
> well.

Generally I'd agree. I've found that when I am teaching and I don't knit well I get
uncomfortable really quickly.

However, I also have known a number of people (Shon being one) who were able
to "make up" explanations that satisfied them, but were quite wrong. So it's a
good idea, but not a guarantee.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Unix IS user-friendly. It's just picky about who its friends are.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

The CISSP exam is no joke! I passed the legacy version in 2015. I studied like crazy for months. I credit my passing the exam not just to studying hard but also to my experience working in the industry.
Also, the thing which helped me the most in passing this exam was PERSPECTIVE - the questions must be answered from the perspective of a CISSP answering the questions using the knowledge from the CBK.
I hope you will take the exam again (and soon).

I appreciate all the support from the folks that gave constructive and encouraging feedback. I retook to the exam today and I had finally passed it.

Wow, nice one and congrats!

Thank you, sir.

Congratulations buddy!!!

Congrats welcome to the club!