If official books, official prep questions, and boot camps are no good, what options do I have? I failed on my first attempt and continue to use what resources are available. However, I still feel lost as to how I can prepare for the test. I am in search of good advice.
My advice for anyone is rather than trying to study a particular domain, experience it. I think that is the key to the CISSP - it's not supposed to be a test-prep type of test (sure, a cottage industry has popped up to sell you just that). It is supposed to measure experience. If you have never done a business impact analysis, for example, you can study the definition of one, but until you have actually gone through the process of evaluating dozens of scenarios and their impact on an inventory or service, you'll probably not have the ability to know-out an exam question. Whatever domain you are weak in, try to get some experience (work, volunteer, etc.) in that area.
Thanks for the advice. If you read my original post, though, I actually already said I had a CompTIA Security +. I also said in later posts that I retook the exam and passed. I also gave some quick tips on how to actually pass. I also stated that the exam had to be taken, failed, and then evaluated. I mentioned failing the exam once as being part of the exam process; only because there is no material that exists that prepares you for this test; at least that I know of. It is a bit of an underhanded exam, that opinion of it has not changed; justify it how you will.
Anyway, it matters no more. I have the certification, and I am using it to its fullest extent. I am currently working on a disaster recovery plan, an encryption architecture approach, and an architecture approach to extending our existing architecture to the cloud; all of which are CISSP related activity. So, whatever; things we have to do and the price we have to pay just to be trusted to do work we already know how to do.
You should edit your original post with an update in big letters stating that you eventually passed otherwise you will continue to get advice from people in the future. No one will skim through the pages to find out that you actually passed. Unless you like receiving these type of "advice" posts then sure 🙂
First of all, congrats on clearing the exam, @Dr_C_Lace; as @Spoon2k said, it would be really helpful if you updated your original post to add that you passed at your next attempt, else others who just see the first few posts in the thread are likely to abandon their quest.
@Flyslinger2, I can relate to part of what you went through. Prior to the CISSP, I had taken certifications like the CompTIA Security+, MSCE: Security, CCNA: Security, and ITIL Foundation, wherein my usual strategy would be to prepare with reading materials, videos, and simulators / emulators if applicable --- for some months before an exam --- and then try some practice questions shortly before the exam.
It always worked for me until I tried the CISSP --- and flunking it was definitely a blow.
Anyways, I concluded that a lack of experience might have been responsible --- even though my earlier posts did involve elements of IT Security, they weren't dedicated to it. Unfortunately, garnering the needed experience wasn't a immediate option as I'd resigned shortly before the exam, so there wasn't much else to do but turn to practice questions.
When I retook --- & cleared --- the exam, only a fraction of the questions I encountered matched those practiced with, so it's clear that one can't bank on practice questions alone. Experience has a major part to play in this...
Just wanted you to know I failed the exam two days ago. I failed miserably!!!!
My background: I've been working in this industry close to 40 years. I'm a former ArpaNet Engineer.
If you don't know what the ArpaNet is/was or who my former employer was (BBN, Bolt Beranek and Newman) You shouldn't be in this industry. I'm a former Lead from Bay Networks (Nortel Networks) IP Services and Security Group. My Title today is Computer Scientist. And Yes I failed!
I studied on my own, went to the Boot Camp (56 hours last week), I read the 11th Hour cover to cover, did the ISC2 Official Practice Test, and YES, I FAILED! Oh by the way we even found mistakes in the class material.
The Test stopped at 101 questions, it mostly asked, “What is the BEST…,” “What is the MOST likely…,” and “What is the MOST important…”, the format of those questions never saw any of the practice questions we did in class. I was told "the more technical you are the less likely you are to pass this test on the first try" (or second try). The paper that was printed out at the end of the exam was NOT Domain specific on the improvements I needed to work on. I'm going to be 62 this year and the only reason why I'm doing this is because my company asked. I hold numerous certs in other IT area's in fact too many to list last one being Security+.
I should have the right to see the questions and answers to the test that I submitted to, not only to mention the throw away questions that were inserted in the test. This is a GAFF! What was taught in Class was mostly a Technical review and basically nothing to do with the actual test. Yes, I'm not happy I failed.
My former Manager is a Physicist by trade. New nothing about IT and still claims to know nothing about IT but passed this exam. Go figure!
I'm tired, going back to the drawing board, regrouping, taking another worthless class, has anybody found anything I could study that was even close to being on the test?
Have a, What is the BEST…,” “What is the MOST likely…,” and “What is the MOST important…Day!
Sorry to hear about the exam result. I myself have seen many folks with little experience have passed the exam and experienced couldn't, i myself can't really understand the logic behind this. But what I have seen is that answering the questions in the exam is kind of a trick, i.e. read the questions very carefully and see what they are emphasizing on.
I myself used to think completely technically but often found that I got carried away with quick thinking. Any practice exam/dumps will not match with actual exam questions. The practice questions help you in time management and refreshing domain knowledge.
If you spend sometime and rethink about how questions were framed and how did you choose the answer then it will help you in identifying the 1 or 2 mistakes that you made in selecting the most accurate response.
Take a break and then start preparing. I did CISSP in January, 2014 when they had made changes to the format of the questions, during the exam I thought I may not pass it because the questions were nothing like the cure dumps that I had practiced, till I got the printout stating that I passed I was not at all sure to make it.
I wish you good luck and hope that you will pass in the next attempt.