I wanted to share my recent CISSP exam experience and get some advice.
Background : I have been in IT for the last 14 years and work as an IT Infrastructure and Security Architect. Over the years I have given a number IT certification exams from Microsoft, Cisco, VMware and Citrix. Also last year passed my Cisco Cyber Ops and as some of the material does overlap thought it would help. Now I understand these are technical exams and CISSP exam is not quite the same, as it is from a mangers point of view.
1st Attempt Feb 2019: After studying for 3 months using self-study books and online resources, I thought I was prepared for the CISSP exam. I learned all the quantitative risk formulas and the Encryption stuff. Pretty much all the technical stuff I was confident it.
But when it came to the exam the type of questions being asked threw me with Most , Best and First wordings as there was more than 1 correct answer and narrowing the right one down was tough. Also I was gutted I did not get any technical questions or quantitative risk formula questions as I was hoping to score easy marks on those. I also came across some topics I have not read in any of the resource material before.
Sadly I did not clear the exam. I got asked 150 questions on my 1st attempt, with 30 mins spare. So time was ok. Also the fact you cannot go back and mark questions for review is another point.
I was really disappointed but having got a break down of where my week topic were I thought Ok I know where to focus.
I got 3 topics Above Proficiency, 1 near Proficiency and 4 Below Proficiency. I knew the SDLC stuff was not strong and software development sections
So determined not to give up and pass it second time round I booked the exam on April 6 2019
This time round I knew where my weak areas were and used the following resources. I also was putting in around an hour a day of study over the 2 months.
I went over the things I was weak in from last times exam
I was more confident this time as I knew what to expect.
Then on the exam day- As I was going through my questions there were again some topics which I have not read in any of the resource material before and was not feeling very confident. I was pacing myself expecting to get up to 150 questions again and I still had 45 mins on the clock when I reached my 100 question. This time the exam ended after by 100 questions on the dot. I was really surprised as I did not think I had got 70%.
Sadly as anticipated the result was that I had failed again!! Once again no formula or technical questions. None of them I was hoping to get easy wins on.
Even more shocking this time I got only 1 Above Proficiency, 4 near Proficiency and 3 Below Proficiency. In a way, my score was worse than before. How is that even possible? Part of me thinks did I click the end exam button my mistake on the 100th questions. As I thought if I had got to answer the additional 50 questions I could have passed.
To say that I am gutted is an understatement
But I am not defeated; I am going to give the exam again but wanted to ask the community of any books and new study material I can use. As it seems the exam has evolved and the study guides are now slightly out of date.
I also wish they give you a score like all other IT certification exams.
Any tips from those who passed would be greatly appreciated.
I will give the exam again but I need to a new study strategy, otherwise I am just burning money. (ICS)2 must be making a killing on all of us who fail the exam. Why does the exam have to be so expensive? Anyway this is just a moan.
Never give up! Take a different approach! Put down the study guides and everything else that purports to teach you an answer through a practice test. You need to take a hard look at the CBK and map a reference to each. Then think of multiple scenarios that will test that knowledge.
I am not sure whether I am qualified to give you any advise on it but one thing as other members have mentioned, finding the less appropriate choices helps a lot. I passed my CCSP with the similar approach. Another strategy which has been mentioned and I used too, no change in the answers. I didn't even flag any question. Just think in that moment and decide. I tell you one thing, during the entire test I was shaking and felt seriously under pressure and tensed. I couldn't even read the questions properly let alone understanding them. I was looking for confidence in the mouse and the writing pad. I blame too much practice questions for this. They help once when you see something new or you think on options. Later my brain started to fill the blanks. I told myself that the questions will be different in the exam but failed to convince the brain.
So the first question gave me shivers and the shivering didn't stop until I saw the word congratulations on the report card. Make sure you don't give into the pressure and stop thinking in the exam.
Afterwords I didn't bother looking for the right answer. Instead I picked the last option and thought what does this thing do and what will happen if i choose this. And do the same for the next option and so on. Secondly you need to apply managers line of thinking in many cases. Technical thinking is applicable in tech selection type questions. This helped me.
Having said that, the two exams are different and you know CISSP exam more than me (I haven't even attempted it yet). I am planning to start my CISSP journey from June.
I know you will pass it this time so afterwards when you decide to dump the books please IM me 🙂
Cheers and good luck bro
Wanted to updated you. I attempted my CISSP for the 3rd time and finally cracked the beast!!
Thanks for all the encouragement and tips.
If any one in the same situation. Do not give up.
Full write up here.