Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Newcomer I

CISSP exam failed 2nd time :( Advice Needed

Greetings All

I wanted to share my recent CISSP exam experience and get some advice.

Background : I have been in IT for the last 14 years and work as an IT Infrastructure and Security Architect. Over the years I have given a number IT certification exams from Microsoft, Cisco, VMware and Citrix. Also last year passed my Cisco Cyber Ops and as some of the material does overlap thought it would help. Now I understand these are technical exams and CISSP exam is not quite the same, as it is from a mangers point of view.


1st Attempt Feb 2019:  After studying for 3 months using self-study books and online resources, I thought I was prepared for the CISSP exam. I learned all the quantitative risk formulas and the Encryption stuff. Pretty much all the technical stuff I was confident it.

  • CISSP Official Study Guide Sybex
  • CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide
  • CISSP Official (ISC)2 Practice Tests – did all practice exams but later I learnt they are nothing like in the exam
  • CISSP CBT nuggets Mike Chapple- some useful topics
  • IT DOJO- Thanks Colin Weaver, useful stuff

But when it came to the exam the type of questions being asked threw me with Most , Best and First wordings as there was more than 1 correct answer and narrowing the right one down was tough. Also I was gutted I did not get any technical questions or quantitative risk formula questions as I was hoping to score easy  marks on those.  I also came across some topics I have not read in any of the resource material before.

Sadly I did not clear the exam. I got asked 150 questions on my 1st attempt, with 30 mins spare. So time was ok. Also the fact you cannot go back and mark questions for review is another point.

I was really disappointed but having got a break down of where my week topic were I thought Ok I know where to focus.

I got 3 topics Above Proficiency, 1 near Proficiency and 4 Below Proficiency. I knew the SDLC stuff was not strong and software development sections


So determined not to give up and pass it second time round I booked the exam on April 6 2019

This time round I knew where my weak areas were and used the following resources. I also was putting in around an hour a day of study over the 2 months.

  • Eleventh Hour CISSP®. Study Guide- really good book. The fast facts and crunch time were useful
  • OWASP_Top_10-2017
  • Boson CISSP Exam environment- This was a really good simulation software as the exam questions are worded very similarly so you get good practice in learning how to answer them. Did all 750 questions and was getting around 67-75% first time round. Second time round around 80%+ as you remember some of the answers.

I went over the things I was weak in from last times exam

I was more confident this time as I knew what to expect.

Then on the exam day- As I was going through my questions there were again some topics which I  have not read in any of the resource material before and was not feeling very confident. I was pacing myself expecting to get up to 150 questions again and I still had 45 mins on the clock when I reached my 100 question.  This time the exam ended after by 100 questions on the dot. I was really surprised as I did not think I had got 70%.

Sadly as anticipated the result was that I had failed again!! Once again no formula or technical questions. None of them I was hoping to get easy wins on.

Even more shocking this time I got only 1 Above Proficiency, 4 near Proficiency and 3 Below Proficiency. In  a way, my score was worse than before. How is that even possible?  Part of me thinks did I click the end exam button my mistake on the 100th questions. As I thought if I had got to answer the additional 50 questions I could have passed.

To say that I am gutted is an understatement

But I am not defeated; I am going to give the exam again but wanted to ask the community of any books and new study material I can use. As it seems the exam has evolved and the study guides are now slightly out of date.


I also wish they give you a score like all other IT certification exams.

Any tips from  those who passed would be greatly appreciated.


I will give the exam again but I need to a new study strategy, otherwise I am just burning money. (ICS)2 must be making a killing on all of us who fail the exam. Why does the exam have to be so expensive? Anyway this is just a moan.


Thanks community.



16 Replies
Community Champion

Never give up! Take a different approach! Put down the study guides and everything else that purports to teach you an answer through a practice test. You need to take a hard look at the CBK and map a reference to each. Then think of multiple scenarios that will test that knowledge. 

Newcomer II

Hi Friend


I am not sure whether I am qualified to give you any advise on it but one thing as other members have mentioned, finding the less appropriate choices helps a lot. I passed my CCSP with the similar approach. Another strategy which has been mentioned and I used too, no change in the answers. I didn't even flag any question. Just think in that moment and decide. I tell you one thing, during the entire test I was shaking and felt seriously under pressure and tensed. I couldn't even read the questions properly let alone understanding them. I was looking for confidence in the mouse and the writing pad. I blame too much practice questions for this. They help once when you see something new or you think on options. Later my brain started to fill the blanks. I told myself that the questions will be different in the exam but failed to convince the brain. 


So the first question gave me shivers and the shivering didn't stop until I saw the word congratulations on the report card. Make sure you don't give into the pressure and stop thinking in the exam. 


Afterwords I didn't bother looking for the right answer. Instead I picked the last option and thought what does this thing do and what will happen if i choose this. And do the same for the next option and so on. Secondly you need to apply managers line of thinking in many cases. Technical thinking is applicable in tech selection type questions. This helped me. 


Having said that, the two exams are different and you know CISSP exam more than me (I haven't even attempted it yet). I am planning to start my CISSP journey from June.


I know you will pass it this time so afterwards when you decide to dump the books please IM me 🙂



Cheers and good luck bro

Contributor I

The only advice I can give is to keep on reading. If you’ve read the sybex study guide, read it again. After that, read it again. After that, guess what... other than that book I used Colin Weaver (itdojo) on YouTube; really good videos, and he makes it fun. A common mistake I would suggest is to keep taking the practice questions and get them right by remembering. You need to be at a point where you get them right because you work out that the correct answer is correct. You’ll get there I know it, good luck
Newcomer I

Hi there. Just go through below link. Try a different formula for your next attempt.
Newcomer I

Hi All

Wanted to updated you. I attempted my CISSP for the 3rd time and finally cracked the beast!!

Thanks for all the encouragement and tips.

If any one in the same situation. Do not give up.

Full write up here.

Contributor I

well done, welcome aboard!

Viewer II

I agree every each word on your comment. I have exact same situation and believe “most, least “ questions makes it challenging and makes us ( more technical folks) feel bad. While thinking this is true, i also believe there were some questions on purpose unnecessarily and unrealistically were complicated. In real life there is no way we see such wordings. I have doubts will take third time to burn more $$$ and not even knowing my score that how close i were to finish line.