cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
mbenet
Newcomer II

CISSP provisionally passed March 14th - comments and advice

Hi everybody,

 

I just passed (provisionally) the CISSP sort of 4 hours ago, and as I've been for the past three months reading other people experiences on the CISSP exam, I guess it's fair to post mine.

 

My study materials

  • CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 8th Edition. (9/10)
  • Sybex CISSP Official (ISC)2 Practice Tests, 2nd edition. (9/10)
  • 11th hour CISSP. (8/10)
  • Boson CISSP tests. (10/10)

 

My background

  • 3 years as a sysadm (back in 2001), doing system administration, user management, firewall management, and some network maintenance.
  • 3 years doing IT security tasks: IDS, vulnerability management, monitoring, etc.
  • 12 years as a GRC consultant: Risk assessment, ISMS and 27002 assessments, BCP, privacy, policies and procedures, compliance, etc. 
  • CISA and CRISC.

 

"Methodology" (sort of)

For the study, I read (and highlighted) the Sybex book and the 11th book (just one time), and then did all the Sybex practice tests (8 domains + 4 more, about 1300 questions). After that, I did the Boson tests several times (what made no sense after the 3rd attempt, as I had somewhat memorized the response), and finally reviewed the wrong answers in the Sybex tests. I also viewed a couple Kelly Handerhan videos, on tips for the exam and Kerberos explanation.

 

To do tests is critical. Read the materials slowly and then get deep into the tests. Sybex and Boson tests are both fabulous. Probably Boson is more close to the real thing (and I would say quite a bit), but the importance relies on reading and understanding the explanation. In total, my score of the tests was about 75% right the first time, even though I was not really paying much attention to the questions and I missed some obvious, so it should have been around 80%.

 

Day of the exam

I approached the exam with the feeling that there were some things I didn't know well enough, but also with the feeling that I had a pretty good knowledge of all domains. Even though, I was worried because I wasn't totally confident with things such as the F agan phases, the full details of Kerberos or all the crypto key and block size stuff. I knew most, but I had the feeling there were details I was not remembering. 

 

It took me about 90 minutes to do the 100 questions I needed to make it thru. To be sincere, I had no clue if I was in the right direction or not.

 

About the exam

I've read many frightening posts about the exam questions, the exam wording and the tricky options, and i was REALLY scared, but that wasn't my experience at all. I must admit I didn't find the exam particularly difficult to understand, and I am not an English native speaker, for those of you out there that are not native English speakers. The questions were one or two sentences long, easy to read and pretty clear grammatically, in my opinion.

 

(I'm probably a little biased now that I've passed the exam, take that into account).

 

There are many tips on how to pass the exam. All I want to say is that the exam is passable. Study, practice, and you can do it. And remember, you can fail some answers and still pass. Don't be discouraged if you don't know something or if a given question sounds alien to you. Move on and try with the next one. For those of you that have failed, don't let that get you down. You can do it. 

 

Time to go for CISM 😉

3 Replies
mbenet
Newcomer II

One more thing. CISSP is not quantum physics. What makes it hard is the, vast amount of materials (concepts, technologies, protocols, methodologies, etc.) and time to study and the scaring fact that you don't know what you are going to face the day of the real exam. But everything is out there. Some will need more time of study, some will need less, some will be lucky with their questions, and some will not. But at the end everything you need to learn is in the books, Wikipedia, NISTA, etc. Good luck (it always counts) 😉
Kwara1870
Newcomer II

mbenet

Thank you so much for the uplifting words of encouragement for those of us who are ready to sit for the exam in a week time. Your post made me to think that I will pass with confident, like you said there were some so scary post about the exam. Now, next week I will sit for the exam with confident and knowing that i'm going to knock it out for sure and i will let you know next week. 
Wish me luck again, I have studied for last 6 month all of the materials you have mentioned, I have all of them plus I went for study group for about 3 month every week for about 13 weeks and it gave me a good background to raise my confident level. 

thank you so much again.  

mbenet
Newcomer II

Hi, Kwara1870.

 

As you say, you've been studying hard for a long time, so enter the exam with confidence. Be calm, read slowly, think, make your election and move forward.

 

A bit of luck is always needed, so good luck!