Dear ISC2 Community,
It's a pleasure to have joined you!
I am getting ready for my 2nd CISSP attempt, having failed the first about 9 months ago. My preparation back then included studying on the "Eleventh Hour CISSP®: Study Guide" and doing all questions on that book plus other questions found online. I took many notes while studying the book and I practically re-wrote it in a summarized format so I was pretty strong on the theoretical part but I admit I underestimated the difficulty of the exam and did too little practice. This is the reason why I failed although not in a terrible way, as I got "Below Proficiency" on 2 domains, "Near Proficiency" on 5 and "Above Proficiency" in 1.
After a bit of discouragement and a break, I committed to try again and I started doing a lot of practice tests. I have downloaded the "PocketPrep CISSP" app and bought a Premium Account. All the questions and answers are based on the study guide by Mike Chapple and they come with detailed explanations after the test is done. I have been practicing every day, multiple times a day for more than 3 months now and my scores are consistently above 70%.
The question which I am finding incredibly hard to answer is: am I ready?
I hoped you can help me answer this question by sharing your experience and particularly the moment when you said to yourself "I am ready, I got this!"
What other practice tests or preparation material can you recommend, that is compliant with ISC2 policies and is as similar as possible to the real exam?
A bit about myself: I have 9 years of IT experience, the last 5 and a half of which were a full immersion in security as I have been working in a Security Operations Center of a large organization, in several roles.
Educational background: B.S. in Computer Science
Other certs I hold/held: GCIA, CCNA
Thanks in advance for your help!
Al
@Vigenere wrote:Dear ISC2 Community,
It's a pleasure to have joined you!
I am getting ready for my 2nd CISSP attempt, having failed the first about 9 months ago. My preparation back then included studying on the "Eleventh Hour CISSP®: Study Guide" and doing all questions on that book plus other questions found online. I took many notes while studying the book and I practically re-wrote it in a summarized format so I was pretty strong on the theoretical part but I admit I underestimated the difficulty of the exam and did too little practice. This is the reason why I failed although not in a terrible way, as I got "Below Proficiency" on 2 domains, "Near Proficiency" on 5 and "Above Proficiency" in 1.
After a bit of discouragement and a break, I committed to try again and I started doing a lot of practice tests. I have downloaded the "PocketPrep CISSP" app and bought a Premium Account. All the questions and answers are based on the study guide by Mike Chapple and they come with detailed explanations after the test is done. I have been practicing every day, multiple times a day for more than 3 months now and my scores are consistently above 70%.
The question which I am finding incredibly hard to answer is: am I ready?
I hoped you can help me answer this question by sharing your experience and particularly the moment when you said to yourself "I am ready, I got this!"
What other practice tests or preparation material can you recommend, that is compliant with ISC2 policies and is as similar as possible to the real exam?
A bit about myself: I have 9 years of IT experience, the last 5 and a half of which were a full immersion in security as I have been working in a Security Operations Center of a large organization, in several roles.
Why spend the money on unofficial prep guides and apps? I hope that you have studied the official (ISC)2 CBK. That matters. Make sure that any material that you use that you can pin it to a task in a domain according to the exam blueprint.That matters. Study what you don't know. I wish you the best of luck!
it's difficult to access if you ready or not. I guess the most appropriate person to access is actually yourself.
I can only share my journey:
CISSP, CCSP, CISSP-ISSAP and recently CISSP-ISSMP.
I pass all the above in the 1st attempt.
All of them I used are ISC2 official study guide or CBK (even some like ISSAP is out-dated material), official flashcard, and some references like NIST. I have never paid for "non" official material, not mentioning "premium account" for ....
With all official material, it may not able to get you 100% full mark but I would say it should not be a problem to pass if you really understand the official material thoroughly.
And at the end, it's all about your knowledge, experience on specify domain and your ability to understand the question itself during the exam. If you take the question in a wrong way, your answers to the question will probably be wrong which definitely decrease your likelihood to PASS.
For myself (just my opinion), if I find myself asking "am I ready?", then my only conclusion will be "I am not ready" - as a result, I focus on the areas/topic/domains that I am weak or less familiar, until I can say to myself I am good, good means I can explain to myself (and others) in a plain English why this is the right answer to the question and why the other are not the right answers (or not the best one), how the question need to be change (or ask) for not best answers in order to be the best answer.
And when I stop asking myself "am I ready", then I think I am ready. But of course, it does not always imply (or guarantee) a PASS.
Last but not least, good luck.
@csjohnng @AppDefects thanks for your replies and wishes,
Personally, I know many people who have earned their CISSP by studying and practicing on "unofficial" material. The Eleventh Hour book was lent to me and the app has a relatively low cost, is very easy and pleasant to use and has a very detailed explanation of each answer. It also allows you to track your progress over time which I find really useful.
Is there anything similar in the set of things you would classify as "official"?
@csjohnng @AppDefects I forgot to mention that the PocketPrep references the specific page where the answer is contained in the Official Study Guide (8th Edition). So it's an unofficial app that accurately references the Official guide.
Having Provisionally passed in December here are my 2 cents.
This is unlike any other certification I have sat for. The questions were not black and white like I studied in multiple prep books and apps.
The advice I would suggest, as many others you will find, know the concepts not the granular specifics. This helped me in ruling out the 2 least right answer, then make sure you understand 'how' ISC2 would answer the question.
Having worked in Information, technical, and operational security for over 10 years the real world gets messy and so we make choices that are not the 'textbook correct' way for many reasons. To understand the test I had to pull myself back and understand the concepts.
Its all about the BEST answer from the scenarios. The added difficultly is when you have done at least 2 or 3 of the answers in the 'business world' for specific reasons it becomes easy to gravitate to the ones you know.
As far as study guides, I used the official CBK and the mobile app CISSP STUDY from ISC2. Both helped to understand the concepts, but in a black and white way. I also used the free study course on the website cybrary.it for the CISSP. Just as background and key takeaways.
It is a daunting test, but if you go in confident and really get the 'concepts' that you are studying then you have a good chance.
Be confident and look at the big concept picture for each question.
Good luck.
> Vigenere (Viewer) posted a new topic in Certifications on 01-14-2020 02:04 PM
> I hoped you can help me
> answer this question by sharing your experience and particularly the moment when
> you said to yourself "I am ready, I got this!"
Well, I'd reviewed over 300 titles of the source security literature when I sat the exam, so, I was ready.
However, you might want to check out
https://community.isc2.org/t5/Certifications/CISSP-questions/m-p/18626
Also, read "Security Engineering" by Ross Anderson.
(Also, make sure you know the De Vigenere cipher.) (Which De Vigenere didn't invent and actually didn't like very much.)
Thank you, @dippydog1932 !
I have already enrolled in the Cybrary course and I'll definitely get the app. Exactly as you said, I am confident with the concepts but it's hard to find questions that are as challenging as the ones on the real exam.
Thanks @rslade ,
About the book "Security Engineering", isn't it slightly outdated?
I noticed the last edition is from 2010.