cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Vigenere
Newcomer III

Help me assess my readiness for the CISSP exam

Dear ISC2 Community,

 

It's a pleasure to have joined you!

I am getting ready for my 2nd CISSP attempt, having failed the first about 9 months ago. My preparation back then included studying on the "Eleventh Hour CISSP®: Study Guide" and doing all questions on that book plus other questions found online. I took many notes while studying the book and I practically re-wrote it in a summarized format so I was pretty strong on the theoretical part but I admit I underestimated the difficulty of the exam and did too little practice. This is the reason why I failed although not in a terrible way, as I got "Below Proficiency" on 2 domains, "Near Proficiency" on 5 and "Above Proficiency" in 1.

 

After a bit of discouragement and a break, I committed to try again and I started doing a lot of practice tests. I have downloaded the "PocketPrep CISSP" app and bought a Premium Account. All the questions and answers are based on the study guide by Mike Chapple and they come with detailed explanations after the test is done. I have been practicing every day, multiple times a day for more than 3 months now and my scores are consistently above 70%.

 

The question which I am finding incredibly hard to answer is: am I ready?

I hoped you can help me answer this question by sharing your experience and particularly the moment when you said to yourself "I am ready, I got this!"

 

What other practice tests or preparation material can you recommend, that is compliant with ISC2 policies and is as similar as possible to the real exam?

 

A bit about myself: I have 9 years of IT experience, the last 5 and a half of which were a full immersion in security as I have been working in a Security Operations Center of a large organization, in several roles.

Educational background: B.S. in Computer Science

Other certs I hold/held: GCIA, CCNA

 

Thanks in advance for your help!

 

Al




"I have no special talent. I am only passionately curious."
18 Replies
Vigenere
Newcomer III

@rslade 

Interesting, thanks for all the details!




"I have no special talent. I am only passionately curious."
me_shail
Community Champion

Welcome and sorry to hear about your previous result. With CISSP, as the questions in the exam are not B&W same applies to various perspectives and advises. I also passed my CCSP (May 2019) and CISSP (Dec 2019) in the first attempt. In terms of preparation I used Boson tests (only once) and never cared what % I was getting. Did ISC2 Prac test (only once) in one go and again never cared about the scores. I used Shon Harris 8th edition, Official CBK (pretty much use less) and Sybex official study guide. Nothing else. If you keep on doing practise tests then I suspect you will train your brain to a point that it will start to look for obvious choices and do lesser thinking. I felt that myself. 11th hour is a summarised book so you summarised a summarised book. I don't know how much time you have but I swear by Shon Harris, if someone wants to make notes, Shon Harris is a very good choice and so is Sybex Official guide.

 

Unlike other exams CISSP basically tests your capability to apply the knowledge in the field. If you are able to see the use cases which you didn't notice before, that means you are getting the concepts. An example can be the assessment of the Information Security Management Policy Framework which involves Policies, Standards, Procedures, Guidelines etc and regulatory/compliance requirements of your organisation.

 

Other example can be to look for data protection standards and see what ciphers are being used, are they relevant and in commensuration of the value of the data, key management etc. 

 

My subjective assessment is CISSP is all about applying the knowledge and select the best approach under given circumstances. 

 

Good luck for the next try mate   

Vigenere
Newcomer III

Thanks @me_shail. I saw the Boson tests referenced often, so I will definitely check them out.
I have already enriched my practice test base by downloading the official CISSP app and I have obtained the ISC2 Official Study guide as well, which I will use to integrate my knowledge. Additionally, I have already started doing mindmaps for the topics that I find more challenging to remember. Lastly, I am going through the Cybrary course which I find very good.
About the time, I have as much time as I need.
One of the reason my first attempt failed is that I was kind of forced to do the exam within a certain deadline due to organizational budgeting deadlines. I am not going to fall into this trap once again and I will book the exam only when I feel entirely, truly confident.



"I have no special talent. I am only passionately curious."
ajessentials1
Newcomer I

The CISSP exam is difficult if you answer from the technical point of view. I passed the exam in November 2019 and had to constantly remind myself to answer each question from a management or even C-suite perspective. After you complete a chapter from the Official Study Guide, teach what you’ve learned. I also used the first chapter as a guide for studying the rest of the material. This means knowing how to approach any issue or question from a CIA triad perspective.

Hope this helps and good luck on your road to becoming a CISSP.
Bas73
Viewer

Study the book! That's basically it. I constantly used the official CISSP study and test apps on my phone to check the level of my knowledge and watched Kelly Handerhan explain it to me on Cybrary videos.

The questions on the exam are way different than anything you can practice online. Anyway, I'm positive that if you put enough effort in it that you can pass.

 

Good luck!

me_shail
Community Champion

Looks like you have it under control. Good luck.
Vigenere
Newcomer III

Friends,

 

I am happy to communicate that I have provisionally passed the CISSP Examination at my second attempt, today.

Following up on this thread, I'd like to explain how I integrated my study practices hoping that my experience could help other members of this valuable Community from which I have received substantial help.

After having essentially exhausted all the questions on the Pocket Prep application, I went for another good round of theory and practice. I bought the Official Study Guide (Eighth Edition) and I have read it cover to cover on my Kindle. This is probably the first big book that I have studied on Kindle and I have to say my experience was great. I made hundreds of digital notes of it and commented on all the parts that were hard for me to digest. I have almost never read those notes back, but the sole fact of commenting made it easier for me to process the given piece of information. At the end of each chapter, I would do both the written test and the 20 review questions. For every wrong answer, I would re-read the concept and try to understand it better and describe it in my own words.

In parallel, I subscribed to the Sybex/Wiley portal and downloaded the CISSP Study Official App. Without exaggerating, I think that over the last one year and a half I didn't let a day go without doing a quiz (ok, maybe 1 or 2, but you get the idea 😉

On the Wiley portal alone, I clocked more than 16 h of pure quiz time averaging ~ 82% correct answers. For every single quiz, I would review the wrong answers and understand why I got them wrong and how I could change my mindset to get them right. I also took screenshots of the answers I got wrong, for me to review multiple times.

Another very useful source was the Cybrary Course by Kelly Handerhan. I watched it once, in parallel with my Study Guide read and I listened to it fully once again, the days preceding the exam. I especially found this last practice very useful to "bring it all together".

Last but not least, I have read and tried all the questions posted in this thread (thank you @rslade !)

They were very useful to set my mind back on the real exam question type (as all of you said, very, VERY different from everything one can find online).

 

Oh, and I made mindmaps (especially one for Cryptography which I'll share with this community as soon as I have a moment). I even made up songs to remember the Block and Key Lenght of each Block Cipher and jotted all down today on my note page... and surprise, no questions about that! 🤣

 

Now, I'd like to answer my own question: "When was the moment when you felt you got it?"

In my particular case, I have never reached that moment. This is by far the hardest exam I have ever written and the one I have studied for and suffered for the most. The scope and subjects are so broad that I don't think one person can possibly achieve 100% confidence in everything. I did, however, get to a point when I realized that "I had never been MORE ready than now and I don't know if I'll ever be without working another 20 years in this field".

 

To sum it all up, this is a scary, complicated, challenging test. The key to success, in my opinion, is perseverance.

Don't set the goal to study and do this test in 1 or 2 months. Allow yourself the time to soak up the concepts and make them yours. Don't care too much about deadlines and enjoy the journey.

The exam's only purpose should be to validate the knowledge, experience, and mindset that you have gained over the years.

 

Thanks again, everyone!

 

 




"I have no special talent. I am only passionately curious."
abhattac5
Newcomer III


Hi there. The big thing IMHO is to use as many comprehensive materials as you can. Just relying on Eleventh Hour was probably the biggest issue there - I think you should try starting with a much more comprehensive starting point like the Official Guide or All-in-One. A combination of Dummies / Official Guide / All-in-One / Eleventh Hour may be the way to go. It also depends on how much time you have - maybe you can try one for in-depth studying (either All-in-One or the Official Guide) and the other for superficial cramming (either Dummies or Eleventh Hour). Don't forget practice questions or practice tests!

If you would like a more detailed look at how I passed, you can check out my related post here.
https://community.isc2.org/t5/CISSP-Study-Group/Passing-the-CISSP-My-Experience-Oct-2021/m-p/48366#M...

Hope that helped. Good luck!
Eman96
Viewer II

Thanks for following up on your experience. I'm supposed to write the exam in 4 days but thinking of pushing a week. Getting 76% consistently on Sybex practice exams but never feel confident. I'll take a look at some other resources from this thread.