cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Vigenere
Newcomer III

Help me assess my readiness for the CISSP exam

Dear ISC2 Community,

 

It's a pleasure to have joined you!

I am getting ready for my 2nd CISSP attempt, having failed the first about 9 months ago. My preparation back then included studying on the "Eleventh Hour CISSP®: Study Guide" and doing all questions on that book plus other questions found online. I took many notes while studying the book and I practically re-wrote it in a summarized format so I was pretty strong on the theoretical part but I admit I underestimated the difficulty of the exam and did too little practice. This is the reason why I failed although not in a terrible way, as I got "Below Proficiency" on 2 domains, "Near Proficiency" on 5 and "Above Proficiency" in 1.

 

After a bit of discouragement and a break, I committed to try again and I started doing a lot of practice tests. I have downloaded the "PocketPrep CISSP" app and bought a Premium Account. All the questions and answers are based on the study guide by Mike Chapple and they come with detailed explanations after the test is done. I have been practicing every day, multiple times a day for more than 3 months now and my scores are consistently above 70%.

 

The question which I am finding incredibly hard to answer is: am I ready?

I hoped you can help me answer this question by sharing your experience and particularly the moment when you said to yourself "I am ready, I got this!"

 

What other practice tests or preparation material can you recommend, that is compliant with ISC2 policies and is as similar as possible to the real exam?

 

A bit about myself: I have 9 years of IT experience, the last 5 and a half of which were a full immersion in security as I have been working in a Security Operations Center of a large organization, in several roles.

Educational background: B.S. in Computer Science

Other certs I hold/held: GCIA, CCNA

 

Thanks in advance for your help!

 

Al




"I have no special talent. I am only passionately curious."
18 Replies
AppDefects
Community Champion


@Vigenere wrote:

Dear ISC2 Community,

 

It's a pleasure to have joined you!

I am getting ready for my 2nd CISSP attempt, having failed the first about 9 months ago. My preparation back then included studying on the "Eleventh Hour CISSP®: Study Guide" and doing all questions on that book plus other questions found online. I took many notes while studying the book and I practically re-wrote it in a summarized format so I was pretty strong on the theoretical part but I admit I underestimated the difficulty of the exam and did too little practice. This is the reason why I failed although not in a terrible way, as I got "Below Proficiency" on 2 domains, "Near Proficiency" on 5 and "Above Proficiency" in 1.

 

After a bit of discouragement and a break, I committed to try again and I started doing a lot of practice tests. I have downloaded the "PocketPrep CISSP" app and bought a Premium Account. All the questions and answers are based on the study guide by Mike Chapple and they come with detailed explanations after the test is done. I have been practicing every day, multiple times a day for more than 3 months now and my scores are consistently above 70%.

 

The question which I am finding incredibly hard to answer is: am I ready?

I hoped you can help me answer this question by sharing your experience and particularly the moment when you said to yourself "I am ready, I got this!"

 

What other practice tests or preparation material can you recommend, that is compliant with ISC2 policies and is as similar as possible to the real exam?

 

A bit about myself: I have 9 years of IT experience, the last 5 and a half of which were a full immersion in security as I have been working in a Security Operations Center of a large organization, in several roles.

 


Why spend the money on unofficial prep guides and apps? I hope that you have studied the official (ISC)2 CBK. That matters. Make sure that any material that you use that you can pin it to a task in a domain according to the exam blueprint.That matters. Study what you don't know. I wish you the best of luck!

csjohnng
Community Champion

@Vigenere 

it's difficult to access if you ready or not. I guess the most appropriate person to access is actually yourself.

 

I can only share my journey:

CISSP, CCSP, CISSP-ISSAP and recently CISSP-ISSMP.

 

I pass all the above in the 1st attempt.

All of them I used are ISC2 official study guide or CBK (even some like ISSAP is out-dated material), official flashcard, and some references like NIST.  I have never paid for "non" official material, not mentioning "premium account" for ....

With all official material, it may not able to get you 100% full mark but I would say it should not be a problem to pass if you really understand the official material thoroughly.

 

And at the end, it's all about your knowledge, experience on specify domain and your ability to understand the question itself during the exam. If you take the question in a wrong way, your answers to the question will probably be wrong which definitely decrease your likelihood to PASS.

 

For myself (just my opinion), if I find myself asking "am I ready?", then my only conclusion will be "I am not ready" - as a result, I focus on the areas/topic/domains that I am weak or less familiar, until I can say to myself I am good, good means I can explain to myself (and others) in a plain English why this is the right answer to the question and why the other are not the right answers (or not the best one), how the question need to be change (or ask) for not best answers in order to be the best answer.

 

And when I stop asking myself "am I ready", then I think I am ready. But of course, it does not always imply (or guarantee) a PASS.

 

Last but not least, good luck.

 

John
Vigenere
Newcomer III

@csjohnng @AppDefects thanks for your replies and wishes,

 

Personally, I know many people who have earned their CISSP by studying and practicing on "unofficial" material. The Eleventh Hour book was lent to me and the app has a relatively low cost, is very easy and pleasant to use and has a very detailed explanation of each answer. It also allows you to track your progress over time which I find really useful.

Is there anything similar in the set of things you would classify as "official"?




"I have no special talent. I am only passionately curious."
Vigenere
Newcomer III

@csjohnng @AppDefects I forgot to mention that the PocketPrep references the specific page where the answer is contained in the Official Study Guide (8th Edition). So it's an unofficial app that accurately references the Official guide.




"I have no special talent. I am only passionately curious."
dippydog1932
Newcomer I

Having Provisionally passed in December here are my 2 cents.

This is unlike any other certification I have sat for. The questions were not black and white like I studied in multiple prep books and apps.

The advice I would suggest, as many others you will find, know the concepts not the granular specifics. This helped me in ruling out the 2 least right answer, then make sure you understand 'how' ISC2 would answer the question.

Having worked in Information, technical, and operational security for over 10 years the real world gets messy and so we make choices that are not the 'textbook correct' way for many reasons. To understand the test I had to pull myself back and understand the concepts.

Its all about the BEST answer from the scenarios. The added difficultly is  when you have done at least 2 or 3 of the answers in the 'business world' for specific reasons it becomes easy to gravitate to the ones you know. 

As far as study guides, I used the official CBK and the mobile app CISSP STUDY from ISC2. Both helped to understand the concepts, but in a black and white way. I also used the free study course on the website cybrary.it for the CISSP. Just as background and key takeaways.

It is a daunting test, but if you go in confident and really get the 'concepts' that you are studying then you have a good chance.

Be confident and look at the big concept picture for each question.

Good luck.

rslade
Influencer II

> Vigenere (Viewer) posted a new topic in Certifications on 01-14-2020 02:04 PM

 

> I hoped you can help me
> answer this question by sharing your experience and particularly the moment when
> you said to yourself "I am ready, I got this!"

 

Well, I'd reviewed over 300 titles of the source security literature when I sat the exam, so, I was ready.

 

However, you might want to check out
https://community.isc2.org/t5/Certifications/CISSP-questions/m-p/18626

 

Also, read "Security Engineering" by Ross Anderson.

 

(Also, make sure you know the De Vigenere cipher.)  (Which De Vigenere didn't invent and actually didn't like very much.)


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Vigenere
Newcomer III

Thank you, @dippydog1932 !

I have already enrolled in the Cybrary course and I'll definitely get the app. Exactly as you said, I am confident with the concepts but it's hard to find questions that are as challenging as the ones on the real exam.




"I have no special talent. I am only passionately curious."
Vigenere
Newcomer III

Thanks @rslade ,

About the book "Security Engineering", isn't it slightly outdated?

I noticed the last edition is from 2010.




"I have no special talent. I am only passionately curious."
rslade
Influencer II

> Vigenere (Newcomer I) mentioned you in a post! Join the conversation below:

> Thanks @rslade , About the book "Security Engineering", isn't it slightly
> outdated? I noticed the last edition is from 2010.

First, classics do not age. Classics deal with the foundations (which is what you are
mostly going to be tested on for the exam). Peripheral and ephemeral stuff comes
and goes, and you will see some references to those issues in exam questions, but
the heart of the exam is the basic concepts.

Second, you can wait, if you like, for the new version, but that probably won't be
until the fall.

Third, if you *really* can't afford to invest in your career, you can read it online
for free:
https://www.cl.cam.ac.uk/~rja14/book.html
But you'll probably want to keep it as a reference.

======================
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468