New to the community. I passed the exam on 10/4. Definitely a challenging exam. Took me all 3 hours and I completed all 150 questions. Really thought I failed since some colleagues of mine that passed, exam stopped at 100 questions. For the ones that completed the 150, failed. I did start to get frustrated when I was like at Q: 110 and it didn't stop. Just told myself to keep focus and keep on answering them correctly. Completed with 2 minutes to spare and signed out. Then I got the paper form the proctor and I passed! :-).
To all the future test takers, stay focused from beginning to end, read the questions and answers more than once, take breaks if you need (note: every time you leave you have show that you did not come back with anything (e.g. emptying out your pockets jackets included and self pat down) which impacts your remaining time. I began studying 5 months which included the following sources:
Training Camp 1 week boot camp
(ISC)2 CISSP 8th Edition Official Study Guide and 2nd Edition Official Practice Tests
3rd Edition 11th Hour CISSP
Pocket Prep (https://www.pocketprep.com/exams/isc2-cissp/)
I'm so happy to be part of this community! I do plan to pursue the other the concentrations. Based on my two days of brief research, seems like Engineering is hardest and there isn't an updated ISSE CBK yet. I would like to tackle the hard first. Any assistance on what other materials/training are out there in addition to the self pace study material provided by the ISC2? I'm also open to feedback on my approach.. should I start with Management or Architecture instead?
Thanks in advance!
FWIW, the engineering concentration seems to me more aimed at US government infosec engineering then general infosec engineering. That is, FISMA and RMF, etc.
For management, to be honest most companies ask for the CISM then ISSMP concentration. I've yet to see any job description ask for any of them.
At one point I was thinking of doing both the ISSAP and ISSMP, but never bothered. Am more focused on other certs.
Firstly, many congratulations!
Secondly, all arguments aside about what certifications are better, what has more market value, etc., etc., my honest advice to you is to look elsewhere for further certifications - and I say that as someone who holds five ISC2 certifications (CISSP-ISSAP, ISSEP, ISSMP, CCSP) and who currently has an exam for a sixth certification (CSSLP) scheduled in the not too distant future.
You have your CISSP now (pending endorsement) so that will get you past most HR filters. Looking to earn more ISC2 certifications right now is not advisable.
Sadly, you really need to minimise the interactions you have with ISC2 if you want to stay sane. Going for more of their certifications means more frustrations having to deal with their broken systems and processes. These are currently shambolic at the best of times, but if you hold more than one certification, all bets are off - nothing will work for you.
ISC2 tout themselves as "The World’s Leading Cybersecurity and IT Security Professional Organization" which may have been true a couple of years ago but the reality is they have been reduced to little more than a clown show now.