Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Champion

Passed (provisionally) 15 June 2018 - some tips and tricks

Greetings all,


It was a tough fight. but I won.


I had no clue whether I had or not, even as I passed the magic number of 100 questions, and they kept asking! I finally exhaled after they handed me the paper that said "Congratulations." I had to look at it a few times.


Here are some of my tips and tricks.

  • They give you a scratch pad. Use it! It helps calm you down and focus. It helps you look at the BEST! answer, because it's true -- sometimes all 4 are really GOOD! Good is not Best; think like a manager, not just like an admin or an operator or an analyst or whatever else.
  • Read the question TO THE END! Watch out for the NOTS, the ifs ands or buts.
  • Read the responses from bottom up. You won't miss any that way or jump to unfortunate conclusions.
  • If English is not your first language, take it in your strongest language if that is available. I pride myself on my command of English. I have studied it and lived it all my life. Some of the wording was @$6en incomprehensible to me. I think the advantage there (correct me if I am wrong moderators!), is that you get 6 hours to complete it, you get language dictionaries, a translated test, and the English test.  When you take the CAT test, there is no going back.
  • REALLY cram your weakest areas.
  • Find as many pertinent questions as you can; and mix them up.
  • Make your own flash cards. Use a spaced repetition software like Anki or Mnemosyne.
  • Take a boot camp AFTER you have read the materials. Otherwise, it will go in one ear and out the other.
  • Read everything you can about cybersecurity; get to know the SP-800 NIST library (particularly, RMF, CSF, NICE and all the other funny acronyms.)
  • Participate in a group with more than just analysts or managers or testers or whomever: participate fully and generously, make all kinds of turgid questions to confuse the JeBeebers out of everyone.
  • Take your time, breathe calmly, eliminate the real howlers; then make your educated choice.
  • If you fail it, ask yourself why. There are many resources on the web that can help you figure this out. The problem is not likely the exam; rather it may be your lack of preparation, your pride, or other human foible.
  • Best of success; go for it!
5 Replies
Newcomer I

Lots of good advice. Especially the boot camp one. I took the Training Camp Boot camp and it was like drinking from a fire hose. But I have been working on my Masters in Cybersecurity and the boot camp really made what I have been studying come to life. Things really began to click. I took the exam the Tuesday after the boot camp and passed. 

Community Champion

Thanks Jaesimpson, and congratulations on your pass!


Thankfully, I have experience in various facets of information security (more on the disaster recovery, BCP and operations sides; and a number of the questions really called on that experience. That's why one needs to broaden one's horizons to pass the exam. It's not a cake walk. If someone thinks that reading one book on the CBK is going to cut it, I guess he or she has another think coming.


I found what really helped me was rapid practicing with questions across all of the realms of security with Anki, a spaced-repetition learning tool. If you use it though, you need to create your own flash cards. The simple reason for this is that one does not understand the same thing as someone else doesn't understand. Also it's really fun to have a stack of paper flash cards and impress yourself with your increasing knowledge. 


Anyway, it is a lifelong loaning process and a blast to have passed this exam. Onward and upward with all of the cool stuff to keep learning and practicing.

Newcomer I

Congrats!  Thanks for the tips!

Newcomer I

j_M007 - Congratulation on achieving this career milestone!


Great points for the community. In addition, make sure you rest the night before and have a healthy breakfast!





Community Champion

Thank you MP. I fully agree with your point to get plenty of sleep, be hydrated, be fed and be locked and loaded to go into this one.


I found what helped me was the amount of preparation time I took. You have to respect the process and the exam itself. It represents knowledge and wisdom acquired and compiled by many practitioners. It is not a trifle and in my view it shows disrespect to the profession and the practitioners if one tries to wing it.


A SMART approach is to look at the tools you have on hand. I was told that the Sybex study guide covered everything well, so I decided to use it as my main tool.


S stands for SPECIFIC so I made sure I understood as well as I could the specific concepts for each realm. If I did not understand something I looked at it from different angles and viewpoints. I did not just say "Oh well. on to the next." I studied and asked other practitioners what the concept meant to them.


M stands for MEASURABLE so I decided to do my studying and practicing in measured increments. Business and science tell us that if we cannot measure it we don't have it. Measurements give us benchmarks with which to proceed.


A stands for ACHIEVABLE so I built achievement focus into my plan. This helps you over come fear, uncertainty and doubt (FUD). Specifics and measurements show your achievements and encourage you to progress.


R is for RELEVANT, REALIZABLE, REALISTIC and many other R factors. Relevancy is important to fold into the plan. Know WHY you are studying something, not merely WHAT. The exam wants to know WHAT you know for sure; but if you cannot put the WHY behind the concepts it makes for a difficult and trying time.


T means TIME-BOXED for me. I like the notion that everything is done in increments of time. If time is not your best friend, it can become your worst enemy. So make sure you respect it.


Build rest, exercise and nutrition into your plan and you have done your best. When you can finish the exam and say "I did my best" then there is no regret.


If after panning and doing your best you did not get the desired outcome, do a post mortem analysis and tweak the process.