Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Newcomer I

Please help: CISSP Failed after attempting all 150 questions - Need advice

 I am an Info Security professional with 11 years of experience. I took the CISSP CAT 2018 exam day before yesterday after 4 months of tremendous hard work. Studied 8 hours per day for the last one week. I failed after getting 150 questions. It was a nightmare and I was really disappointed. I am trying to figure out where I could have gone wrong. I had known from people that the exam ends at 100 questions if it can determine with certainty that the candidate is above or below the passing standard. I do know of people who had their tests ended at 120ish questions and passed and the others failed at 120 odd questions too. When I crossed the 100th question, I knew I was not doing good enough for the computer to determine that I was above the passing standard. I decided not to lose my cool and answered every question patiently expecting that the exam would end at some point of time. After 125 questions, I seriously lost hope. It was like a roller coaster ride. It kept giving me questions that invariably had key words like "BEST", "MOST", "LEAST" and so on.. While I was able to eliminate 2 choices, it was really hard to narrow down on one. And I also feel like it kept hitting me on areas where I did not fare well. After attempting 150 questions, the test report said that I failed and provided me with a report that said I was above proficiency level in 4 domains and was near or below proficiency in the remaining 4 domains. One thing, I can say for sure was that the exam clearly determined the areas that I personally felt I was weak at. But there are certain confusing aspects that I need clarity on...… My questioning is merely in pursuit of understanding. Please enlighten me on the below


1. If the CAT could fail a person at 120ish and pass another candidate at 120ish, why does it throw 150 questions for a few?. Does that mean that I could have got the last 5 questions and still passed ?? Was my answering so unpredictive that the algorithm was not efficient enough to determine my capability until the 150th question ? If yes, it contradicts with my testing report where it says I was near or below proficiency in 4 domains. Why does an algorithm have to wait till the1 50th question to finally determine I did not reach the proficiency in 4 domains ?


2. Can a candidate be below proficiency in 1-2 domains and still pass at the 150'th question ? I see people posting that they had 150 questions and came out thinking that they surely failed but passed to their surprise. Quite a gray area


3. If a candidate has cleared the exam at 100 questions, is it mandatory that he should have received all 25 unscored questions ? If yes, does it mean that of the 75 that were scored, he/she could have answered merely 70 percentage of them correctly(close to 50+ questions) and still passed ? If yes, this seems not ok.


4. The difficulty level of a question is relative. What is difficult to one could be easier to another. How does ISC2 determine that a question is difficult or easy. 


5. If ISC2 had a way to determine the set of difficult questions, the exam could throw only questions from the difficult pool to all candidates and determine if the candidate scores 70% of ISC2's difficult questions correct? That would be a much fair way. Why even give the easier ones ?


I can read the Sybex 2018 edition twice before my next attempt, but I don't want this scaring experience again 🙂 Can someone enlighten me on the above questions asked and the test taking strategy



37 Replies
Newcomer I

1. Took class, instructor said use sybex 8th edition.
2. Get practice questions, 100 questions, per domain.
3. Several people have passed in his classes. It's not "studying or reading" book.
4. Now how to study, do review questions by looking up right and wrong answers in book. And study right now wrong answers.
4. Be careful too many books,
5. Also do cissp pocket in whatever cell phone you have
6. Also do practice questions same look up right and wrong answers for practice questions in sybex book. Each domain has 100 questions, hopefully you do same studying depending on how much time you have.
7. Heard domain 6 has Soc questions..
Someone took test and failed twice
8. Start taking full test asap, use pocket cissp, geared towards sybex book

Study hard, review as many questions as possible,,lol
Newcomer I

Ok u brought sybex 8 the edition, get practice book also, see my Post,, I m doing what I said

My class had SOC in domain 6, nail it, class by learning tree..

If you have enough time, study Right and wrong answers!!

Heard a few people in his classes passes, depends what you mean by studying not just reading book,, use as many practice questions as possible,,my son also but not sure how he studies..I m going thru each chap rev, look up page where answer is in the book, read it, Remember it, review in sybex BK

Example, domain 7 sec ops, ch 16,17,18,19 in sybex book..
So each chap has 20 questions x 4 chapters = 80 questions + 100 practice questions = 180 questions you need just for domain 7,,
Domain 7 is large domain

Domain 8, only ch 20,21,,
20 x 2=40 questions + 100 practice =140 questions, still a lot to look up, right wrong answers in sybex book for software development do ain 8

So I am using word file for each chapter in 1-20, what page, for right wrong answers since son studying too.

So if you do 8 domains, sybex book, 21 chapters,
21 x 20=420+800 practice questions around 1200, questions that you look up right and wrong answers, also take practice questions Tests to feel and confidence as well..

So after 1200 questions and practice tests you can find, cissp is after all inch deep, mile wide,,

After all those questions, you are inch deep mile wide, in your brain!!!

Let you know in July, 2019


So if you lack an area, cissp exam will give you another harder question....

Anyway I shall see in July,,
Newcomer I

Good job, my turn in July, 2019,, have not seen test for a decade,, oh well, I m backwards,,mid, Feb, got July 2019..5 months left starting to gear up, here we go!!!
Newcomer I

Oops not 2000 questions only 1220 questions,plus full exams, from as many full tests as possible...
Community Champion

Here are a few suggestions that come to mind - what helped me and some of my thinking:


  1. Do the due diligence - Should I take this exam? Why am I taking the exam? Do I have enough experience to take this exam? If I take this exam do I have the experience and ethics to professionally perform as a CISSP?  Why do I want to have this credential? 
  2. Take due care - Do I comprehend the meaning of the material? Do I understand and can I apply the key concepts? If I was thrust into the main role as a security professional at my organization could I competently handle it?
  3. Stop and go back to gain experience in the bodies of knowledge if I cannot answer suitably any of these questions.
  4. Make a plan to assimilate all the "book knowledge" I can. Use the most recent materials. Focus on my weakest areas. Meet with other students online or in person. Make A B C D questions for them in their weaker areas; have them make similar questions for me in my weaker areas.
  5. Keep apprised of the latest news from SANS or other groups.
  6. Understand the basics contained in the NIST SP 800 series.
  7. Read whatever I can in infosec and/or cybersec so I UNDERSTAND THE BASIC CONCEPTS.
  8. Do power study sessions 3 times daily -- 20 minutes per session. It's like drinking water or eating little bits, chew well.
  9. Drink small bits of water when I can -- it helps my concentration and memory.
  10. Read mindfully. Ask myself why did the author wrote this? Does it make sense? Can I find exceptions? Be able to see through the mist and murk of opacity. Be able to focus on the truest and most logical response.
  11. Get plenty of sleep - dream and rest and cogitate - ponder and muse. Do not stress.
  12. Take a class with others to see where I stand in respect of your accumulating knowledge.
  13. Do ALL of this work before even contemplating writing this exam.
  14. Once you have done all of that. Plan to write your exam 6 months from that point.
  15. Keep yourself sharp by power study. NEVER CRAM! 
  16. Be mindful of my stressors. Write them down. Call them out. Refute them.
  17. Practice slowing down.
  18. Take many practice tests.
  19. Be kind to my before the test and after the test - I did my best, so I have nothing to reprove or to remonstrate myself with..
  20. Realize that I have just begin a journey and the journey is not the end point. The journey is for me to do and be good to myself and my principals (that is, ever one with whom I interact); and for me to be well, act ethically and in the interest of my community.

Good luck and keep learning.

Influencer II

> Careychin (Viewer) posted a new reply in Certifications on 02-17-2019

> 2. Get
> practice questions, 100 questions, per domain.




> 4. Be careful too many books


You can't read too many books


Other posts:

This message may or may not be governed by the terms of or
Newcomer I

What did you do differently to prepare for 2nd attempt?
Newcomer III

I passed on the first try.  But i know a lot of the frustration comes from people thinking too hard about the answers and being too technical with the answers.  Something to think about.

Andrea Stansbury- CISSP
Newcomer I

I did my best. Honestly I dotn understand why I failed at 150 questions the
first attempt and passed at 100 questions in my second attempt:-)
Newcomer I

I failed after 150 qns in my first attempt last week. I was very slow in the beginning. I completed just 20-30 qns during the first hour. Then I got really nervous. I felt the qns were easy in the beginning, then after an hour or so I started getting confused , overwhelmed, frustrated at vaguely worded ,never ending , questions. I got above proficiency in 1 domain, below proficiency in 1 domain and near proficiency in 6 domains. I don’t understand what my weakness is. I don’t think I got managerial type questions. This was quite an experience. The domain I got above proficiency was something I was most confident , before the exam.