cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
mnold
ISC2 Team

Share Your Story: When You Passed Your CISSP Exam

I’ve been working for (ISC)2 for almost 5 years and over the years I’ve met many CISSPs at (ISC)2 and industry events. In our conversations I'll often ask them about their experience taking and passing the CISSP exam, as it’s a huge accomplishment and everyone I’ve heard from remembers the day they found out that they passed.

 

One story that has stuck with me is about a member who was taking the exam back when it was paper-based testing and about half way through his exam he realized that two pages were stuck to one another, so all of his answers from then on were off. He luckily was able to erase and adjust all of his answers in time and he later found out that he passed. Talk about a nerve-wrecking experience!

 

I’d love to hear your story…

88 Replies
CraginS
Defender I


@johnjo4n wrote:
You ever use that name again without my permission and we are going to have problems.

John,

My sincere apologies for inadvertently offending you, I thought it to be a courtesy to use your given name. In fact, I do fully understand a preferred name usage, since I have used only my middle name my entire life. That is why I edited my own profile to show first initial and middle name in my the FirstName field. 

 

I hope your day gets better.

 

Best regards,

 

Cragin

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
112NextLevelPro
Newcomer III

I posted this on another forum.

TL;DR - I'm honored to be a CISSP!

 

Wanted to share my experience the day I took my CISSP (took this a few years ago). (No information about the exam will be given, unless publically available from official (ISC)2 resources and websites)(I sound like a poorly worded warning banner)

 

* Just wanted to add, I had about a good 15+ years in IT with varying rolls as technician, Sysad/SysEng/NetAd/NetEng/SysArchitect before I took this exam. Which helped me with the technical side.

 

My exam started at 12:00pm. I remember the day because before I left, my son took his first steps and for some reason, I felt good. I got up, went to my church early that morning, did my rosary like I did every morning. Came back home, went over some last minute notes. Tried to force down a good breakfast (my wife went all out making overeasy eggs, scrambled eggs, omlette's, sausage links, bacon, pancakes)(it was only me, my wife, and my infant son at the time, and the majority of it was for me. Love my wife) , because everyone knows from cert taking experience, or those that write certification books on how to prepare for a cert that you should, get a good nights sleep (yeah, I didn't sleep), and eat a healthy breakfast (I was too nervous and didn't eat much).

 

So, I take off about 45min before the exam to get the the testing site. Get there with about 20 mintues to spare (you can imagine how I drove there). Signed in, took out my DL, SS card, Passport, I think I even brought my birth certificate. The guy laughed. They provided me with a locker to put my watch, cell phones, wallet, pretty much anything in any pocket and everything pretty much except what I was wearing for clothing. (It wasn't optional)

Takes me to the this sound proof room with microphones everywhere from the ceiling and camera's to match. Sits me in a cubicle with adjoined cubicles all with partitions too high for any giraffe to look over.

So I log in, state information that's requested, do the intro, and start the test. Yep, sure enough, I read through half of the FIRST question, and my stomach turns into the hugest knot I've ever had in my life. I literally was shaking, for 20 minutes and fighting my stomach which felt like I got kicked by an elephant. It took all of me to calm down, and racked through the first 100 questions or so. I don't recall how much time passed, but I took a good 30 minute break.

Looked out the window in the designated break area and just prayed. I wanted it over with, but knew I had what felt like 1000 questions to go.

I take a swig of water out of the bottle I had with me earlier, and went back in. Felt a little better, a little more calm. I went through and did another 100 questions and took another break. So that was a good 30 min break I took.

While I was there, on break, I was talking to a guy who said his daughter was taking an EMT exam, so I knew that there were mixed exam types being proctored at this site. Took my last sip of water, looked up and asked God to let me finish this.


Went back in and finshed the remaining questions. Took a good 5hrs and 30min in total (with breaks) to complete and review my questions, I changed maybe 3 answers. Finshed the exam. Got up and said to myself, "I failed". I just wanted to get my results and leave. I went up to the proctor who gave my results to me upside down. He didn't even look at it. Just handed it to me. I took a deep breath, turned it over, looked at it and it said congradulations....didn't remember reading anything else, except to look for my name to make sure it was my results. I just started crying. But it was the best feeling I've felt in a long time. I think I hugged the guy. He asked, what exam I took, and I said, the CISSP. He said, yeah, I see people come in here crying after seeing the results of that cert and leave crying out of the room (indication that they may have failed it). I thanked God that I passed this. It was the hardest thing I ever prepared for in my life. I didn't care for college as much as I did this cert.

It was long journey. I studied very VERY casually for like 3 years, but when I got serious to take this exam, I took 8 weeks total with a bootcamp (helped gap maybe 5-10% of my knowledge). During that time, I snuck in a lot of time at work to study, so I was always buried in the Shon Harris "Gold Brick" AIO making excuses I was looking up Information when people asked me what I was doing. I had 2 of them plus 2 other study guides, so I had a copy at home and at work (You know who you are and know how big Shon Harris AIO books are. Read that beast 2X cover to cover). I would get home everyday, my wife would cook dinner, then tell me to go in my office and study. That whole time, she took care of my son with everything, feeding, bathing, spending time. I missed a few parties, and some other things, but I stayed to it. I would say I studied on average 6-8 hours every day those 7 weeks and more on the weekends.

But yeah, that's my story! I'll never forget my experience and I will never take this exam again!

Cheers!

j_M007
Community Champion

@112NextLevelPro

 

Very inspiring story! Thanks for sharing.

rslade
Influencer II

> mnold ((ISC)² Team) moved a topic in Exam Preparation on 06-15-2018 02:35 PM in

> I’ve been working for (ISC)2 for almost 5 years and over the years I’ve met
> many CISSPs at (ISC)2 and industry events. In our conversations I'll often ask
> them about their experience taking and passing the CISSP exam, as it’s a huge
> accomplishment and everyone I’ve heard from remembers the day they found out
> that they passed.   One story that has stuck with me is about a member who was
> taking the exam back when it was paper-based testing and about half way through
> his exam he realized that two pages were stuck to one another, so all of his
> answers from then on were off. He luckily was able to erase and adjust all of
> his answers in time and he later found out that he passed.

When I ws doing the seminars, I had a piece of advice that I gave to all of them.
The paper based exam, as some of you may not have realized from the story
above, had an exam sheet and a separate answer card. The answer card was a
standard form used for other exams, so it had 400 rows of five options, not 250
rows of four.

One of the controversial pieces of advice I gave was that, in opposition to those
who said to go back and check your answers, I said to answer the question and
move on. It is easy, on teh exam, to overthink questions, and to get to thinking
that there must have been some "trick" you missed. (Your first answer is usually
the right one.)

There was one proviso: I told candidates to go through the exam and answer every
tenth question first: 10, 20, 30, etc. Not because the tenth questions were any
easier or harder, but because it provided a check if you got "off by one" at some
place doing the exam ...

When I took my own exam, again in opposition to many of the horor stories I'd
heard about how they were sure they had failed, my major problem was boredom.
I had to catch myself, every once in a while, having zoned out and staring out the
window.

(Not that it was exactly easy: I remember it took me some time to calm down
from the adrenalin rush after the exam.)

I recall that, in the study leading up to the exam, I had somehow fixated on the
RADIUS protocol, and was convinced that, if I didn't know absolutely every detail
of the protocol I was going to fail. Predictably, there wasn't a single question on
RADIUS on the exam I took.

Also, I remember, for the first dozen or so questions, I *was* rather convinced
that I was going to bomb. The CISSP exam is unlike any other you are likely to
have taken, and it takes a while to get a "feel" for the questions. (Remember that,
those of you who are planning to take it. Don't panic. It'll come.) Once I got
the feel I got quite comfortable with it, and my "test and measurement" training
from education kicked in, and I could see exactly how good the questions were, and
how much work had gone into making them good.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
It is vain to do with more what can be done with less
- William of Ockham (1288-1348)
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Skairipa
Newcomer I

Passed this morning - 09252020

First of all I will say that I went into the exam with very little confidence that I would pass. I've been studying since about the beginning of March. I have been out of work since then as well so had time to study. I did not, however, study 6-8 hours a day 7 days a week. Usually 5 days a week and 2 to 4 hours per day. I like a variety in my day. Nevertheless, that is a substantial amount of study time but I just felt the body of knowledge is so vast there was no way I could get a firm grasp on it all. Frankly, I really just wanted to get it over with. (sad trombone)

And yet, one thing was kept in the front of my mind. That was the advice given here (not this thread but this community) by Robert Slade (https://community.isc2.org/t5/user/viewprofilepage/user-id/1324864413).

I read very carefully all the questions he posted, the responses and the logic behind the correct response. And that is the attitude I carried into the exam with me - this exam was about critical thinking, logic and deductive reasoning. It's one thing to think like a manager, it's quite another to elevate your thinking to resolving problems critically.

Sure, I studied the material, I spent time learning (not necessarily memorizing) technical details that I thought would assist me in choosing the best, most, least applicable answer from the choices given to me in each question. I did not venture beyond the choices on the screen. Nor did I take the position of "Well, if it were me...etc". Nope. I tried to stay as unemotional, coldly factual and calculating as I could.

I don't have a long CV in a specific cybersec role. I've been more of a generalist. I actually learn better hands-on, on-the-job, rather than academically. I'm a strong autodidact. I don't have a post secondary degree of any kind.

But I've been in mid to high level management positions and I have studied critical thinking.

So, how did I do?

I barely answered 100 questions in just under 2 hours when the screen told me I was finished. Frankly, I thought I failed. I thought the CAT just rolled it's virtual eyes and said, "OK buddy, you're done. Just stop wasting my time." I was somewhat stunned when I later read the results letter. But I've also been told that this is not uncommon. Most people, who do well on the exam, don't feel they are doing well during and immediately after the exam.

Study materials:

One month online, self-paced course, based very closely on the ISC2/Sybex Official Study Guide - I made very detailed notes of this course. Writing/recording things helps me remember. I then broke them out into domains and studied them in those groupings (the Sybex guide isn't specific which chapters belong to which domain)

Wiley Test banks - I ran through them once. On practice tests - I only used them to identify weak spots and affirm what I thought was important. There are no practice tests that can prepare you for this exam. So I just viewed them as another source of study material.

Some flashcards (I actually don't like working with them, so although the access to them was free, I hardly used them)

11th Hour CISSP. I played one book off the other to help reinforce key concepts

NIST 800-100 Information Security Management: A Handbook for Managers (skimmed)

NIST.SP. 800-53r4 (skimmed)

FISMA compliance Handbook 2nd Edition (skimmed)

Some random web pages, blogs or articles I would come across.

I skimmed over various regs and frameworks that interested me

And - most importantly Robert Slade's advice. Seriously.

 

As I write this I just received confirmation from ISC2 that this mornings conditional pass is no longer conditional. So it's official. Phew! Two more steps and I can pin it next to my name!

 

Again, I highly recommend getting out of your technical/technician/analyst mindset. 

 

Good luck to all exam takers! AND THANK YOU ROBERT!

 

CY
Newcomer II

Passed my exam on 16/9/2020.  Had previously sat the exam and passed in 2005 just to validate if I am up to the mark.

 

And went on to submit online for CISSP endorsement.  Received the following reply from ISC2:

 

"...If you wish to hold the CISSP certification again, you must satisfy your outstanding AMF’s in order to bring yourself into good standing with (ISC)2.  You held our certification for 3 years and did not pay for it. (6/1/2005-5/31/2008)  You must also pay the AMF that is due prior to recertification which will cover (10/1/2020-9/30/2021) if you should decide to recertify.  This is not a choice. It is what you need to do in order to hold the CISSP certification again.  There is no appeal process.  Please contact us at your earliest convenience with your payment so that we may proceed with your recertification. ..." - how sweet...LOL

 

Upon further enquiry on the certification in 2005, below was the reply:

 

"Thank you for your email. You passed the CISSP exam on 5/5/2005 and became certified the same day. " - really? Wow...

 

rslade
Influencer II

> Skairipa (Newcomer I) posted a new reply in Exam Preparation on 09-25-2020 06:51

> THANK YOU ROBERT!

Quite welcome. Happy to be of service.

(Thanks for posting the link to all my postings, but what those taking your advice
might really want is:
https://community.isc2.org/t5/Exams/CISSP-questions/m-p/18626 )

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 0367682699
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Skairipa
Newcomer I

Quite right. And here is the opening of that thread and what stuck with me all the way through my training and studying:

 

"Right.

 

For (and from) all the newbies out there who want help for studying, there have been numerous questions about, well, questions.  As in, "what's the best set of practice questions to use while studying for the exam?"

 

The answer is, none of them."

 

Take these words to heart everyone studying for the CISSP. This ain't no memorization check/test. It's a test of how you think.

abhattac5
Newcomer III


It took me eight months, quite a few books, quite a lot of time, and a detailed plan, but I somehow passed. Probably, it came down to lots of time spent preparing, a *lot* of practice questions and tests, and lots of drilling with flashcards. The official materials helped, along with the CISSP app and Quizlet flashcards.

My experience in more detail is posted here.
https://community.isc2.org/t5/CISSP-Study-Group/Passing-the-CISSP-My-Experience-Oct-2021/m-p/48366#M...

Thank you!