I’ve been working for (ISC)2 for almost 5 years and over the years I’ve met many CISSPs at (ISC)2 and industry events. In our conversations I'll often ask them about their experience taking and passing the CISSP exam, as it’s a huge accomplishment and everyone I’ve heard from remembers the day they found out that they passed.
One story that has stuck with me is about a member who was taking the exam back when it was paper-based testing and about half way through his exam he realized that two pages were stuck to one another, so all of his answers from then on were off. He luckily was able to erase and adjust all of his answers in time and he later found out that he passed. Talk about a nerve-wrecking experience!
I’d love to hear your story…
I passed my exam less than a year ago and it was probably the longest exam I had ever had to take. I had planned a study regime before the exam and due to availability of exam places on the dates I wanted, I travelled from Essex to Coventry the night before so I could be ready for an early morning exam.
I had struggled somewhat with the practice exams and although I had felt fairly confident with the real exam itself, I had no idea of what the result would be when I was handed the result. Reading that I had passed was a very emotional moment, I had to sit down on a park bench and sit and watch the world for a bit, with a big smile.
My company had paid for me and one other to take a Boot Camp style training. We were there with about 15 other candidates. On day 7 we took the exam. Throughout the week of training I learned how many of the people in the room had all been in the security field far longer than me and had much more experience. The daily testing of the day's information and nightly reading were non-stop pressure. On day 7 we sat in a room with laptops linked to a router in the middle of the room. The proctor sat at the front of the room. Each of us had a separate drive connected to our laptop I assume so that none of us had the same questions and physical security of the device could be better managed until it was used. When you finished you walked to the front and received a printed paper. It either gave you a grade, or congratulated you on passing. I remember marking some of the questions and reviewing again before I made my walk. Thankfully it was to be a walk of relief and reason to celebrate. Sitting in the hotel lobby where the training took place, there were a mix of people with big grins and a few who were not so fortunate. There are 2 exams I would never want to take again: the PMP and the CISSP.
I passed the CISSP exam last April 2017. I prepared for the exam actively over one year first through self-study and then a sponsored instructor-led training by my employer. However, I had to contribute to paying for the exam.
The proctor was shocked when I signified I was through with the questions after about five hours. He asked me repeatedly if I was sure. I hadn't even taken my snack break although I came out once to use the restroom. In all, it was a great experience preparing and sitting for the exam. It reinforced my professional outlook and self-confidence.
I took the exam in 2007 and was extremely nervous about it. The first four question I didn't recognize, it wasn't that I could think of the answer I didn't have any idea of the question. I was thinking why was I here, I should just get up and leave and try to salvage a Saturday. I thought that would be too embarrassing so I would stay and complete it, but now I was stress free. The next question I knew the answer as well as the next. As I progressed I knew a lot of the answers and was ably to eliminate bad answers from some. In the end I passed, but still wonder if by not knowing the first four questions, which allowed me to take the exam stress free, was what helped me or not.
Before I went to take the CISSP Exam, I decided to "warm-up" by taking the SSCP. This was back during the paper-test days. I selected my date and when it came, I drove into the city of New York and began looking for the banquet room that was set up as a test center. I couldn't find it so I double-checked all my paperwork and found to my dismay that I was there a week early! To make matters worse, the actual test date was during my vacation! It just wasn't in me to reschedule so my wife drove me into the city from Lancaster, PA where we were vacationing to take the test. The good news is that I passed and it gave me the confidence to take the CISSP a couple of months later.
Good luck j_M007! There is success at the end of your story just like mine. It may take a different road but you will arrive. I look forward to hearing about your experience!
"Fully prepared?" Well, obviously not.
"majority of the asked questions in the exam were irrelevant"
I find that hard to believe. I took the exam long ago, and they've changed the format considerably, but there is still an exam committee, and they still do a lot of hard work to generate those questions. On the other hand, I can well believe that some people who really don't know the field can easily think the questions are irrelevant ...
"I did not find single technical question as per the official CISSP book"
Wait. You think that simply reading and memorizing the sample questions in the book is going to get you through the exam? And you "referred entire book twice." You only read one book? You only read one CISSP guide? Even if it's the "official" guide? I'm beginning to see what your problem is here. Have you got any background in security? Let alone the five years that you are supposed to? Have you read any of the security source literature? (CISSP guides, official or not, are not source security literature ...)
"the exam pattern was unexpected"
Well, what did you expect? That the certification is just a measure of how well you memorize a bunch of sample questions? The certification, and the exam, is suppose to assess your command of some facts, yes, but more your ability to synthesize and analyse, and, most important of all, to determine whether you have the judgement and critical thinking skills to be a security professional. Your posting indicates that you probably don't.
I'm sorry if that sounds a bit harsh, and maybe you are just carelessly venting after a disappointment, but your posting is all we have to go on at the moment.
"atleast I should expect more in depth technical and managerial questions in the exam, which I observed NOT."
Well, yes, you should expect technical and managerial questions on the exam. And it is possible (though I would think unlikely) that you were simply the victim of a really bad random selection set on the part of the exam generator.
"You've decreased the time and questions"
Is this based on your experience? Have you taken the exam before? Or are you assuming something based on perhaps incomplete stories that others have told you? You might want to consider that preparing an exam like the CISSP might be a bit more difficult than the "skill testing questions" that get you giveaways.
I'd try finding a study group where you are, and find out what some others are studying, and how much they plan to learn before writing. Read "Security Engineering" by Ross Anderson (you don't even need to buy it, since earlier versions are available online for free) and see if that expands your horizons any.
@rslade is right; you shouldn't expect to get through the exam with the knowledge gained from just one book.
As I recall from a description I came across before, the CISSP is 'a mile wide & an inch deep' --- and believe me, it takes a lot to scope that area. Check an earlier post of mine to get a brief idea of what that is.
In addition, also try to recall what questions you got & how you answered them, & then do some research to determine why your answers were incorrect.
I'm sorry you didn't clear the exam, but do give it another try. Even if it's a long path, the rewards will certainly make it worth the effort.