Hi all (my first post). I have been hunting for a new certification to take this year and wanted some advice on the cissp, I thought this would be a good place to start. Background - 12 years in IT, 6 as a functional manager ( security, architecture etc) but only for small companies. I came across some CISSP example exams on GoCertify and managed 80-100% on all 10. My question is, how far removed are those questions from the real exam? I'm not looking for an easy pass, but I wouldn't mind a quick one (in the sense that it sounds like something I've been actively doing for about 5 years now so there isn't really going to be a learning curve). Anyone have any suggestions for a guide / book / course with which someone with my experience could probably look towards taking this exam within the next 2 months ? Any suggestions appreciated (including harsh realities !!!). Many thanks
Some quick thoughts:
-- I'd say your experience gives you a good starting point
-- I don't think GoCertify is a good resource for this exam, or others that are well run for that matter
-- I think the best method - at least the one that worked for me with the CISSP (passed in September) and other tough exams is:
Use as many of the official resources as your budget will allow - if possible read the Official Study Guide cover to cover, take good notes and take and re-take all of its chapter test and practice exams. Get the official mobile app for Android/iOS and take its quizzes and use the flashcards
Make sure you're feeling strong on all of the 8 domains and getting high scores (for me, at least 85-90%) on all the practice chapter tests, exams, and quizzes
Take roughly 50% of your exam prep time just reading the study guide and making notes on it; use the other 50% for doing all the practice tests, identifying your weak areas, and reviewing those until you're strong across the board / domains
Go fast if you want, but make sure you focus most on being 100% ready. I pushed back my goal for when I would take the exam a couple times in order to have more time to work on all of the above.
Just my quick 02 on the sort of method that works for me. Good luck
Agreed, GoCertify was simply the taster. It helped me realise that there's a qualification out there that wont require me to ingest too much 'off topic' information. I started with 2 books (Kindle edition), the official study guide (v7) and the practice tests. There is a lot to go over but I think I might start with the practice tests, I understand the topic and know that even 5 years experience is not enough so I think I will try and see which domains I have the least knowledge in and start there. My aim is to put roughly 2 hours a day (and 3 at weekends) with an aim to take the exam by the first week of March (gives me about 150 hours of prep time). My only concern so far is that some of the things in this book may be out of date / no longer good practise and am wondering now whether the exam will stick to what's in the book, or start throwing curve balls... As a recent pass, what did you think of the exam?
I think your plan sounds solid and similar to mine. I aimed to do 1-1.5 hours per weekday and 5-8 hours on weekends. I used the same Kindle edition and did not find it to be out of date. I will say that even with all the chapter tests and practice exams and quizzes I saw a *very* small percentage of the actual questions on the exam - BUT, that did not trouble me too much because my prep had left me with a thorough understanding and grasp of all the topics within the domains.
Also,as I imagine you know, remember the 2018 exam is changing format to shorter time, less questions, and questions determined by your answers as you go through it. I'm probably paraphrasing badly here - bottom line,exam format changed significantly.
I found what helped me, although it was on the paper exam, was to set a test date, and then prepare as hard as I could and take the test. By setting a date, you force yourself to get ready versus waiting to set a test date when you "feel" ready. Studies have proven that by setting a date you commit yourself fully and are less likely to pass up study time because you want to go out with friends or do something more fun than reading the official study guide! (LOL!). I took that gold book with me everywhere. I finished my study with a bootcamp combined with the exam. I treated the bootcamp as the cherry on top of the cake rather than the whole cake. In other words the bootcamp would just help me fix the small things I had left to fix before the exam and not trying to cram all of the domains in in one week. If you are not going to do a bootcamp I would definitely use multiple books to study. Stay away from the exam "brain dump" sites, not only is it unethical and violating of the canons of ISC2, it cheats you of the learning experience. I am not saying GoCertify counts as one of those or not, just if you were thinking of using one of those, don't. If you use reputable test sites and you are scoring above 80% you should be ready. If you are not consistently getting above 70% I would recommend continuing your studies.
Recommended books and resources