cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
gphalpin
Reader I

Does Adaptive Exam Devalue the CISSP?

Hi Everyone, 

 

This may have been covered a few months ago when the news was first announced, but I just recently learned the CISSP exam became adaptive. Colleagues asked me about my exam experience. That was three years ago when the exam was up to 6 hours long and 250 questions. So I showed them the web site to go over the domains, exam info, etc. 

 

I was very surprised to see the exam (English language) is now 100-150 questions. While the material is still demanding, I think the CISSP had a strong reputation as the premier information security certification because it was so rigorous with 250 questions. It was a long, tough exam. And people respected (sometimes grudgingly) those who passed. 

 

At 100-150 questions, does this devalue the CISSP? The Security+ is 90 questions. People used to believe the CISSP was several notches above Security+. Now people might think the CISSP is just one notch above or lump them together.  

 

I'm not trying to take anything away from those who passed the adaptive exam. I'm concerned about the long term implications this has on the value of the CISSP certification in the eyes of IT security professionals.  

 

Thanks,

 

Greg

 

 

45 Replies
dersven
Viewer II

I (provisionally) passed my exam (CAT) today, and I can say: that was some serious sh** ! Smiley LOL

 

To my mind there is no difference in asking 250 random questions in 6 hrs or 100-150 questions targeting on your weak points. 

 

CISSP is definitely not a certification you can get by just memorizing  books and questions. A strong background/working experience and understanding of information security is essential and helps a lot, no matter how many questions there are or how much time you have to answer.

 

I'm now really looking forward to the endorsement process - can't wait to be a certified (isc)2 member! Smiley Very Happy

r3daction
Newcomer II

I think too much is being put into this. The only persons that could see there being any devalue, are others that have passed the CISSP. Shame on them if they do. HR at your local hospital does not know how many questions you were asked, your percentage right or if you merely lucked out. Just like I don't know how narrowly or grossly a board certified physician passed the board. All I know is that she did and my care is now in her hands. I presume that her two years of experience after four years of residency is enough to deliver my first born child. I am not going to ask how many questions she was asked when she was grilled by the board physicians, those entrusted to keep the integrity of medicine at it's highest. 

Gary23
Newcomer II

I have taken the old version of the CISSP exam twice and passed both times.  While I have not taken the adaptive form of the test, my cube-mate took it and described his experience.  While it is great to see people's reaction when they were told it was a 6 hour, closed book test, that's just for fun.  I guess some see it a right of passage.  I see that as reserverd for small talk at parties.

 

I studied hard, but I am also a skilled test taker.  With the old format, the distibution of questions on the domains was fixed. You could mark questions for review and sometimes you could get a clue on the question which stumped you from other questions.  

 

I believe the new test focuses on content and removes the factor of test taking skills.  Its new format gives you no place to hide.  It finds your weakness and keeps up the pressure.

 

The goal of the test is to ascertain the knowledge of the candidate and I believe the new test format does that.

 

I plan to go for my CISSP-ISSEP and I will not take the test lightly.

Lamont29
Community Champion

Great summation @Gary23. I am also planning to sit for the ISSEP. Good luck to you and if you certify before I do, be sure to look me up soon after!

Lamont
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
Musashi
Newcomer I

I do not think  the adaptive exam is any easier than liner exam in fact after taking both types  in the past I would say that it is harder but  you do not encounter many exams which are 6 Hours or even 5 Hours with some of the SANs exam.  Also the reason that ISC2 changed the format was not down to making the exam more efficient  or harder it was cost as Pearson Vue was complaining.    

 

Additionally  the way I found out about the change  was down to quite a few people going for exam in my company which was unheard of so I enquired. The first thing  a colleague said to me was that new exam  was only 3 hours and only  100-150 questions, so for anyone to say that the duration is not a factor is wrong. If the London Marathon went down to 13 miles and based on your performance you could stop at 10 miles they would be inundated with applications.

Lamont29
Community Champion

Even though the test used to be 6 hours, I doubt if competent security
professionals required the entire 6 hours. Using the marathon analogy, if
you must go 4 hours without water or 6 hours with water, most skilled
runners would choose 6 hours.

In the new format, there's no going back to a question that you were unsure
about earlier. You either know the answer or you don't. And you have less
time per question as well. People are comparing apples to oranges when
making these comparisons. I studied for the 6 hour test and was surprised
by the inability to go back and check a tough question.

You have just as many complainers now on the 4 hours format (maybe more) as
when the test format was 6 hours. That's the true verdict.
Lamont Robertson
M.S., M.A., CISSP, CISM, CISA, CRISC, CDPSE, MCSE
Rayz
Newcomer I

Although I don’t think that adaptive exam has easier questions, the mere length of the exam deevaluates the CISSP. How? Well, if you have failed the 6 hour exam, you would think really hard to retake the test. With 3 hour adaptive test, you can take one every month and won’t break a sweat!
The result? Moving forward, we will have more “harly-passed” CISSP professionals. Also, nothing special about the 3 hours(look! Security+)- the 6 hour test had its reputation of being tough.
Musashi
Newcomer I

Totally Agree,
Musashi
Newcomer I

I can use the marathon terminology because there are loads of difficult adaptive exams but not many 6 hours for that reason the exam did not build up a reputation on the latter. If the adaptive exam time was solely cut down due to increase difficulty I would agree but it was not, it.was cost. The test is the reaction of non security proffesssial I had 6 hour exam vs I had a tough exam with 100 questions 3 hours is a common format for Lawyers and other proffessions. So i agree with that you either know ir you don't but duration was the frightening factor especially if you fail. Metrics will be the best determination of both formats.
dreastans
Newcomer III

What's challenging about the CAT over the Security+ is that you cannot go back and answer a question again or review it later.  Second, the test feels much, much harder than any other exam I've ever taken (and I've taken a fair few).  Security+ was a cakewalk compared to the CISSP.


---
Andrea Stansbury- CISSP