cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
btzackanlive
Newcomer I

Failed second time, need right advice and guidance.

 
14 Replies
JKWiniger
Community Champion

The first thing I will ask is do you have any idea where you are falling short?

 

Are you comprehending the material? Many other tests you can just simply memorize enough question and end up passing, but it seem with this test I hear people doing better when they have a good understand of the material and look at things from a best practices point of view. I have mentioned in other posts how the CISSP exam is from the best practices mindset where as the CISM is from a management mindset. Having the right mindset on one of these tests makes all the difference.

 

John-

btzackanlive
Newcomer I

Hi John,

 

I fell short on "Security and Risk Management", "Security Assessment and Testing" and "Software Development Security". First time, I fell short also on "Identity and Access Management (IAM)", but I push it forward this time and got it "Above". "Security and Risk Management" is still low at this attempt. 

 

When taking second attempt, I understood questions better but I also felt I lacked "something" compared to other times I took other tests and passed. 

 

I agree with you that I might need to "look at things from a best practices point of view." But what should I do to improve those weak areas?

 

Thank you.

csjohnng
Community Champion

@btzackanlive 

Actually CISSP is not the hardest (at least not that hard to me) but different people has different strength and weakness, so can't comment.

my advice for exam,

1) knowing the domain "inside out" is important,  knowing which domain to improve and spend time on those. With only 1 domain Above proficiency, definitely it's far from par (CISSP has 8 domains)

 

2) read question "carefully", since many people complain about the English on how the question is worded (I am not an English native speaker but I find no problem in this myself).

 

3) during the practice, understand every multiple choice is offered. If you have known the domain inside out, you should able to identify which answers are distractions normally 2 answers are very obvious wrong one and pick the best one from the other 2 which give you a step closer to pass.

 

4) Apply #3 in your actual exam and do not panic, stay calm, even you have questions you are not sure, ok to pick an answer, move on and don't drag on too much and don't think about it after you press the submit or next question ( because you can't do anything about it already)

 

5) Time management, since CISSP is a CAT (non-linear), getting correct answer in the beginning and make the test giving you more difficult question to secure higher mark and having a good start is essential (hence spending more time in the beginning would be ok) otherwise you may not able to get enough "weighted" question to get the pass the test. (IMO).

 

Finally it's not about who answer lesser question and got pass, but when you plan to finish all 150 question and hoping a pass is a very dangerous (or marginal), always aim high, even if you have missed, you won't be too far. I think very much you may need to work on point #1

I recall my exam stop at 10X questions

Hope it helps. and I hope next time you said you answer question ~120 or less, exam stop and you got pass.

 

John
btzackanlive
Newcomer I

Hi John,

 

Thank you for your response. I agree with you on most of your tips. 

#1: I will absolutely work on the weak areas to improve it with the right mind set. I got three "below", four "near" and one "above" from the last attempt, so I think I am on the right track. I figure out I like to pursue CISSP certification because the gaining knowledge helps me on my daily basis of workplace in IT area. 

#2: I agree with you. The wording style of questions are varying. I am feeling the exam is made by many people, not only one or two.

#3: I do pretty well on this in my second attempt. I could narrow down two amongst 4 choices pretty quickly. But need to choose the right one "faster".

#4: I agree with you. Because I don't not know some topics "inside-out" really well, I was still stuck at choosing the right one between "final twos" when they sounded similarly and both true. 

#5 and final: I agree with you: I should aim higher other than finish all 150 questions. 

I don't know when I will be really really "ready" to take the test again and pass. But just continue to study. 

Thanks again. 

rslade
Influencer II

> btzackanlive (Viewer) posted a new topic in Exams on 04-19-2021 11:34 AM in the

> Hi Everyone,   I started to study for CISSP from October 2020 with reading CBK,
> Official study guide, All-in-once and their practice tests.

[Sigh.]

Practice tests usually aren't worth the paper that they're not printed on. Check
out https://community.isc2.org/t5/E/P/m-p/18626 for more advise on the way to
approach exam questions.

> I am having CCNA,
> MCSA, CompTIA Sec+ and Symantec cert, so I thought this was enough for the CISSP
> exam.

The CISSP is likely the hardest, and certainly different from any other,
certification test you've ever taken.

> I've never failed
> any exam since the date I started to take tests with Pearson Vue.

See above.

The result of
> first attempt really made me sad.

Don't be sad. Look at it as an opportunity to improve 🙂

======================
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
"Cybersecurity Lessons from CoVID-19" CRC Press 978-0-367-68269-9
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
[Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
http://en.wikipedia.org/wiki/Robert_Slade
https://is.gd/RotlWB http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
rslade
Influencer II

> btzackanlive (Viewer) posted a new reply in Exams on 04-19-2021 12:40 PM in the

>   I fell short on "Security and Risk Management", "Security Assessment
> and Testing" and "Software Development Security". First time, I fell short also
> on "Identity and Access Management (IAM)", but I push it forward this time and
> got it "Above". "Security and Risk Management" is still low at this attempt.

For specific help in specific areeas, check out
http://victoria.tc.ca/int-grps/books/techrev/mnbksccd.htm

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Internet: please stop making everything with video tutorials.
I can read faster than you can talk.
- https://twitter.com/jvdgoot/status/481708625082474496
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
csjohnng
Community Champion

Knowing when yourself is ready is not easy. (everyone has different option on this).
For me, certification is not a process of learning but assessment on one's knowledge, hence one should be equipped with knowledge when/before going into the test.
Using the official study guide, doing the questions at the end of each chapter/domain will give you a fair assessment.
If you can tell/explain to yourself clearly on every single question why the correct answer is correct and why the others are incorrect, what are the 4 choices talking about.
Then you prove you know the material well. I will aim for ability explain at least 90% (or even 100%).
Why 90%? Say the passing score is around 70%, and I am giving myself a 10-20% (max torlence) of falling short in the actual exam (either I don't know the answer, I mis-interper the questions or I select wrongly for whatever stupid reason), then I still have a very high chance of passing (90%-20%=70%)

And in the beginning (or even before) of the exam, I know I am ready or not, the end exam is just a confirmation of my belief. I won't go into exam with empty hands, else I will reschedule. (so far I have 0 reschedule for all my ISC2's exams and passed all in the 1st attempt).
John
btzackanlive
Newcomer I

Yeah. It's not easy to know when I will be ready to sit and pass the exam. 

 

I did the official book's practice exam few times but I will try to do it the way you suggested. 

 

I hope some day I could reply to you and say I pass the exam but I know I have to work it out more. 

 

Thank you. 

csjohnng
Community Champion

Just FYI, I have friends very rely on the official practice guide and failed the exam. I did not ask for details. I did not know how he use that guide (I did not use that practice guide myself but only practice question at the back of each domain in CISSP study guide and the way I describe how I use the question, not only treating them as a test but a method to learn)
For me, I would still recommend knowing the basis/domain inside out is your best bet. Practice guide are only "aids". Rob also provides you good reference material for deeper knowledge learning (esp the Security Engineering by Ross is a nice one).

Good Luck!

John