Passed CISSP 11/6/14 - tips and XP

Hello All,

Since all the experience sharing was extremely useful for my preparation for the CISSP exam, I would like to share my XP, as well. Hope it helps to someone else, too.

I started preparation in February with Shon Harris latest AIO. I think this was a vital point in my journey as it is an extremely detailed and comprehensive book with all the details needed for the exam. And the main point is that it not just gives you the facts but explains the concepts at the same time. I rarely needed to Google any topics because the examples are so good.

After this I went throuh Sybex and Conrad 2nd edition and noted everything which was new information compared to Shon's book. In the meantime I started testing at cccure.org. Those questions are very good to test you knowledge but do not expect anything similar on the exam.

In the last weeks, I have also checked the official CBK, and surprisingly it gave me a different viewpoint and it did not look as dry as I thought at a first glance.

The exam was extremely scenario-based, and for me it was sometimes very confusing with so similar answer options. There was a good advice in these forums to wear the manager's hat and ALWAYS remember that this is more like a management exam and not really for engineers. I totally agree with this. Somehow funny, that at the same time, you have to know the little details about encryption methods, VPNs, etc.

So to summarize, my suggestions are:
- Learn the theory and you will surely know what is the difference between a good and a bad manager decisions (based on facts)
- If you are not sure about an answer, get that manager hat, and choose the best answer for overall bussiness health and common sense
- if you have no idea about the answer, try to eliminate the definitely wrong answers, this will raise your chances for chossing (betting) the right one
- Do not leave questions unanswered
- Always think about real-life scenarios. When you stucked, think about what would a "prudent man" do in the same situation
- NEVER GIVE UP: the exam is extremely exhausting, when you go through your 3rd turn of reviewing the most difficult questions, it can be a pain
- I did not sleep well the night before the exam. As a matter of fact, I did not sleep at all. But it does not matter if you know your stuff. Your brain can function even though it is exhausted, but for a limited period:))
- I finished in 5 hours, the time should be more than enough if you do the 'review-turns' strategy

Hope this helps to get the nature of the exam a little bit.

This was far the 'worst' and most challenging exam experience in my whole life. Personal opinion to the end: Maximum respect to people who try another time after the first failure, because my feeling was that if I fail, I could read a thousand more books, I will not know more....... it is just the viewpoint, the mindset, and not the dry facts only...

Find more posts tagged with

Comments

victor58

Congratulations buddy. thats a great achievement.
Can you tell me more about your work experience and whether that was helpful in tackling the exam questions?

bigdummy

Congrats, and thanks for sharing your advice!

Are all the questions "management concept / decision making" type questions - or are some of the questions basic fact based questions, that you can answer based on rote memorization? Just wondering if its a mix, or if every question is a "think like a manager" type question...

And for the scenario questions, any advice on what to expect, or how to best study or prepare for them?

TheProfezzor

Do you think reading any of the 3 books you read, would have been enough for CISSP?. I mean, what if you had only read any of the 3 books?. Could you pass the CISSP exam?

Spin Lock

Congrats on passing and thank you for sharing the techniques you used to pass.

jvrlopez

Congrats! Good job and thanks for the write up!

beads

I think your making me even more happy I did the exam the old-fashioned way - on paper.

- B Eads

billyr2009

Congrats!!!

juppjupp

Thanks, guys!

@victor58: I was a network administrator for 3,5 yrs and a network security specialist for 3 yrs. My covered domains are crypto, sec ops, telecomm, and a little bit from all the others, except physical security:) It helped me a lot, when I did not know the answer, I think about what should I do in real-world...

@bigdummy: It is a mix, let's say 70% management concept and 30% facts. For those management questions, there is only one advise: use common sense, and always go for the lowest risk of business.

@TheProfezzor: I honestly think that i would not have been able to pass the exam with only one readed book... The more source you use, the more chance you have. As I mentioned, my order of materials was: Shon Harris -> Conrad -> Sybex -> Official guide (only a quick review)

This gave me a good overview what they want from us:)

One more advice: do not buy the official questions for apple platforms. They make you feel very dumb, with extremely difficult questions which you will not have in the real exam.