Passed ISSEP - 5/24

yeah yeahyeah yeah Member Posts: 77 ■■□□□□□□□□
Took the ISSEP during Memorial Weekend and passed. Scheduling this exam was the worst. Tried to schedule at the beginning of May and the only available days were the 3rd Wednesday in May at 6PM or the Saturday during Memorial Weekend at 4PM. That was it. Didn't want to take leave, so opted for the Saturday. At the same time, I had a close friend pass away, I was starting a new job, and just started my Master's program. So, I wasn't really as focused on the exam as I had wanted to. Anyway, I've been doing IA within the DoD for the past 5 years (and 5 years in public and private sectors). My IA background focus on C&A and SSE, luckily 2 of the domains.

Domains:
SSE - I used IATF (Chapter 2 & 3 and App. H, 800-30 Risk Management)
Technical Management - I glanced through PMBOK to understand project milestones, terminology, roles, and responsibilities
C&A - Studied 800-37, 800-53 rev1, DoDI 8500.2, DoDI 8510.01. Focus on phases, roles, and responsibilities
USG Policies - I didn't study or memorize, but I did glance through all the IA related E.O., FISMA, NIST, DoD, and CNSS

For all the study material, the only one I would say to memorize is IATF. A lot of the other material has lots of fluff, but pretty much everything within IATF has substance. Everything! With everything else, as I mentioned up and above, you need to know purpose, roles, and responsibilities. Example, 800-30 is Risk Management, might be important to know the steps of risk management, and who does what and when. 800-37 is RMF, might be important to know the phases of RMF and who does what and when. Even if you're not memorizing the whole publication or regulation, it's still a lot of memorization. When it came to the USG policies, there's so many of them. I didn't get past the title of majority of them. "NIST 800-40, Patch Management, NEXT!" The reason I say to memorize the phases, roles, and responsibilities, some of the questions can be self-explanatory. If you understand the order of phases, the question may ask something like, "During which phase of XXX does YYY occur?" or "During XXX phase, who needs to approve it before it can go to the next phase?" or "During which phase can you finalize the SSP or purchase specific COTS products?" Bottom line, still lots of material.

During the test time, got there at 3:55, got checked in and sat around 4:05, and I was driving out of there around 5:15-5:30. Maybe it was my mindset, but I didn't have any hopes of passing the exam. I had way too much going on, and in my head, just couldn't get it together. Looking at the questions, I didn't feel as overwhelmed as I did when I sat for the CISSP. These seemed a bit more focused, but...still was all over the place. Don't know if that makes sense. But I went through it pretty fast, and had a go-back for about 10 questions that I marked for review since I didn't have the patience to think too hard the first go round.

When I went to get my results, I took the printout, and just shoved it in my pocket. I was confident that I didn't pass. The lady working there asked how I did, and told her that I'll read it later. Didn't read it till I got to my car, and boom...."Congratulations!"

I felt there was a lot more of Technical Management that I thought there would be. My exam went from Technical Management 40%, SSE 40%, C&A 10%, USG Policies 10%.

I'm in the endorsement phase, and still waiting. My CISSP took about 10 business days. I'm going on my 16th business day for this one.

Comments

  • MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
    Congratulations! Obviously you did something right.
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Congrats and thanks for the tips.
  • DarxtarDarxtar Member Posts: 30 ■□□□□□□□□□
    Welcome to the club.
    Ph.D. in Information Systems Security
  • JonnygJonnyg Member Posts: 84 ■■■□□□□□□□
    Congrats! I am still waiting to hear back from (ISC)2 regarding my ISSEP, as well.
    Working on: Nothing, finally.
  • yeah yeahyeah yeah Member Posts: 77 ■■□□□□□□□□
    The endorsement is killing me. Taking a while.
  • JeggaJegga Member Posts: 6 ■□□□□□□□□□
    Congrats! If my memory serves, it took almost four weeks to get my endorsement. Four... Painful... Weeks.
  • yeah yeahyeah yeah Member Posts: 77 ■■□□□□□□□□
    Tomorrow makes it 4 weeks...ugh. I thought the CISSP endorsement would have taken longer.
  • kzckzc Member Posts: 12 ■□□□□□□□□□
    yeah yeah wrote: »
    Tomorrow makes it 4 weeks...ugh. I thought the CISSP endorsement would have taken longer.
    My EP took 4 weeks and one day late last year. You can probably expect it soon.
  • yeah yeahyeah yeah Member Posts: 77 ■■□□□□□□□□
    4 weeks (20 days) exactly!

    yeah yeah, cissp-issep
  • JonnygJonnyg Member Posts: 84 ■■■□□□□□□□
    Way to go! I am on day 15 right now so hopefully I will hear back soon as well.
    Working on: Nothing, finally.
  • rosadodrosadod Registered Users Posts: 4 ■□□□□□□□□□
    yeah yeah - Did you use the CISSP-ISSEP CBK at all?
  • rosadodrosadod Registered Users Posts: 4 ■□□□□□□□□□
    yeah yeah - did you use the CISSP-ISSEP CBK at all?
  • yeah yeahyeah yeah Member Posts: 77 ■■□□□□□□□□
    Not at all. My study material was mainly things I got from the web. The IATF, NIST 800 series, DoD Instruction and Regulations, CNSS Instruction, DoD PMBOK, and a bunch of USG info (E.O, FISMA, etc).
Sign In or Register to comment.