Passed CISSP

TheProfezzor · July 2014

Hello,

I would like to inform the community that I have passed the CISSP test today. Furthermore, I would like to thank everyone here, who helped me get through this ordeal. Like everyone else, I would be sharing my experience here. So, here goes.

Who Am I?

Information Systems Professional having more than 10 years of experience in IT, Datacenter Design & Cloud Computing.
Lately been working on InfoSec, compliance and Audit after getting my CISA.
Most of my experience comes from consulting, where I have worked in the capacity of middle management.

What I did?

I started working towards my CISSP, when "AIO Guide to CISSP 4th Edition" came out.
I started off slow and couldn't keep up with the study, due to work and my masters in Information System.
Lingered on with the study, buying 5th and 6th editions of the book and importing the OIG 2nd.
Downloaded 50Gb's of InfoSec training's from company server and free sources. Never used anything.
Never studied seriously and ended up postponing the test 4 times in 4 years.
I got married in the meanwhile and had twins, which was a big "Oh ****' moment for me.

Material Used

I used the following resources for preparation:
- CISSP AIO 6th (Left Telco, Cryptography and Software Development)
- Eric Conrad 2nd (Read the remaining domains)
- CISSP Exam Guide 6th by Sybex (Only for understanding concepts)
I used the following resources to practice:
- CCCure.org (Very technical and in no way, close to the real thing)
- McGrawHill Practice Questions (Somewhat similar to the official thing)

Test Day

Couldn't sleep well through the night, because of the damn anxiety. I couldn't study either, because I was tired.
Woke up an hour ahead of the schedule.
Car refused to start, with only 40 minutes remaining on the clock. (I found out today, I could have been a mechanic)
Reached the testing center, with 20 minutes on the clock.
Went to give in my stuff and get enrolled.
Started off with the test and felt quite confident since, the first 50 questions were not a shocker for me.
I had an hour to spare after the exam, which I used to stretch and get back home.

Suggestions

It's a mile wide test and INCH deep. Quit digging into it while you study.
Experience is a must, if you want to grip the test. I felt I got 60% of my answers through experience.
When you start off with a book, finish the bloody thing. Don't just go after every other resource you see on the internet.
Get the concepts like:
- If a car is painted grey, why is it so?. Why couldn't it be painted red?. Weigh in the pro's and con's of both and decide on the questions.
Most of the lengthy questions I got were very poorly written, which I conveniently pointed out via the comment tool.
Scenario based questions contain too much fluff and you have to extract the data when you need to answer the question. For example:
- You are a security officer in a large scale organization. You have been specifically hired to review the security posture of the organization and provide insight on how the company can mitigate the risks faced by it. What is the primary goal of BIA?
- You can see in the example above, the only relevant portion of the question has been highlighted. The rest is, irrelevant.
I got 4-5 drag and drop questions overall. No HotSpot questions. All of which were answered via concepts.

Well, that's all for now. I am very exhausted after having thinking about and preparing for the CISSP, for 3 years. I love the feeling to know that it's over. I just need to get myself endorsed now. Once again, thanks everyone for the valuable support that pushed me into taking the exam. Finally!

Regards

GeneC · July 2014

Congrats buddy, you deserve it. You really had to dig deep to achieve the CISSP with such a busy home / work schedule, all the more to be proud!

Gene

malcolmcat · July 2014

Congrats to you too Profezzor, what a wonderful feeling it is to see the work "pass" on the printout!

TheProfezzor · July 2014

malcolmcat wrote: »

Congrats to you too Profezzor, what a wonderful feeling it is to see the work "pass" on the printout!

Yeah. I got this feeling, half an hour too late. The printer got jammed!

cyberguypr · July 2014

Congrats and thanks for the detailed post.

CyberfiSecurity · July 2014

Congrats! What's next?

TheProfezzor · July 2014

CyberfiSecurity wrote: »

Congrats! What's next?

Probably PMP. Already working on it.

andhow · July 2014

Well deserved! Congrats!

Spin Lock · July 2014

Great news. Glad to hear you passed. Thanks for the tips.

fullcrowmoon · July 2014

Congratulations and thank you for the insight into the exam!

EasyPeezy · July 2014

I knew you could do it.... Congratulations

cgrimaldo · July 2014

Congrats!

jvrlopez · July 2014

Glad to see you passed. Probably wasn't as bad as you thought it'd be, right?

TheProfezzor · July 2014

jvrlopez wrote: »

Glad to see you passed. Probably wasn't as bad as you thought it'd be, right?

As most people here have said, I think I over studied for it. I answered most of the questions in there, with my experience. But, it was intense indeed, especially, when the stupid printer got stuck and I have to wait 30 minutes for my results.

sameoj · July 2014

Congrats

ninjaturtle · July 2014

CISSP is huge! Congrats!! That's a huge accomplishment!

Humbe · July 2014

Congrats!

CERTS4LADY · July 2014

Well done and CONGRATS!!!

Plan2succeed · July 2014

Congratulations

uliusgar · August 2014

Many Congratulations!

Your steady efforts paid off, at last.

Keep it up, with consistency.

Lots of appreciation, and prayers, for your kindness towards enriching others by imparting knowledge.

TheProfezzor · August 2014

Ok. After going through the process and facing a small hick up with my resume, I finally received their email today. CISSP, Finally!

malcolmcat · August 2014

Yeah! Congratulations on receiving your endorsement!

jvrlopez · August 2014

Glad you finally got it! Congrats!

EasyPeezy · August 2014

Well done...

papadoc · August 2014

Profezzor,

Congrats on your pass, very well deserved. I am in the same position you were in before as well. Two kids, busy family life, carve out 2 hours a night for studying.

I noticed you said the following:

Suggestions

It's a mile wide test and INCH deep. Quit digging into it while you study.

May I ask how far you went into the OSI Layer and how much of that appeared on the test? Not asking you to violate NDA in posting questions but just in general. I see the OSI explanations can get extremely deep, for example see below:

" The Data Link Layer is responsible for ensuring that messages are delivered to the proper device across a physical network link.
The LLC sub-layer operates between the Network Layer above and the MAC sub-layer below. The LLC sub-layer performs the following three functions:
Provides an interface for the MAC sub-layer by using Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs).
Manages the control, sequencing, and acknowledgement of frames being passed up to the Network Layer or down to the Physical Layer.
Bears responsibility for timing and flow control. Flow control monitors the flow of data between devices to ensure that a receiving device, which may not necessarily be operating at the same speed as the transmitting device, isn’t overwhelmed."

How far is far enough?

TheProfezzor · August 2014

papadoc wrote: »

Profezzor,

Congrats on your pass, very well deserved. I am in the same position you were in before as well. Two kids, busy family life, carve out 2 hours a night for studying.

I noticed you said the following:

[/LIST]May I ask how far you went into the OSI Layer and how much of that appeared on the test? Not asking you to violate NDA in posting questions but just in general. I see the OSI explanations can get extremely deep, for example see below:

" The Data Link Layer is responsible for ensuring that messages are delivered to the proper device across a physical network link.
[/B] The LLC sub-layer operates between the Network Layer above and the MAC sub-layer below. The LLC sub-layer performs the following three functions:
Provides an interface for the MAC sub-layer by using Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs).
Manages the control, sequencing, and acknowledgement of frames being passed up to the Network Layer or down to the Physical Layer.
Bears responsibility for timing and flow control. Flow control monitors the flow of data between devices to ensure that a receiving device, which may not necessarily be operating at the same speed as the transmitting device, isn’t overwhelmed."

How far is far enough?

I remember Shon Harris herself stating in her book that the sub-levels of MAC aren't questionable in the exam. In my own opinion, you need to know exactly what each layer does, both in the ISO and the TCP\IP model. Also, know the limitations of the layers.

uliusgar · August 2014

Excellent!

coolsneha · September 2014

This post is really helpful. Congratulations for your certification!
I am preparing for my exam and need a bit of help. I am practicing ques from cccure. Does the below type of ques come in real exam?
Q. In a hierarchical PKI the highest CA is regularly called rootCA, it is also refered to by which of the following term?
Choices: Subordinate CA, TopLevel CA, Big CA, Master CA

There were many more ques i practiced where i felt a lot of memorization is reqd along with concepts. Not sure how far is cccure ques close to real exam.

aftereffector · September 2014

Without violating the NDA, those questions are not really similar to the real exam questions. The exam questions will generally be more complex and require more thought or analysis than just rote memorization; also, the CISSP questions are not as technically involved as some CCCure questions. You should still know the material, but on the CISSP exam, you will spend more time thinking about risk managment and policy than random technical details about certificate authorities.

TheProfezzor · September 2014

Don't train your brain into memorizing minute details. Train it to comprehend a detailed scenario correctly and then chose the best possible answer, from the given options. I somewhat practiced on this skill and this one of the things that got me through. I would prefer the McGrawHill questions, over the CCCure ones. CCCure are rich in technical detail. I didn't find much technical questions in the exam.

coolsneha · September 2014

Thanks your answers reply help to regarding my query.

Passed CISSP

Comments