Passed CISSP
TheProfezzor
Member Posts: 204 ■■■□□□□□□□
in SSCP
Hello,
I would like to inform the community that I have passed the CISSP test today. Furthermore, I would like to thank everyone here, who helped me get through this ordeal. Like everyone else, I would be sharing my experience here. So, here goes.
Who Am I?
Regards
I would like to inform the community that I have passed the CISSP test today. Furthermore, I would like to thank everyone here, who helped me get through this ordeal. Like everyone else, I would be sharing my experience here. So, here goes.
Who Am I?
- Information Systems Professional having more than 10 years of experience in IT, Datacenter Design & Cloud Computing.
- Lately been working on InfoSec, compliance and Audit after getting my CISA.
- Most of my experience comes from consulting, where I have worked in the capacity of middle management.
- I started working towards my CISSP, when "AIO Guide to CISSP 4th Edition" came out.
- I started off slow and couldn't keep up with the study, due to work and my masters in Information System.
- Lingered on with the study, buying 5th and 6th editions of the book and importing the OIG 2nd.
- Downloaded 50Gb's of InfoSec training's from company server and free sources. Never used anything.
- Never studied seriously and ended up postponing the test 4 times in 4 years.
- I got married in the meanwhile and had twins, which was a big "Oh ****' moment for me.
- I used the following resources for preparation:
- CISSP AIO 6th (Left Telco, Cryptography and Software Development)
- Eric Conrad 2nd (Read the remaining domains)
- CISSP Exam Guide 6th by Sybex (Only for understanding concepts)
- I used the following resources to practice:
- CCCure.org (Very technical and in no way, close to the real thing)
- McGrawHill Practice Questions (Somewhat similar to the official thing)
- Couldn't sleep well through the night, because of the damn anxiety. I couldn't study either, because I was tired.
- Woke up an hour ahead of the schedule.
- Car refused to start, with only 40 minutes remaining on the clock. (I found out today, I could have been a mechanic)
- Reached the testing center, with 20 minutes on the clock.
- Went to give in my stuff and get enrolled.
- Started off with the test and felt quite confident since, the first 50 questions were not a shocker for me.
- I had an hour to spare after the exam, which I used to stretch and get back home.
- It's a mile wide test and INCH deep. Quit digging into it while you study.
- Experience is a must, if you want to grip the test. I felt I got 60% of my answers through experience.
- When you start off with a book, finish the bloody thing. Don't just go after every other resource you see on the internet.
- Get the concepts like:
- If a car is painted grey, why is it so?. Why couldn't it be painted red?. Weigh in the pro's and con's of both and decide on the questions.
- Most of the lengthy questions I got were very poorly written, which I conveniently pointed out via the comment tool.
- Scenario based questions contain too much fluff and you have to extract the data when you need to answer the question. For example:
- You are a security officer in a large scale organization. You have been specifically hired to review the security posture of the organization and provide insight on how the company can mitigate the risks faced by it. What is the primary goal of BIA?
- You can see in the example above, the only relevant portion of the question has been highlighted. The rest is, irrelevant.
- I got 4-5 drag and drop questions overall. No HotSpot questions. All of which were answered via concepts.
Regards
OSCP: Loading . . .
Comments
Gene
Yeah. I got this feeling, half an hour too late. The printer got jammed!
Vice President | Citigroup, Inc.
President/CEO | Agility Fidelis, Inc.
Probably PMP. Already working on it.
"... but everything changed when the Fire Nation attacked."
2016 Goals: M.Sc Cyber Security :study:, ITILF COLOR=#FF0000]Passed[/COLOR, COBIT5 F COLOR=#ff0000]Feb[/COLOR][COLOR=#ff0000].[/COLOR, CGEITCOLOR=#ff0000]Jun[/COLOR][COLOR=#ff0000]. ???[/COLOR, CIPMCOLOR=#ff0000]???[/COLOR
As most people here have said, I think I over studied for it. I answered most of the questions in there, with my experience. But, it was intense indeed, especially, when the stupid printer got stuck and I have to wait 30 minutes for my results.
Cisco SEAL, Cisco SWAT, Cisco DeltaForce, Cisco FBI, Cisco DoD, Cisco Army Rangers, Cisco SOCOM .ιlι..ιlι.
Website: www.nxecurity.com
Your steady efforts paid off, at last.
Keep it up, with consistency.
Lots of appreciation, and prayers, for your kindness towards enriching others by imparting knowledge.
2016 Goals: M.Sc Cyber Security :study:, ITILF COLOR=#FF0000]Passed[/COLOR, COBIT5 F COLOR=#ff0000]Feb[/COLOR][COLOR=#ff0000].[/COLOR, CGEITCOLOR=#ff0000]Jun[/COLOR][COLOR=#ff0000]. ???[/COLOR, CIPMCOLOR=#ff0000]???[/COLOR
Congrats on your pass, very well deserved. I am in the same position you were in before as well. Two kids, busy family life, carve out 2 hours a night for studying.
I noticed you said the following:
May I ask how far you went into the OSI Layer and how much of that appeared on the test? Not asking you to violate NDA in posting questions but just in general. I see the OSI explanations can get extremely deep, for example see below:
" The Data Link Layer is responsible for ensuring that messages are delivered to the proper device across a physical network link.
The LLC sub-layer operates between the Network Layer above and the MAC sub-layer below. The LLC sub-layer performs the following three functions:
Provides an interface for the MAC sub-layer by using Source Service Access Points (SSAPs) and Destination Service Access Points (DSAPs).
Manages the control, sequencing, and acknowledgement of frames being passed up to the Network Layer or down to the Physical Layer.
Bears responsibility for timing and flow control. Flow control monitors the flow of data between devices to ensure that a receiving device, which may not necessarily be operating at the same speed as the transmitting device, isn’t overwhelmed."
How far is far enough?
I remember Shon Harris herself stating in her book that the sub-levels of MAC aren't questionable in the exam. In my own opinion, you need to know exactly what each layer does, both in the ISO and the TCP\IP model. Also, know the limitations of the layers.
I am preparing for my exam and need a bit of help. I am practicing ques from cccure. Does the below type of ques come in real exam?
Q. In a hierarchical PKI the highest CA is regularly called rootCA, it is also refered to by which of the following term?
Choices: Subordinate CA, TopLevel CA, Big CA, Master CA
There were many more ques i practiced where i felt a lot of memorization is reqd along with concepts. Not sure how far is cccure ques close to real exam.