If you have the experience and the dedication, then you have the skills to pass
For those of you who followed my previous posts, and for those of you who are new here, don't scare yourself to the point where you are scared and exhausted when you go into the exam the way I did the first two times.
AS someone with 12 years experience going into the test, I still tanked it but got very close twice, before passing (674, 695) because:
A. I scared myself to death each time I went into the exam, and found myself mentally exhausted an hour into said exam
B. Read into the exam questions SO much that I couldn't determine right answers from close to right answers.
ALL too often I got to the point where I said: 'OK, well, I narrowed it down to two, because I know the other two aren't right.' That was the easy part. The hard part was me trying to decide which of the two remaining was more correct than the other. I see so many of us trying to come up with the right answer on the bank teller question mentioned in this and other forums, because there are SO MANY ways to look at it. We know the answer is
disable the account, but it doesn't compute with us because we, as technicians say 'a bank teller doesn't have the credentials to disable an account.' THAT is why we miss it so much.
You are going to ask yourself time and again: 'Is this worth it? All this studying, all this sacrifice to my sanity, neglecting my family, thinking about studying while I work, studying during lunch breaks, bathroom breaks.' Multiply that anxiety and anger by a factor of five or ten if you are taking the test again, or again and again, or...The end game is worth it, I promise. DON'T listen to your peers about it just being a piece of paper that neither they nor you need for validation, because the reason for having the cert are far more dynamic with many facets, and almost all of said reasons result in your being recognized in your field as an expert, which gets you promoted, or at least making more money, as well as job offers aplenty. There are too many reasons TO getting this cert than not getting it if you remain in InfoSec.
I get it. I was there with you. I was mad, arrogantly saying 'HEY, I know that they are looking for answer A. but B is the way I would do it. ISC LOVES to trip up arrogant IT people. And guess what? It's part of the reason I failed the exam.
Then there are the people who have the cert and don't see its value, and there are those who are smart enough to take the test--or so they think--and don't take the test because they don't need the validation for something they already know. Again, to reiterate, this test has value because it encourages you to think differently. Ask yourself, IT and IT Security people why lawyers and GRC people are passing this exam while so many IT people fail? You know the answer, but I am going to tell it to you anyway.
TOSS that analytical, logical attitude that made you go and buy that 'Eskew Obfuscation' paperweight out the window. If you are in the InfoSec field and want to remain in it, the CISSP is a necessity. It's no longer a cert for an elite few. It's now the industry standard for consideration to the six-figure incomes here in the US, UK, AUS, and now the EU. I cannot speak for Near East or East Asia.
CISSP has value, and will have value for at LEAST the next decade. DON'T sell it or yourself short. Take and retake this test until you pass it. If you need help, ping people like me who are happy to help. I tagged my LinkedIn account to this site for a reason, as have other professionals who want to help you succeed. We are motivated to help you because we need the help. There are a gazillion InfoSec jobs out there, and we NEED your help. Unfortunately, it's hard for us to convince our higher-ups to hire you without this cert in your hip pocket.
AS someone with 12 years experience going into the test, I still tanked it but got very close twice, before passing (674, 695) because:
A. I scared myself to death each time I went into the exam, and found myself mentally exhausted an hour into said exam
B. Read into the exam questions SO much that I couldn't determine right answers from close to right answers.
ALL too often I got to the point where I said: 'OK, well, I narrowed it down to two, because I know the other two aren't right.' That was the easy part. The hard part was me trying to decide which of the two remaining was more correct than the other. I see so many of us trying to come up with the right answer on the bank teller question mentioned in this and other forums, because there are SO MANY ways to look at it. We know the answer is
disable the account, but it doesn't compute with us because we, as technicians say 'a bank teller doesn't have the credentials to disable an account.' THAT is why we miss it so much.You are going to ask yourself time and again: 'Is this worth it? All this studying, all this sacrifice to my sanity, neglecting my family, thinking about studying while I work, studying during lunch breaks, bathroom breaks.' Multiply that anxiety and anger by a factor of five or ten if you are taking the test again, or again and again, or...The end game is worth it, I promise. DON'T listen to your peers about it just being a piece of paper that neither they nor you need for validation, because the reason for having the cert are far more dynamic with many facets, and almost all of said reasons result in your being recognized in your field as an expert, which gets you promoted, or at least making more money, as well as job offers aplenty. There are too many reasons TO getting this cert than not getting it if you remain in InfoSec.
I get it. I was there with you. I was mad, arrogantly saying 'HEY, I know that they are looking for answer A. but B is the way I would do it. ISC LOVES to trip up arrogant IT people. And guess what? It's part of the reason I failed the exam.
Then there are the people who have the cert and don't see its value, and there are those who are smart enough to take the test--or so they think--and don't take the test because they don't need the validation for something they already know. Again, to reiterate, this test has value because it encourages you to think differently. Ask yourself, IT and IT Security people why lawyers and GRC people are passing this exam while so many IT people fail? You know the answer, but I am going to tell it to you anyway.
TOSS that analytical, logical attitude that made you go and buy that 'Eskew Obfuscation' paperweight out the window. If you are in the InfoSec field and want to remain in it, the CISSP is a necessity. It's no longer a cert for an elite few. It's now the industry standard for consideration to the six-figure incomes here in the US, UK, AUS, and now the EU. I cannot speak for Near East or East Asia.
CISSP has value, and will have value for at LEAST the next decade. DON'T sell it or yourself short. Take and retake this test until you pass it. If you need help, ping people like me who are happy to help. I tagged my LinkedIn account to this site for a reason, as have other professionals who want to help you succeed. We are motivated to help you because we need the help. There are a gazillion InfoSec jobs out there, and we NEED your help. Unfortunately, it's hard for us to convince our higher-ups to hire you without this cert in your hip pocket.
Comments
The blogs and forum posts also give good tips, suggestions and links to webinars which will help lot.
"... but everything changed when the Fire Nation attacked."
I failed last month. Took a break from studying during my family's two week vacation to The Netherlands, but now I'm back in study mode. I want to take the exam again in December. I only used books by Shon Harris and ISC2 last time. This go round I will read Eric Conrad's material and maybe even use the CBT nuggets (can't hurt).
Congrats on passing!