Passed CISSP Today (as an Associate)

Hello all. Just another lurker here coming out from the depths to give his 2cents and experience with the exam. A little background on myself: I am a recent college graduate who started out in an internship position in Business Intelligence/Analytics & was hired full time when I got my bachelors. That was about two years ago now. I stayed with the small company learning a bit about databases and OBIEE when I could but realized this wasn't my passion after a year. Made quite an impulsive move and accepted a job out of state as a cyber security consultant. Was with the company for a few months and my manager wanted me to pursue the CISSP even with the lack of experience.

My study material consisted of:
Eric Conrad: my core study material until I took the SANS class
AIO Book & Audio: This was used to fill in gaps where the Conrad book wasn't verbose enough. Everything seemed to click with Crypto here.
SANS +S 414 Class: I am fortunate enough that my supervisor approved me going to this boot camp for a week. I would have to say I was quite prepared going into the class, but there were little pointers and a focus that SANS provided that I am extremely grateful for.

Two miscellaneous items I have to give a shoutout to:
Sunflower: kept it fresh and used to make sure I memorized the drier concepts
CISSP for Dummies: I know it seems odd but I found a PDF of it and there's one section on Kerberos that explained it better than AIO or Conrad. I would reference anyone studying for this exam to look at that section if you're struggling with Kerberos.

Today was exhausting. Didn't think I would come anywhere close to 6 hours but ended up taking 5 and I didn't even check all of my answers. Made my first pass at around 3.5 hours and started from question 1 to see if I was still in the same mindset. I changed probably 10 questions total and I'm glad I didn't completely go over the exam otherwise I might have changed some others as well! Can't total the number of hours but spent about 6 months on and off studying for this. Definitely didn't underestimate it despite some of my coworkers saying they passed without studying at all. I realized I was at a bit of disadvantage without the experience, but I can't wait until I get it so I can get those magic 4 letters at the end of my name!

Just want to say thank you again for this community's posts. A few were intimidating with the amount of experience some of you boast but having so many different methods of success definitely allowed me to come up with my own study regiment.

Find more posts tagged with

Comments

khiemkp

Congrats.

ajs1976

congrats

awais1116@hotmail.com

Congratz buddy !!! What question bank did u use?

Sheetalm

congrats !!!

j.petrov

Congrats! Its definitely not an easy exam, and certainly one you don't want to have to take again

newjack

Congrats bud! What do you think was most helpful to your studies? I am going to be taking the CISSP after my SSCP venture, I am already preparing for this venture. I don't think I am going to take any courses but do all self study (I am pretty adament about it, I come home from work and do about 1-2 hours of reading and more research online) Would you have failed if you did not take the course?

dinobot

khiemkp wrote: »

Congrats.

ajs1976 wrote: »

congrats

Sheetalm wrote: »

congrats !!!

Thanks!

awais1116@hotmail.com wrote: »

Congratz buddy !!! What question bank did u use?

Thank you! Could you be a little more specific? If you mean in general, I did all the questions in my Conrad book, some in the AIO, and almost 1,500 different questions on CCCure.org.

j.petrov wrote: »

Congrats! Its definitely not an easy exam, and certainly one you don't want to have to take again

Yep. Definitely excited to be done (pending my maintenance of the Associate) and joining the club

newjack wrote: »

Congrats bud! What do you think was most helpful to your studies? I am going to be taking the CISSP after my SSCP venture, I am already preparing for this venture. I don't think I am going to take any courses but do all self study (I am pretty adament about it, I come home from work and do about 1-2 hours of reading and more research online) Would you have failed if you did not take the course?

I think the most helpful items were the audio. I did have AIO audio which was key for Crypto and reaffirming a few things, but I personally believe AIO (in general) goes way too low-level than you need to go. I am thankful for the opportunity to go to an SANS conference, but it was more reinforced learning than anything. I had already read the Conrad book before going, so theres a chance I could've passed without it. Just was nice getting more realisitic questions on the CISSP and strengthening myself on those.

I think your regiment of 1-2 hours a day is solid. Make sure you understand concepts rather than memorize facts.

Doyen

Congratulations on the pass

How many more years of experience do you need before you can get out of the associate level? Which experience domains are you going for?

dinobot

Doyen wrote: »

Congratulations on the pass How many more years of experience do you need before you can get out of the associate level? Which experience domains are you going for?

Thank you! 2 more years (2 years of experience and 1 year taken off for my IT degree). In my previous occupation, I gained knowledge in Domain 6. My current position hits several and I'll leave it to my manager (fellow CISSP holder) to determine which he wants me to list.

Spin Lock

Congrats on passing and thanks for the hints.

For anyone struggling with Kerberos, I would also recommend the following website:

Explain like I?m 5: Kerberos ? Lynn Root

It does an excellent job of explaining the steps involved.