Passed my CISSP exam on first try 04/03/2015

ITSECGUY69ITSECGUY69 Registered Users Posts: 2 ■□□□□□□□□□
I successfully passed the CISSP exam yesterday. Easier and harder than i expected.

Some observations for others trying to push through before the 15th
  • To me the CCCure.org practice test were a waste of time. I didnt see anything on the test that I learned from their study versions
  • The McGraw/Hill and Eric Conrad free tests -- the most helpful as far as test prep
  • Eric Conrad's Eleventh Hour Study Guide -- best $25 I ever spent. Great for the final week review
  • The Michael-Overly-Cram-Study-Guide -- extremely helpful for the terms and how the questions about them may be asked
  • Shon Harris CISSP AIO Exam Guide 6th Edition for the first 3 weeks of studying
Curious how to proceed next. I have the endorser ready to go but its not clear to me what ISC2 wants submitted

Peter

Comments

  • zme783zme783 Member Posts: 43 ■■■□□□□□□□
    Congratulations on completing the exam!

    Are there negative markings for Incorrect answers in exam?
  • mjsinhsvmjsinhsv Member Posts: 167
    Congratulations on passing the exam.

    You will receive an email from ISC2 that will explain the process.
    Basically,

    # Comply with the NDA.
    # Submit a resume to your endorser who is CISSP. Don't mention anything about CISSP on your resume. You aren't allowed to present yourself as CISSP until ISC2 gives you confirmation of endorsement.
    # The Endorser verifies you have 5 years of experience in at least 2 of the domains. The endorser sends everything to ISC2. You will get an email from ISC that they have received your endorsement.
    # ISC takes 4 or 5 weeks to verify everything from the endorser and then they email you that you are official CISSP with your number.
    If you are audited, it takes longer.

    You can also send everything to ISC but it takes longer.

    The details are on the ISC site.
  • dustervoicedustervoice Member Posts: 877 ■■■■□□□□□□
    Congrats on passing. well done! I must agree with you regarding cccure questions. The website claim that the questions are submitted by people who have recently passed the test. I find it strange that they would write the questions in that format and technical level when the official test is quite the opposite. When i was studying, i reviewed some of cccure questions for a few days then stop as other people on this forum mentioned that the test is a managerial one so i knew those questions would not help. MH/eric conrad free exam is more closely related to the real thing.
  • TheFORCETheFORCE Member Posts: 2,297 ■■■■■■■■□□
    Congradulations of passing the exam, good points for those still taking the exam, bottom line is if you study you will be prepared, there's no reason to spend extra $$ of test quizzes just because 10 other people did so.
    Congrats on passing. well done! I must agree with you regarding cccure questions. The website claim that the questions are submitted by people who have recently passed the test..

    That would violate the ISC2 NDA
  • ChuzpahChuzpah Member Posts: 68 ■■■□□□□□□□
    Congrats, thanks for the tips
  • seigexseigex Member Posts: 105
    ITSECGUY69 wrote: »
    Curious how to proceed next. I have the endorser ready to go but its not clear to me what ISC2 wants submitted

    I had questions on how to prepare the resume too, so here's an example of an excerpt from mine to help you out:

    ============================

    2005-Present <Current Company>
    Contact: <Contact info for ISC2/endorser in case of audit>

    10/2011 – present (41 Months) – <Department within company> – Software Engineer

    • Software Development Security - Used Software Development Lifecycle and proper security
    techniques to write software code in C#, Java, Javascript, PHP, Html/CSS, and various other
    languages. Implemented security protections against security threats in all stages of system
    development.

    • Software Development Security - Maintained Database Management Systems (DBMS) for
    several systems using SQL Server 2005, 2008, 2008r2, 2012 and 2014, Oracle DB, MySQL.
    Deployed proper security techniques including access control, deploying views for data
    obscurity, and confidentially, and maintaining database data, backups, replication, and database
    recovery and handwriting Transact-SQL and PL/SQL queries.

    • Security Architecture and Design - Maintained Microsoft Server 2003 through Server
    2012r2 in both physical and virtual environments. Managing server updates and security,
    firewall deployment and endpoint protection.

    • Access Control - Instrumental in researching, implementing and maintaining a Microsoft
    Active Directory environment, including maintenance of subjects and objects, security groups,
    distribution groups, and role-based access control.

    • Telecommunications & Network Security - Maintained a public and private DNS
    infrastructure.

    • Cryptography - Deployed public key cryptography and SSL security of unencrypted internal
    and public-facing web-servers ensuring encryption of data.

    • Telecommunications & Network Security/OPSEC Maintained security of network by
    identifying and patching system exploits and hardening of servers against denials of service
    attacks and intrusions.

    • Access Control/ Telecommunications & Network Security - Configured, Deployed and
    Maintained VPN services using Cisco ASA 5500 Firewall/VPN and Microsoft DirectAccess
    systems, using RADIUS and Active Directory for authentication, authorization and
    accountability.

    • BC/DRP - Performed disaster recovery of critical systems resulting in minimal downtime and
    minimal data loss.

    =======================

    The header of my resume, and skills was like any other resume, then I did the above for each of my positions, and made sure my total was at least 5 years in a combination of the domains. This was acceptable for (ISC)2.
  • ccnpninjaccnpninja Member Posts: 1,010 ■■■□□□□□□□
Sign In or Register to comment.