Post and Pre 15 April 2015 Era
As we discussed this numerous time, finally a week passed through after the Post 15 April 2015 era. I checked with my colleagues and other CISSP aspirant to appear after Post 15 April 2015. I noted down the following significant changes:
- CISSP Organization is withholding the result notification for upto 4-6 weeks.
- Result will not be shown to you at the examination center so no point in arguing with exam administrators.
- There is a heavy focus on Pen Testing in terms of exam content.
- Since Physical Security is not a separate domain so amount of questions on them has been reduced significantly. So stick to CBK 4th Edition.
- Shon Harris (RIP) 6th Edition will only cover 60% of exam content. The rest you need to dig it into CBK 4th Edition.
- Laws, Ethics & Legal Investigation content has been shrink and added as a minor part of another domain.
- Instead of pure MCQ type questions, more focus is on hot-spot, ordering and mix-match kind of question.
- Still no scheduled break so you need to allocate from your 6 hour exam time.
Comments
-
RiverLiver Member Posts: 14 ■■■□□□□□□□Glad I passed before the new era began. Not that the test isn't passable now but it will take a while to get all the new study materials updated.
Waiting 4 to 6 weeks for the result? Yeesh! I thought the walk from the exam room to get my results at the front desk was a long wait...
Good luck to all future exam takers. -
riyan Member Posts: 161 ■■■□□□□□□□RiverLiver wrote: »Glad I passed before the new era began. Not that the test isn't passable now but it will take a while to get all the new study materials updated.
Waiting 4 to 6 weeks for the result? Yeesh! I thought the walk from the exam room to get my results at the front desk was a long wait...
Good luck to all future exam takers.
Yeah I am also glad that I put more effort and took the exam before the 15 April. Sitting in CISSP exam is one hard task and on top of it not knowing it for 4-6 weeks is like icing on cake. You will feel same in ISACA exams. Still conducting on paper-based!!! and wait period is 4-6 weeks.
What's up with your endorsement? Have you applied for it or still waiting? -
riyan Member Posts: 161 ■■■□□□□□□□Will it stay 4-6 weeks for good?
-
ecanmaster Member Posts: 27 ■■■□□□□□□□What makes you say that SHon Harris 6th edition will only cover 60 % ?
I assume the exam will be more or less the same with some additional new content, but mostly it should be the same.As we discussed this numerous time, finally a week passed through after the Post 15 April 2015 era. I checked with my colleagues and other CISSP aspirant to appear after Post 15 April 2015. I noted down the following significant changes:- CISSP Organization is withholding the result notification for upto 4-6 weeks.
- Result will not be shown to you at the examination center so no point in arguing with exam administrators.
- There is a heavy focus on Pen Testing in terms of exam content.
- Since Physical Security is not a separate domain so amount of questions on them has been reduced significantly. So stick to CBK 4th Edition.
- Shon Harris (RIP) 6th Edition will only cover 60% of exam content. The rest you need to dig it into CBK 4th Edition.
- Laws, Ethics & Legal Investigation content has been shrink and added as a minor part of another domain.
- Instead of pure MCQ type questions, more focus is on hot-spot, ordering and mix-match kind of question.
- Still no scheduled break so you need to allocate from your 6 hour exam time.
CISSP / CISM -
cyberguypr Mod Posts: 6,928 ModAlso wondering where the 60% Harris claim is coming from. I've seen other claims that new content accounts for 4%. Also no idea where those numbers come from.
-
chickenlicken09 Member Posts: 537 ■■■■□□□□□□4% extra material was added, the rest has been re arranged they said. have you an official link to prove this?
have a look at these: https://cccure.training/m/articles/view/CISSP-CBK-2015-WHAT-WAS-ADDED
: https://cccure.training/m/articles/view/CISSP-CBK-2012-VERSUS-THE-NEW-CISSP-CBK-2015-2015-04-12 -
ecanmaster Member Posts: 27 ■■■□□□□□□□thank you very much for the links !!!4% extra material was added, the rest has been re arranged they said. have you an official link to prove this?
have a look at these: https://cccure.training/m/articles/view/CISSP-CBK-2015-WHAT-WAS-ADDED
: https://cccure.training/m/articles/view/CISSP-CBK-2012-VERSUS-THE-NEW-CISSP-CBK-2015-2015-04-12CISSP / CISM -
Alexsmith Member Posts: 42 ■■□□□□□□□□Not to hijack the thread, but does this mean that you can no longer take the old exam? I remember with the CCNA you still had some time before the old exams expires.
-
kalkan999 Member Posts: 269 ■■■■□□□□□□Hey Alex,
Unfortunately you cannot take the old exam. (ISC)2 allowed people to choose between the written exam and the CBT for about a year after they went CBT, but one cannot choose between the new CBT and the pre-April 15 exam. It really stinks that you all have to wait six weeks. I had to do that twice myself. But, I cannot disagree with (ISC)2 tactics in changing the test format, as cheating was gaining ground, and a lot of people who didn't deserve to be CISSP's were getting the cred and devaluing the certification with a lot of people. -
dustervoice Member Posts: 877 ■■■■□□□□□□But, I cannot disagree with (ISC)2 tactics in changing the test format, as cheating was gaining ground, and a lot of people who didn't deserve to be CISSP's were getting the cred and devaluing the certification with a lot of people.
Can you elaborate on how people were cheating? -
justjen Member Posts: 77 ■■□□□□□□□□I too am curious, as I'm not sure I understand the situation. People were cheating when previously there was a choice of exams/formats, or the exam is updated every few years to limit the familiarity with its contents (as opposed to the primary focus being to update the exam to reflect more recent advances in technology)?
I passed the exam, and I'm not interested in the details so much as in the risk management strategies for protecting the value of the certification for which I submitted my endorsement application. Is that value protected more by maintaining the currency of the body of knowledge through regular updates, or by limiting the window of opportunity for someone/some group to become familiar with a larger selection of questions in the existing question bank?
Perhaps this is due to my lack of familiarity with the history of (ISC)2 and the CISSP. If so, my apologies in advance, but any clarification, however general, would be helpful. -
MSG_Holland Registered Users Posts: 1 ■□□□□□□□□□Hi new here & I don't see a button to start a new post, can someone help? I will also ask my ? here: Who offers the best CISSP Boot Camp for the new format test?
-
beads Member Posts: 1,533 ■■■■■■■■■□How were people cheating?
Were braindumps available ?
**** of any reasonably popular exam have always been available if you either know who to ask or know where to look. Get a bit more creative with your Google searches and you will find any number of sites purporting to have all the latest information.
Some of these sites you'll need to go in through Tor, VPN or other encrypted/hidden means but that's the dark web for ya.
Ugh! "Security" people, sometimes.
- b/eads -
gespenstern Member Posts: 1,243 ■■■■■■■■□□**** of any reasonably popular exam have always been available if you either know who to ask or know where to look. Get a bit more creative with your Google searches and you will find any number of sites purporting to have all the latest information.
- b/eads
I would disagree. I conducted such a search several months ago and has found some alleged braindumps for CISSP but all of them were completely bogus. What these people do is collect some security related questions from services such as CCCure, Boson, CBT nuggets, put them into one bunch and advertise as CISSP braindumps, but, really, they are not. I honestly believe that there are no braindumps for CISSP.
And I totally agree that it's completely short sighted approach to use them cause your step two after passing braindumped exam is landing an interview and how a braindumper plans to deal with it is beyond my understanding.
However, I'd say that some interviews I've been thru were not that harsh because interviewers were too polite and that could allow a cheater to get a job. I personally would encourage colleagues to destroy candidates on interviews and if someone survives then this one is legit. Don't be polite, crush'em! I have developed my own set of questions sorted by difficulty and I always put into use so I can easily get the idea on how deeply a candidate knows his stuff on a scale from 1 to 10. A quantified approach. -
mjsinhsv Member Posts: 167MSG_Holland wrote: »Hi new here & I don't see a button to start a new post, can someone help? I will also ask my ? here: Who offers the best CISSP Boot Camp for the new format test?
I would go with the official ISC2 training right now.
https://www.isc2.org/cissp-training.aspx -
chickenlicken09 Member Posts: 537 ■■■■□□□□□□4% extra material was added, the rest has been re arranged they said. have you an official link to prove this?
have a look at these: https://cccure.training/m/articles/view/CISSP-CBK-2015-WHAT-WAS-ADDED
: https://cccure.training/m/articles/view/CISSP-CBK-2012-VERSUS-THE-NEW-CISSP-CBK-2015-2015-04-12
i originally posted a link that said their was only 4% new material for the new cissp.
turns out its 40% new material according to the new official cissp book!! thought i would let ye guys know as that is quite alot. For anyone that has the new book they give this figure on page 12 of the book. -
grungeisevil Member Posts: 39 ■■□□□□□□□□Yup, verified it. You guys can take a look at the preview of the book here:
https://books.google.com.my/books?id=ONcgCAAAQBAJ&pg=PR17&dq=cissp+cbk&hl=en&sa=X&ei=BSQ-Vb-GF4OcugSK04HwDw&redir_esc=y#v=snippet&q=40&f=false
It's on page xv (Foreword). Anyone took the exam recently can confirm this, please? -
chickenlicken09 Member Posts: 537 ■■■■□□□□□□i do find it hard to believe theres 40% extra material though. everywhere else that i read said only a little had changed, more re-organizing rather than new stuff. This means i have to read the official book now lol... i bought it to supplement the older books i have e.g conrads 2nd edition is a much easier read and easier to take in. i guess i better believe the official book if it says 40%! god dammit!
-
riyan Member Posts: 161 ■■■□□□□□□□i do find it hard to believe theres 40% extra material though. everywhere else that i read said only a little had changed, more re-organizing rather than new stuff. This means i have to read the official book now lol... i bought it to supplement the older books i have e.g conrads 2nd edition is a much easier read and easier to take in. i guess i better believe the official book if it says 40%! god dammit!
Ghost of Shon Harris was right.....Check the story here. Grave consequences for forum lurker who were preparing but opted not to appear before 14 April Mid night 2015. You just needed to put little more extra effort but opted to play safe.
To be on the safe side, 60% covered by AIO; rest you need to read in CBK 4th Edition. Or better read entire CBK 4th Edition with understanding.
Do not attempt to write exam based upon your preparation on CBK 3rd edition. -
E Double U Member Posts: 2,239 ■■■■■■■■■■**** of any reasonably popular exam have always been available if you either know who to ask or know where to look. Get a bit more creative with your Google searches and you will find any number of sites purporting to have all the latest information.
Some of these sites you'll need to go in through Tor, VPN or other encrypted/hidden means but that's the dark web for ya.
Now you tell me lol.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
jt2929 Member Posts: 244 ■■■□□□□□□□There's no way 40% of the material is new, unless they are counting domain name and organizational changes. Per Kelly Handerhan in her new video over at Cybrary.it, the changes are mostly "cosmetic" and our current study material will suit us just fine. I'm going to keep plugging away with Conrad, Harris, and Cybrary. Does it really matter what domain a topic is in anyway? I don't think we are tested on that.
-
beads Member Posts: 1,533 ■■■■■■■■■□gespenstern wrote: »I would disagree. I conducted such a search several months ago and has found some alleged braindumps for CISSP but all of them were completely bogus. What these people do is collect some security related questions from services such as CCCure, Boson, CBT nuggets, put them into one bunch and advertise as CISSP braindumps, but, really, they are not. I honestly believe that there are no braindumps for CISSP.
And I totally agree that it's completely short sighted approach to use them cause your step two after passing braindumped exam is landing an interview and how a braindumper plans to deal with it is beyond my understanding.
However, I'd say that some interviews I've been thru were not that harsh because interviewers were too polite and that could allow a cheater to get a job. I personally would encourage colleagues to destroy candidates on interviews and if someone survives then this one is legit. Don't be polite, crush'em! I have developed my own set of questions sorted by difficulty and I always put into use so I can easily get the idea on how deeply a candidate knows his stuff on a scale from 1 to 10. A quantified approach.
I get the best information on these **** sites from candidates or people trying to break into the industry. You'd simply be amazed or perhaps not at how blunt some of these people can be about where to find or have found information. In no way have am I indicating what I found out there to be useful only that it exists. I did my CISSP many years ago, let it drop and went back and got it again. Always amused by these sites like some sort of cottage industry or hobby for me to find.
Go to any local security meeting and there is bound to be someone there who wants to talk to you about "breaking into security". Its fun to hear their troubled stories about working at GeekSquad and how they found this "magic" site explaining how to pass the CISSP. The rest is just another set of lies to get by the (ISC)2 marketing association and whiz-bang! A job!
Crush em? Of course! And just where have you been the last couple years. I must be the most hated person on this board for pointing out how many times I have had current and wannabe CISSPs tell me to just make something up to get the credential. Makes me wretch. As to interviewing candidates? Dozens with one making it past me. Beginning to look for Cracker-Jack boxes espousing a secret toy certification in each box.
I gleefully make grown men cry due to lack of technical wherewithal.
- b/eads -
beads Member Posts: 1,533 ■■■■■■■■■□There's no way 40% of the material is new, unless they are counting domain name and organizational changes. Per Kelly Handerhan in her new video over at Cybrary.it, the changes are mostly "cosmetic" and our current study material will suit us just fine. I'm going to keep plugging away with Conrad, Harris, and Cybrary. Does it really matter what domain a topic is in anyway? I don't think we are tested on that.
At 40% security itself would have had to have gone through a groundswell change in both philosophy and technology, by which we have never seen. At least in a very short period of time. Don't get me wrong the field changes on the hour from a tech perspective but philosophically we are still doing the same security as when I started full time in the field back in the 90s.
Changing the way some questions are presented from multiple guess/choice to arrangement and fill in the blank (guessing) type questions do not represent a fundamental change in the knowledge needed to pass the exam. There is a big difference between changing the question format and the knowledge to answer those questions.
Stop panicking.
-b/eads -
jt2929 Member Posts: 244 ■■■□□□□□□□At 40% security itself would have had to have gone through a groundswell change in both philosophy and technology, by which we have never seen. At least in a very short period of time. Don't get me wrong the field changes on the hour from a tech perspective but philosophically we are still doing the same security as when I started full time in the field back in the 90s.
Changing the way some questions are presented from multiple guess/choice to arrangement and fill in the blank (guessing) type questions do not represent a fundamental change in the knowledge needed to pass the exam. There is a big difference between changing the question format and the knowledge to answer those questions.
Stop panicking.
-b/eads
I agree, and I'm not panicking. Like I said, I'm plugging away with my current resources. I just wanted to say that there was no way 40% of the exam was new material, you just said it better. -
dustervoice Member Posts: 877 ■■■■□□□□□□All those **** are invalid! No matter where the come from the dark or the bright web as i'm sure ISC2 is also down there trying to purchase ****.
-
mjsinhsv Member Posts: 167dustervoice wrote: »All those **** are invalid! No matter where the come from the dark or the bright web as i'm sure ISC2 is also down there trying to purchase ****.
ISC2 probably releases the **** to the morons that use them...on the "dark" web..lol