CISSP exam experience (after April 15)

SimoneSmith

I just thought that I should share my experience without breaking the NDA requirements:

1. Even though I am yet to get my result, the summary of my experience of the exam is that I was over-prepared for the exam. Meaning that I focused too much on the big things and ignored the small things (which was what the exam focused on mostly).

2. If you already work in security (i have approx. 5 years of work in general IT and 5 in Security), you should be able to answer like 85% using your experience on your job because they were mostly common sense questions to be honest. I realised that I should have taken the exam ages ago instead of wasting 24 months reading into too much detail and going through too many questions. I can say that if I had done the exam 3 months into my studying, I would have felt the same way that I did after 24 months. This is the honest truth!

I kept holding my breath through out the exam for when I will begin to see the difficult or unusual questions but they never came! by the time I was on question 240, I had fully heaved a sigh of relief. To be honest, I didn't know the answer to all the question but they were just very few and I just guessed the answers and moved on.


3. If you do not have work experience in security, then maybe you need to do more studying than I suggested above.

4. I didn't notice any thing unusual about the questions or the format of the exam following the changes after 15th April. Meaning: the existing materials still apply!

5. I would recommend going through Shon Harris book (or any other highly recommended book) once, practice exams from all the sources you can lay your hands on and you should be fine for the exam (coupled with the knowledge from your hands on experience). When practising the questions, go back to the study materials to learn more about question areas that you get wrong.

6. I agree with the different tips that have been given by other people, like:
a. Read the questions twice
b. Leave enough time to go over ALL your answers (I realised that I changed like 4 answers and was wondering what I was thinking the first time )
c. Take breaks in between. It really helps to clear your brain and to pick the right answers. I think one of the reasons why people fail is not because they do not know the concepts but in the exam situation they get inundated with the text (on a computer screen) of the questions and maybe select the supposedly first right answer that jumps at them. The eyes get tired from the VDU reading for 6 hours and may be affects the brain too. Just saying.:D
d. Any other tips out there but do not allow anyone to scare you. I was scared/worried a bit, I shouldn't have, in retrospect.

7. Finally, although I agree that people fail the exam, I still think that the exam is not as oppressive/stressful/difficult as I have read on some blogs. I only found the 6 hours too long and took like 6 breaks, shut my eyes for some seconds, lay my head on the table and blanked out (for me, this helps to give a fresh perspective). At a point I felt like ending the exam and walking off.

Er, I used up my time till the very last second....

I will let you know if I pass (given all of the above) at a later time on this thread.

I hope someone finds this information useful.

All the best to the other hopefuls!

YouWill787

Did you break the NDA requirement by not instilling fear into the minds of other CISSP hopefuls?

I went through the whole NDA from ISC2's website and didn't see anything about it, but I figure there's a hidden #11 that only shows up when you go to actually take the exam - probably because it's written with the tears of frightened CISSP contenders.

CyberSecurity

I'm 99% sure that is #11. If you don't crack to the point of a mental breakdown, then it isn't done correctly.

Nabsh07

Congrats on taking the test and all the best. Let us know when you find results.
I have heard the same about the study time Mind sharing what you used to practice questions

riyan

Nabsh07 wrote: »

Congrats on taking the test and all the best. Let us know when you find results.
I have heard the same about the study time Mind sharing what you used to practice questions

I would be surprise to hear if practice questions matched the difficulty of real exam question.

oooorp

Any suggestions for something apart from S.Harris AIO?
How much information in AIO is useful for today exam?
Is CBK4 really worth to pay for?

Conrad 3rd edition on the way and will be released in November. But November is to late as I planned exam to mid August

rajeshraj25

Hi Simson,
I don't have experience in information security but have rich experience in information technology architecture. I have great interest to cover security aspect as I think I would help in my existing role. I have gone thru Shonn Harris 6th edition and practice exam 3rd edition. I can understand the concept well in the book. I want to get CISSP certificate. Can you give any guidance.

SimoneSmith

Used the Shon Harris question book and those on the DVD that came with the shon harris study guide. Also used the CISSP practice exam vram from Pearsons.

SimoneSmith

I used mainly Shon Harris. I bought the CBK but dropped it after the first few pages and used Shon Harris as the reference point.

Like I said in my original post, based on my experience the existing materials still apply. That may not be the experience of other test takers.

oooorp wrote: »

Any suggestions for something apart from S.Harris AIO?
How much information in AIO is useful for today exam?
Is CBK4 really worth to pay for?

Conrad 3rd edition on the way and will be released in November. But November is to late as I planned exam to mid August

SimoneSmith

if you can understand the concepts in the book and are able to score high scores in the practice exams, then you may as well take the exam.

rajeshraj25 wrote: »

Hi Simson,
I don't have experience in information security but have rich experience in information technology architecture. I have great interest to cover security aspect as I think I would help in my existing role. I have gone thru Shonn Harris 6th edition and practice exam 3rd edition. I can understand the concept well in the book. I want to get CISSP certificate. Can you give any guidance.

Nabsh07

rajeshraj25 wrote: »

Hi Simson,
I don't have experience in information security but have rich experience in information technology architecture. I have great interest to cover security aspect as I think I would help in my existing role. I have gone thru Shonn Harris 6th edition and practice exam 3rd edition. I can understand the concept well in the book. I want to get CISSP certificate. Can you give any guidance.

SANS David Miller has a webcast to discuss how new test is different from old. What are the topics and etc. Here is the link
http://www.sans.org/webcasts/99757

chickenlicken09

Nabsh07 wrote: »

SANS David Miller has a webcast to discuss how new test is different from old. What are the topics and etc. Here is the link
http://www.sans.org/webcasts/99757

From 38 minutes on.

jt2929

Thanks for your write up, Simone! Great info.

harrym1

Thank you for your sharing your experience and good luck.

flipflop4567

Thanks for the info! Did you have any simulators?

renacido

Simulators as in during the exam, no. Lots of scenario-based questions, some "match the things that go together" and "put these items in order" type questions, but since CISSP is NOT a cert of hands-on tech skills, simulations would not be appropriate.

flipflop4567

Thanks, just trying to prepare myself, one minute I think I got it and then something else stumps me. I am reviewing material and trying to think as a manager.

SimoneSmith

Hello All,

As promised, I passed the exam and I can confidently tell you that the tips in my original message are very relevant.

All the best!

tlbowen

I took this test and passed once before (paper 2004) but let it lapse, so I wanted to take it again. And I don't feel the new test is anywhere near as hard as the old test. I feel like if you meet the CISSP experience requirement you will pass. I took maybe 100 old test questions and felt like if I didn't pass I don't deserve it any longer. I finished in about 2 hours and passed (took may 18th). Not bragging or anything. I just feel the questions were common sense to anyone in the industry for five years or more.

SimoneSmith

Yes, I agree that applying common sense during the exam based on past working experience will help on the exam.