Needing some encouragement

999

Hi All

Long time reader first time poster....

I know there are plenty of posts similar to this but I felt the need to write one looking for encouragement. I've been preparing for CISSP for a few months now.

Read through most of the books recommended on here (AIO, Eric Conrad, CISSP Official 4th Edition). I've created dozens of mind maps and diagrams to help commit to memory things like the OSI model and types of encryption etc...

I've completed around 2,000 questions from various books and websites (I average around 65% on a first go at any test, which I know isn't really good enough).

I've 2 1/2 weeks to go and starting to panic that I can't get anymore into my head or improve my test scores.

I'm planning to go over the models, BLP etc... ISO & NIST.... and the order of procedures for Risk/BIA/BCP etc...

I just for the first time ever have no idea whether I am ready or not for an exam.

kalkan999

If you're testing at 65%, you should reschedule the exam for a later date. Wait till you hit the 80% mark on those exam questions. Take heart though: No one is ready enough for this exam. It's a crucible for most. As I am sure you've read from others who have passed or failed, many will share that the CISSP exam is the hardest thing they've ever had to endure, myself included in that bunch.

renacido

I agree w/ kalkan999 - cancel and reschedule when you are scoring in the 80's consistently. You want to feel more confident going in, not that you'll ever feel "the check's in the mail" confident.

You're probably already doing this, but I just thought I'd mention: when you come across a question and don't have the answer, try to eliminate the choices you know are wrong answers to improve your chance of guessing the correct answer.

Better to be over-prepared because you have a healthy respect for the difficulty of this exam than to be over-confident and under-prepared...the latter almost always get humbled when the test proctor hands them their printout...most guys who pass look like their dog just died when they leave the test room and get a wonderful surprise when they get their printout.

You're doing the right things, just give yourself a little more time.

999

Thanks for your replies. I guess rescheduling is my best option. I really enjoy the subjects in the CBK and have enjoyed most of the time revising but it's starting to take it's toll on me and my family. If I can't pass I will just have to live with the knowledge I have gained and try and look at applying it to an easier qualification

cyberguypr

I concur. It is evident you are not ready for the test. Pushing it is definitely your bets bet and this point. What is your background? What are your best and worst domains?

999

My primary background has been in software development.

I've been on the executive board on my company for 5 years now. I over see the software we release (ensure that the quality, testing, standards etc are met), I also over see (and quite often get involved with) the networking infrastructure.

I've managed and installed AD environments on and off and have a good grasp of a corporate network holistically. I've even been involved with the office security regarding alarm installation, cctv (or more commonly IP) cameras and different types of physical locks for the different areas.

My weakness is probably more the BCP/Risk/Asset procedures. Although I understand the concepts very well I get tripped up on the ordering of procedures.

I have no experience with government or legal whatsoever. Also not being in the US I find some of the testing material to be therefore quite difficult. I am hoping the exam is more "world wide" in that regard.

*** I know it's been asked a million times. But all I keep reading about the different exam simulators is they may be good but are very "different" from the real exam. I have no idea what they mean by this. I realize the question content will be different but how very different can the structure of the question really be?

nk_vn

999 wrote: »

My primary background has been in software development.

I've been on the executive board on my company for 5 years now.

Just out of curiosity - why on earth you are going for the exam if you already made it up to the top? Honestly, I am torturing myself with this for one and only reason - CISSP seems to be required or "preferred" even for the lowest of the lowest of the lowest of infosec-related job positions. I wouldn't be surprised if HR people start requiring it for physical security guards...

analyst

I took the CISSP recently and having taken it, am of the mind that anyone with good study skills and the depth and breadth of experience required will pass this exam without much difficulty. If you take it and fail, either you're not experienced enough to be a CISSP yet or you have poor study skills. Both deficiencies can be remedied, just not in a few months.

As for practice exams, I found them to be more difficult than the real exam. The real exam didn't rely quite as much on my admittedly poor memory and relied much more on the knowledge and experience I've accumulated over the years.

999

nk_vn wrote: »

Just out of curiosity - why on earth you are going for the exam if you already made it up to the top? Honestly, I am torturing myself with this for one and only reason - CISSP seems to be required or "preferred" even for the lowest of the lowest of the lowest of infosec-related job positions. I wouldn't be surprised if HR people start requiring it for physical security guards...

Although I'm on the board, it's not a very large company so nothing to impressive, just been here a long time - Not retiring anytime soon!

I primarily wanted to take the CISSP as a way of proving I do know what I talk about, even if it's just proving it to myself.

I do agree it does seem everyone is listing this on their job requirements.

999

analyst wrote: »

As for practice exams, I found them to be more difficult than the real exam. The real exam didn't rely quite as much on my admittedly poor memory and relied much more on the knowledge and experience I've accumulated over the years.

I guess what you're saying is the questions were not so much as "what does A mean?" More "why would you choose A over B in the scenario given" which is something only experience would help you answer ...

analyst

999 wrote: »

I guess what you're saying is the questions were not so much as "what does A mean?" More "why would you choose A over B in the scenario given" which is something only experience would help you answer ...

Basically. I found myself relying on my experience more than I expected.

renacido

Experience does play a big factor in how easy/difficult many of the questions are, and that is important IMO. CISSP shouldn't just test how good you are at rote memorization of the CBK, but rather how you apply the knowledge along with sound judgement in a practical scenario. I was very happy to see a lot of scenario-based questions when I took the exam a month ago, if it had just been 250 "which of the following statements did you read out of a book" questions I'd have no respect for the certification.

RuleOf3

Just push the date, it's only fifty bucks. Cheap insurance. I pushed mine multiple times, until my husband pointed out that there will never be a perfect time to take the exam and you will never feel 100% ready. - Lisa

joshmadakor

999 wrote: »

Hi All

Long time reader first time poster....

I know there are plenty of posts similar to this but I felt the need to write one looking for encouragement. I've been preparing for CISSP for a few months now.

Read through most of the books recommended on here (AIO, Eric Conrad, CISSP Official 4th Edition). I've created dozens of mind maps and diagrams to help commit to memory things like the OSI model and types of encryption etc...

I've completed around 2,000 questions from various books and websites (I average around 65% on a first go at any test, which I know isn't really good enough).

I've 2 1/2 weeks to go and starting to panic that I can't get anymore into my head or improve my test scores.

I'm planning to go over the models, BLP etc... ISO & NIST.... and the order of procedures for Risk/BIA/BCP etc...

I just for the first time ever have no idea whether I am ready or not for an exam.

If you have some extra dollars, get the new 2015 Transcender and cccure.org exam engines. Take time to digest the material and reschedule the test if you need to ($50 fee). Good luck.