dustervoice Member Posts: 877 ■■■■□□□□□□
Hi All, whats your thoughts on the CISM exam today.. i thought it was quite challenging there are about 18 questions that i had no clue what the answer was and then another 20-25 that i guessed.
On the other hand the guy setting next to me appeared to be broken by the difficulty of the CISM exam.
"You walk up to a flagpole and notice an American flag. What color do you observe first?"
Anyhow, I used the cism study manual and crisc questions/answers guide but the questions on the exam were much harder.
I think the hardest part was the wording of the questions and some of the answers - seemed like they were making a real effort to avoid using the vocab from the book or the practice questions, and throw in a lot of answers as distractors that were just total nonsense, and seemed a lot more pronounced than in their question database.
To revise the flag example, to me it seemed more like:
"You walk up to a vertical tube. A cloth national ensign of a country founded in 1776 hangs from the top of the tube. What do you observe first?"
a) The wavelength hue associated with sunsets and fire engines
c) The steering committee
d) Hexagonal sheep fish peddle lawn toaster
Anyway, will be interesting to see how the results come out.
I thought overall the exam reflected the review questions and was pretty fair. It took me 2 hours to get through all the questions and an additional 30 minutes to fill in the bubble scantron and review the 40 questions I was unsure about. Compared to the CISSP exam this was a walk in the park. Let's hope we all pass in 4-5 weeks
I took it because it compliments the CISSP, I wanted to get a deeper dive into security management and also get assurance of my security management concepts. The actual certification process also validates 3 years of "Security Management" domain to provide assurance to future employers (or existing ones) of your previous experience.
This link will explain why most of us pursue both CISSP and CISM. http://www.techexams.net/forums/isaca-cisa-cism/48126-cism-vs-cissp.html
In addition to what others have already said, I find that some organizations heavily lean towards ISACA certs, even if you have a CISSP. Also in my town, ISACA has a good users group (networking) that meets often and has good training. All things considered ... it provides more options than just the CISSP alone.
The thread posted by @dustervoice contains some very good input on the subject but I find what @rhaynal said resonated the most. For me it is not about getting one cert and calling it a day but about complementary certification experiences which not only keep me learning but which also keeps the mighty HR gatekeepers from saying, "But you don't have X cert right???". By the time I am done with everything I have planned in the next 5 years, that won't ever happen again. I blame myself for having the experience and initially thinking that was enough so I started late to the certification merry go round. Once upon a time experience was indeed enough but now you have to fight the applicant tracking systems (unless you know someone) and their HR masters who may not even understand what they are asking for when posting these pie-in-the-sky unrealistic job requirements.
As also pointed out, ISACA has a sterling reputation and as I have become fond of saying, if you have the experience then just get the certification already. The certification learning experience can only help you and your real world experience should make the test a cake walk. If you are otherwise spending 4 hours a night in front of your TV then take 2 of those hours and just do it...the time to question "Why?" passed us some years back IMHO.
I asked because I was thinking if CISM is easier than CISSP why not go for CISM then CISSP.
Now I understand why, this could be for a transition from a technical role (CISSP) to a management role (CISM).
But for the CISM, even you know your stuff.. the wording and phrases are very tricky .. it's more likely you need to go to take an english lessons and then try the exam.
I hear this from both sides a lot actually. For some people the CISSP is a breeze and the CISM is a monster whereas for others the CISM is a breeze and the CISSP is a monster. I am not sure if the order matters since I am the only person I know who did them out of the conventional order. My personal experience was...I went to the wire on time with the CISM and felt like it was the worst test that I had ever taken (until I took the monster known as the PMP) but I finished the CISSP in like 3hours with a review and everything. I don't know what makes one test seem harder than another but I no longer take any one's word for how hard a test is going to be since it all seems relative to your experiences and possibly the luck of the draw with test questions.
Yes and so is the Review Manual as boring as it is.
www. AIO Test King .com / isaca ..... pls remove all blanks .... not sure why its *ing the URL....
Its considered a **** site.. hence the *