CISSP passed 08/07/2015, resources and experience

Resources:
Eric Conrad CISSP Study Guide 2E, my main book that I read every page, it is not comprehensive enough on its own.

Shon Harris All In One CISSP Exam Guide Sixth Edition, I didn't read all of this, used mostly as a reference to write my own notes, in the end I probably covered 50-60% of the whole book.

Shon Harris audio lectures, listened to probably half of them.

Eric Conrad CISSP 11th Hour Study Guide SE, I skimmed only some of this then didn't bother with it, if you're using the full Conrad CISSP guide then don't buy the 11th hour, it's literally just a shortened version of the full guide with many identical paragraphs, in my opinion it's only useful if you don't use the full Conrad CISSP Study Guide.

CCCure practice exam questions, I did 1,143 unique questions and 1,431 total (questions can repeat unless you choose the unique option), my overall average score was 76.8%, if I set the maximum difficulty to 'hard' instead of 'pro' I would score consistently closer to 90%. CCCure is ok but a lot of the questions (like the pro ones) are useless and far too specific.

McGraw-Hill free questions, probably only 25% of the question pool, I recommend it though.

Eric Conrad free practice exams, was too easy.

Method:
I read the whole Conrad book a few chapters at a time and wrote notes on each, used the AIO to fill out the notes, ended up with 43 pages. I listened to a lot of the Shon Harris audio lectures but they can be draining, would be ideal for someone who commutes a lot. I didn't use CCCure until the last week, I would do 20 questions at a time, review them and constantly update my notes.

I studied 1-3 hours a night 3-4 nights a week for about 3 months, increased towards the end, in the final week I probably put in 40 hours of study.

Tips:
- Do not listen to anyone who says one domain is more important or heavily weighted than another. They are all equally important.
- You need to understand concept and purpose. Example: What is the concept of symmetric encryption? For what purpose is it used?
- You don't need to understand specifics. Example: What key length does DES use?
- In hindsight I would've used more practise exam sources, as many as possible.
- Use practise exams to train yourself, not test yourself. There is only one real test and that's in the exam room. If you burn through practise exams with no review you are testing yourself with nothing gained.
- Get familiar with what was added.

Edit: I should add I have 5 years experience in IT Security, my job is best described as data and vulnerability analyst, it's only semi-technical.

Find more posts tagged with

Comments

Abhishek a.k.a Blackshiel

Awesome, congrats

JoJoCal19

Congrats on the pass!

sheiky

Congrats...!

Thanks for sharing your experience...

jt2929

Congrats on the pass!

cyberguypr

Congrats. Great feedback.

grungeisevil

Congrats! Planning for any other certifications after this?

Archon

Congrats on the pass.

CLICK

Congrats and thanks for the great feedback.

NotHackingYou

Thanks for sharing your exam experience.

sponge2

Congratulations on passing and thanks for sharing. How long did you study for the CISSP exam?

kukku

Congrats

melvinfz

congrats

sridhar_sai84

hi, can see u recently passed exam..

r they not asking on network concergence, software defined network, storage,
virtualization..

confused with indepth coverage by isc2 in their 4th edition..
pls advise///

papaw0lf

Congrats mate

ccnpninja

awesome!