Options
CISSP passed 08/07/2015, resources and experience
Resources:
Eric Conrad CISSP Study Guide 2E, my main book that I read every page, it is not comprehensive enough on its own.
Shon Harris All In One CISSP Exam Guide Sixth Edition, I didn't read all of this, used mostly as a reference to write my own notes, in the end I probably covered 50-60% of the whole book.
Shon Harris audio lectures, listened to probably half of them.
Eric Conrad CISSP 11th Hour Study Guide SE, I skimmed only some of this then didn't bother with it, if you're using the full Conrad CISSP guide then don't buy the 11th hour, it's literally just a shortened version of the full guide with many identical paragraphs, in my opinion it's only useful if you don't use the full Conrad CISSP Study Guide.
CCCure practice exam questions, I did 1,143 unique questions and 1,431 total (questions can repeat unless you choose the unique option), my overall average score was 76.8%, if I set the maximum difficulty to 'hard' instead of 'pro' I would score consistently closer to 90%. CCCure is ok but a lot of the questions (like the pro ones) are useless and far too specific.
McGraw-Hill free questions, probably only 25% of the question pool, I recommend it though.
Eric Conrad free practice exams, was too easy.
Method:
I read the whole Conrad book a few chapters at a time and wrote notes on each, used the AIO to fill out the notes, ended up with 43 pages. I listened to a lot of the Shon Harris audio lectures but they can be draining, would be ideal for someone who commutes a lot. I didn't use CCCure until the last week, I would do 20 questions at a time, review them and constantly update my notes.
I studied 1-3 hours a night 3-4 nights a week for about 3 months, increased towards the end, in the final week I probably put in 40 hours of study.
Tips:
- Do not listen to anyone who says one domain is more important or heavily weighted than another. They are all equally important.
- You need to understand concept and purpose. Example: What is the concept of symmetric encryption? For what purpose is it used?
- You don't need to understand specifics. Example: What key length does DES use?
- In hindsight I would've used more practise exam sources, as many as possible.
- Use practise exams to train yourself, not test yourself. There is only one real test and that's in the exam room. If you burn through practise exams with no review you are testing yourself with nothing gained.
- Get familiar with what was added.
Edit: I should add I have 5 years experience in IT Security, my job is best described as data and vulnerability analyst, it's only semi-technical.
Eric Conrad CISSP Study Guide 2E, my main book that I read every page, it is not comprehensive enough on its own.
Shon Harris All In One CISSP Exam Guide Sixth Edition, I didn't read all of this, used mostly as a reference to write my own notes, in the end I probably covered 50-60% of the whole book.
Shon Harris audio lectures, listened to probably half of them.
Eric Conrad CISSP 11th Hour Study Guide SE, I skimmed only some of this then didn't bother with it, if you're using the full Conrad CISSP guide then don't buy the 11th hour, it's literally just a shortened version of the full guide with many identical paragraphs, in my opinion it's only useful if you don't use the full Conrad CISSP Study Guide.
CCCure practice exam questions, I did 1,143 unique questions and 1,431 total (questions can repeat unless you choose the unique option), my overall average score was 76.8%, if I set the maximum difficulty to 'hard' instead of 'pro' I would score consistently closer to 90%. CCCure is ok but a lot of the questions (like the pro ones) are useless and far too specific.
McGraw-Hill free questions, probably only 25% of the question pool, I recommend it though.
Eric Conrad free practice exams, was too easy.
Method:
I read the whole Conrad book a few chapters at a time and wrote notes on each, used the AIO to fill out the notes, ended up with 43 pages. I listened to a lot of the Shon Harris audio lectures but they can be draining, would be ideal for someone who commutes a lot. I didn't use CCCure until the last week, I would do 20 questions at a time, review them and constantly update my notes.
I studied 1-3 hours a night 3-4 nights a week for about 3 months, increased towards the end, in the final week I probably put in 40 hours of study.
Tips:
- Do not listen to anyone who says one domain is more important or heavily weighted than another. They are all equally important.
- You need to understand concept and purpose. Example: What is the concept of symmetric encryption? For what purpose is it used?
- You don't need to understand specifics. Example: What key length does DES use?
- In hindsight I would've used more practise exam sources, as many as possible.
- Use practise exams to train yourself, not test yourself. There is only one real test and that's in the exam room. If you burn through practise exams with no review you are testing yourself with nothing gained.
- Get familiar with what was added.
Edit: I should add I have 5 years experience in IT Security, my job is best described as data and vulnerability analyst, it's only semi-technical.
Comments
-
Options
JoJoCal19
Mod Posts: 2,835 Mod
Congrats on the pass!Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
Options
grungeisevil
Member Posts: 39 ■■□□□□□□□□
Congrats! Planning for any other certifications after this? -
OptionsNotHackingYou
Member Posts: 1,460 ■■■■■■■■□□
Thanks for sharing your exam experience.When you go the extra mile, there's no traffic.
-
Optionssponge2
Member Posts: 38 ■■□□□□□□□□
Congratulations on passing and thanks for sharing. How long did you study for the CISSP exam?
-
Optionssridhar_sai84
Member Posts: 8 ■□□□□□□□□□
hi, can see u recently passed exam..
r they not asking on network concergence, software defined network, storage,
virtualization..
confused with indepth coverage by isc2 in their 4th edition..
pls advise///
