Options
CISSP Passed in first attempt 8/21
Passed CISSP first attempt today in Bangalore,India and here is my contribution to the forum without which I would not have been able to pass
My motivational quotes :
1.CISSP is commonsense
( My ex-boss LL)
2.You will not need another attempt , Give it all you got ( Family )
3. Billy Mckay’s win in Australian Master chef 2015 J ( Very good booster just before the exam , Taught endurance so well )
4.Kaplan , Beads , JD and many others for their contribution to the forum and very encouraging words.You need this , good examples and telling you not to lose hope.
Backgorund : 12 years of IT & Security experience.Started with Wireless support à Telecom support Lead à IT Consultant for Crypto solutions & PKI setup and management à Security program management
Quite a few Cisco , Nortel , ITIL certs
As you can see I had all the ingredients
My Journey : 5 months total
1.Started with Infosec institute videos ( I listened to them during my commute to office , I go on foot to office every day which makes it a 1.5 hours total walk )
2.Shon Harris AIO & MP3's ( Read cover to cover once and referenced topics , questions many many times – Another fan of Shon – RIP )
3.CBK latest edition – ( 5 domains , covered my problematic domains and completed all the questions )
4.Cybrary Videos ( All – Once )
5.Keith Barker CBT Nuggets ( Probably first 10 )
6.Eric Conrad 2nd Edition ( Read cover to cover once )
7.Eric Conrad eleventh hour ( first 3 chapters )
8. Larry Greenblatt CISSP training ( First 3 days ) – Youtube
9.NIST documents , RFC's , Youtube videos
10.My own notes ( Don’t even dare to request
I scribbled notes for 600 pages , I honestly don’t see the purpose of it but hey it was my sweat )
As you can see , I wasted no time in one resource.I tried all and there is good information.I am no way advocating this approach , just my way of saying “You will not understand everything in one book , move to a different source “
Question Banks :
1.McGraw Hill , Total Tester , Shon Harris AIO questions ( There is nothing which beats this if you use it properly – Don’t test yourself , Get the logic )
2.Studiscope ( Normal questions but blown away with good English , This really helped with well-constructed sentences – I was like : WoW , you can really ask smart questions with one line ) – Way expensive , If you are on a tight budget by all means skip this
3.Transcendar – I did all 4 tests as if I was simulating the exam which helped build my endurance – You can choose between CCCure and this but if you are a test junkie like me don’t skip this
4.CCCure – Like many say “Reinforces your technical knowledge” – Both CCCure & Transcendar are bit of an overkill for this exam technical concepts wise but no knowledge is waste and their simulation software is excellent
5.CCCure Scenario based questions – Too easy , was disappointed with the spend but I took them in the last week so probably I was good at questions
6.Internet resources : I probably would have browsed 10+ sites ( Refer ALL CISSP Pass Threads , I have not kept track and completed them as and when I found a link , I was addicted to do questions J )
7. Conrad CISSP exams
Exam Experience :
I marked the first 15 questions for review – was not sure of a single one and was not a good start , The questions were not difficult but as any CISSP would say they were confusing. Elimination works but you are not really sure if you picked the BEST choice
Questions got better after the first 15 , I would not call it a breeze but I found my rhythm and was comfortable marking them without review most of the time.The real savior was Networking & Crypto.I killed them J It was funny how questions were worded – I knew the technical solution to them and I still had to pick the management answers. It was very funny , this is when I realized I was going to pass the exam, Not because I was technically strong but I found their pulse.
I completed the first pass in 3 hours and started to review ALL questions and answers , This is when I got a bit nervous as I could not fully recollect the logic I had used to deduce the answers ( Like what I thought about Q1 after doing 250 questions ).Example : ( Not related to CISSP actual questions , just a generic one ) A scenario asking how to make best use of firewall.Now don’t dwell into Generations of firewalls , What packet vs application does.Think from overall network perspective , the tester mind was “Hey I have people to configure the firewalls , What is your job as a Security Consultant ? “ Now I have 2 good answers , I can really solve the issue ( Right infront of the eyes ) or I can provide an ADVICE.You see the difficulty here , What decision do I make ? Technically correct answer ( And this is 200% correct ) OR because CISSP ONLY looks for management level thinking ( 80% probability ) . Trust me , MOST of the CISSP questions are like this.Thats why this exam is a marathon , tough as hell and you are absolutely not sure what the correct answer is and there is no way to predict whether you are going to pass the exam.
Another good example is citing web attacks , there was NO MANAGEMENT answer , all answers were technical but the order was like this 1.Apply this and you are sure to have a good site without such issue 2.Apply this and you can remediate the current issue 3.Apply this and act as an example to other practices 4.Apply this and you have a new way of solving the issue.ALL solve the issue one way or the other , Even to put the management hat on you need to go in depth details of all practices. ( Now talk about doing this for all questions )
Also , Don’t underestimate simple topics like LOCKS and new topics like “Cloud” , It’s all testable.I browsed some topics and I wish I had learnt deeper.The above 2 are good examples.
This is where CISSP excels , Like everyone in this forum says “It’s all about concepts” BUT do not neglect technical details ( You DON’T have to remember the ports , rounds of encryption etc., but it teaches you perspective why 3DES vs DES ? so this is important – The why question then you can GUESS the correct answer ).Hope this makes sense , It’s hard to give examples without violating NDA but many CISSP Passed threads have NAILED it.Go through as many as you can , they teach you perspective , a MUST have for this exam.
And please don’t lose HOPE.This exam is NOT impossible , I would have to side with the argument that questions are reasonable ( No way of knowing if I would have said it otherwise had I failed )
One example on the hope front , Just the night before the exam I did Shon’s final exam – Scored 67% Failed.By then I had reached a stage where I was NOT chasing the scores , I was searching for the logic where I went wrong.Thats when I got confident that I was on the right path , Got good 8 hours of sleep.Reached exam center an hour before and went to a temple. Meditated for some time and went to the exam hall.
Heartattack Moment : I know everyone in the forum said you are golden if you get “1 Paper” result , my heart sank when I saw the prometric guy using stapler to give me my result.I stayed strong and went through the paper , It said “Congratulations “.I flipped very quickly to see whats on the other page “\ISC2” at the top of the document and rest is blank.I was still shaking to understand whether that was some sort of a psychological test.Could be the sheet size or printer settings and that’s certainly not a CISSP jobto figure out
So don’t depend on one sheet theory at least in Bangalore
There is still HOPE …
My motivational quotes :
1.CISSP is commonsense
( My ex-boss LL)2.You will not need another attempt , Give it all you got ( Family )
3. Billy Mckay’s win in Australian Master chef 2015 J ( Very good booster just before the exam , Taught endurance so well )
4.Kaplan , Beads , JD and many others for their contribution to the forum and very encouraging words.You need this , good examples and telling you not to lose hope.
Backgorund : 12 years of IT & Security experience.Started with Wireless support à Telecom support Lead à IT Consultant for Crypto solutions & PKI setup and management à Security program management
Quite a few Cisco , Nortel , ITIL certs
As you can see I had all the ingredients
My Journey : 5 months total
1.Started with Infosec institute videos ( I listened to them during my commute to office , I go on foot to office every day which makes it a 1.5 hours total walk )
2.Shon Harris AIO & MP3's ( Read cover to cover once and referenced topics , questions many many times – Another fan of Shon – RIP )
3.CBK latest edition – ( 5 domains , covered my problematic domains and completed all the questions )
4.Cybrary Videos ( All – Once )
5.Keith Barker CBT Nuggets ( Probably first 10 )
6.Eric Conrad 2nd Edition ( Read cover to cover once )
7.Eric Conrad eleventh hour ( first 3 chapters )
8. Larry Greenblatt CISSP training ( First 3 days ) – Youtube
9.NIST documents , RFC's , Youtube videos
10.My own notes ( Don’t even dare to request
I scribbled notes for 600 pages , I honestly don’t see the purpose of it but hey it was my sweat )As you can see , I wasted no time in one resource.I tried all and there is good information.I am no way advocating this approach , just my way of saying “You will not understand everything in one book , move to a different source “
Question Banks :
1.McGraw Hill , Total Tester , Shon Harris AIO questions ( There is nothing which beats this if you use it properly – Don’t test yourself , Get the logic )
2.Studiscope ( Normal questions but blown away with good English , This really helped with well-constructed sentences – I was like : WoW , you can really ask smart questions with one line ) – Way expensive , If you are on a tight budget by all means skip this
3.Transcendar – I did all 4 tests as if I was simulating the exam which helped build my endurance – You can choose between CCCure and this but if you are a test junkie like me don’t skip this
4.CCCure – Like many say “Reinforces your technical knowledge” – Both CCCure & Transcendar are bit of an overkill for this exam technical concepts wise but no knowledge is waste and their simulation software is excellent
5.CCCure Scenario based questions – Too easy , was disappointed with the spend but I took them in the last week so probably I was good at questions
6.Internet resources : I probably would have browsed 10+ sites ( Refer ALL CISSP Pass Threads , I have not kept track and completed them as and when I found a link , I was addicted to do questions J )
7. Conrad CISSP exams
Exam Experience :
I marked the first 15 questions for review – was not sure of a single one and was not a good start , The questions were not difficult but as any CISSP would say they were confusing. Elimination works but you are not really sure if you picked the BEST choice
Questions got better after the first 15 , I would not call it a breeze but I found my rhythm and was comfortable marking them without review most of the time.The real savior was Networking & Crypto.I killed them J It was funny how questions were worded – I knew the technical solution to them and I still had to pick the management answers. It was very funny , this is when I realized I was going to pass the exam, Not because I was technically strong but I found their pulse.
I completed the first pass in 3 hours and started to review ALL questions and answers , This is when I got a bit nervous as I could not fully recollect the logic I had used to deduce the answers ( Like what I thought about Q1 after doing 250 questions ).Example : ( Not related to CISSP actual questions , just a generic one ) A scenario asking how to make best use of firewall.Now don’t dwell into Generations of firewalls , What packet vs application does.Think from overall network perspective , the tester mind was “Hey I have people to configure the firewalls , What is your job as a Security Consultant ? “ Now I have 2 good answers , I can really solve the issue ( Right infront of the eyes ) or I can provide an ADVICE.You see the difficulty here , What decision do I make ? Technically correct answer ( And this is 200% correct ) OR because CISSP ONLY looks for management level thinking ( 80% probability ) . Trust me , MOST of the CISSP questions are like this.Thats why this exam is a marathon , tough as hell and you are absolutely not sure what the correct answer is and there is no way to predict whether you are going to pass the exam.
Another good example is citing web attacks , there was NO MANAGEMENT answer , all answers were technical but the order was like this 1.Apply this and you are sure to have a good site without such issue 2.Apply this and you can remediate the current issue 3.Apply this and act as an example to other practices 4.Apply this and you have a new way of solving the issue.ALL solve the issue one way or the other , Even to put the management hat on you need to go in depth details of all practices. ( Now talk about doing this for all questions )
Also , Don’t underestimate simple topics like LOCKS and new topics like “Cloud” , It’s all testable.I browsed some topics and I wish I had learnt deeper.The above 2 are good examples.
This is where CISSP excels , Like everyone in this forum says “It’s all about concepts” BUT do not neglect technical details ( You DON’T have to remember the ports , rounds of encryption etc., but it teaches you perspective why 3DES vs DES ? so this is important – The why question then you can GUESS the correct answer ).Hope this makes sense , It’s hard to give examples without violating NDA but many CISSP Passed threads have NAILED it.Go through as many as you can , they teach you perspective , a MUST have for this exam.
And please don’t lose HOPE.This exam is NOT impossible , I would have to side with the argument that questions are reasonable ( No way of knowing if I would have said it otherwise had I failed )
One example on the hope front , Just the night before the exam I did Shon’s final exam – Scored 67% Failed.By then I had reached a stage where I was NOT chasing the scores , I was searching for the logic where I went wrong.Thats when I got confident that I was on the right path , Got good 8 hours of sleep.Reached exam center an hour before and went to a temple. Meditated for some time and went to the exam hall.
Heartattack Moment : I know everyone in the forum said you are golden if you get “1 Paper” result , my heart sank when I saw the prometric guy using stapler to give me my result.I stayed strong and went through the paper , It said “Congratulations “.I flipped very quickly to see whats on the other page “\ISC2” at the top of the document and rest is blank.I was still shaking to understand whether that was some sort of a psychological test.Could be the sheet size or printer settings and that’s certainly not a CISSP job
to figure outSo don’t depend on one sheet theory at least in Bangalore
There is still HOPE … Comments
-
Options
greg9891
Member Posts: 1,189 ■■■■■■■□□□
Congrats:
Upcoming Certs: VCA-DCV 7.0, VCP-DCV 7.0, Oracle Database 1Z0-071, PMP, Server +, CCNP
Proverbs 6:6-11Go to the ant, you sluggard! Consider her ways and be wise, Which, having no captain, Overseer or ruler, Provides her supplies in the summer, And gathers her food in the harvest. How long will you slumber, O sluggard?
When will you rise from your sleep? A little sleep, a little slumber, A little folding of the hands to sleep, So shall your poverty come on you like a prowler And your need like an armed man. -
Options
sesha437
Member Posts: 48 ■■□□□□□□□□
Great!!!!! Congratulations!!!!
Good write up, provided very good details for other
-
Options@bh!4u
Member Posts: 12 ■□□□□□□□□□
Congrats on passing !! Really appreciate the insight and details on approaching the exam.
-
OptionsCLICK
Member Posts: 88 ■■■□□□□□□□
Awesome post splash24... well done and Congrats.. thanks for the perspective.. i'm going into the marathon on Sept 1.. thanks to your post and many others.. i am confident i will finish well Enjoy and again well done !
-
Optionsgespenstern
Member Posts: 1,243 ■■■■■■■■□□
I had a question on my exam on AES rounds their quantity and order. So if you didn't have it, it means that you just didn't have it. No more than that.
Congrats! -
Optionssplash24
Member Posts: 30 ■■□□□□□□□□
I had read in many CISSP Passed posts that you do not have to and i did not encounter any either.But, i agree you have a valid point and do not want to mislead the group.I did remember them.If you have CCCure membership then you have a shortcut to remember them ("MRS *** ) , you can create one yourself as well.It's not hard to remember as it stacks all Symmetric , Asymmetric , Hashing algorithms with their bit size , stream or block cipher etc..
-
Options!nf0s3cure
Member Posts: 161 ■■□□□□□□□□
Well, you sure did not leave any resource un-turned. Hopefully your work was paying for the number of items you had at your disposal. Anyway I am also getting close to my second attempt and just like you as the time gets closer and closer I am also dumping too many resources and focusing on a couple of books and videos.
Good work. Congratulations -
Options
Robicus
Member Posts: 144 ■■■□□□□□□□
Congratulations on your dedication and success. It looks like you used a myriad of tools and resources in your journey.
Hope you're enjoying your weekend! What's Next? eLearnSecurity's eCIR
MSISE, CISSP, GSE (#202), GSEC, GCIA, GCIH, GPEN, GMON, GCFE, GCCC, GCPM, eJPT, AWS CCP -
Optionsfreedom777
Member Posts: 32 ■■■□□□□□□□
splash24 a Big Congrats to you! You provided a great, detailed experience. Especially liked the motivational section. There are times in my study that I feel discouraged but I get back on track after reading the CISSP passed threads like yours. I started my CISSP journey on August 3rd.
-
Options
ccnpninja
Member Posts: 1,010 ■■■□□□□□□□
Congrats and thanks for the feedback!my blog:https://keyboardbanger.com -
Options
josh.armentrout1
Member Posts: 36 ■■■□□□□□□□
Excellent write up! While I haven't sat for the CISSP, I understands the panic seat and can totally relate. I may be a little cynical when I sit for exams and expect the worst so I don't get disappointed if I do fail, but I break out the happy dance when I get a pass.
Congratulations on your pass! -
Optionssplash24
Member Posts: 30 ■■□□□□□□□□
I loved them.The only reason I had watched only 3 instead of all 5 was lack of time.Sometimes reading gets very tiring , I was doing 14 hour studies the weekend before the exam.So watching those videos was a relief.I had reached review stage by then so cannot comment on effectiveness , Some examples were funny and I think I could use them to explain the concepts to novices ( Like ship , Flat tyre , Kung fu examples etc., ) If you have time go through it completely but DO NOT substitute with Cybrary , The videos are excellent.Watch her when she says "Very testable" , she has taken the exam multiple times ( Kelly's claim ) and it shows during her lecture.She stresses testable facts very strongly.But again Videos are only for review , You will still need AIO or CBK one pass to cover all.
-
Optionssplash24
Member Posts: 30 ■■□□□□□□□□
Officially certified CISSP
Endorsement submitted : Sep 1st 2015
Endorsement Acknowledged by ISC2 : Sep 1st 2015
Accreditation Received : Sep 15th 2015
I am happy that I received the endorsement in 2 weeks.I still have the same excitement as I did when I cleared the exam.Eagerly awaiting cert and I really hope it does not take those 8 weeks as I am in India. -
Optionsrony1234
Member Posts: 27 ■■■□□□□□□□
Congratulations Spash24, Your hard work has paid off !
The write-up on how you prepared for your exam and answered the test is awesome. And lol the one paper stuff is funny
I'm appearing for the exam in the 3rd week of October and your write-up is indeed helpful. Thank you ! -
Options
OM602
Member Posts: 56 ■■□□□□□□□□
Congrats!
Good to hear current wait time is only 2 weeks, I submitted my endorsement sep 2, so ideally should get an answer tomorrow.The world chico, and everything in it
