Anyone sitting for the CISM Dec 2015 exam?



  • TongyTongy Member Posts: 234
    I already took the assessment and scored well, I just wondered how faithful an indicator it is of the actual exam in terms of difficulty.

    Also, in your reply it's not clear what you mean - was the "read" at the beginning an order or a statement of something you have done...?
  • Mike7Mike7 Member Posts: 1,084 ■■■■□□□□□□
    NDA terms do not allow us to discuss exam details, so....
    ISACA has prepared the CISM self-assessment to help CISM exam candidates assess their knowledge of the CISM job practice areas and to determine their strengths and weaknesses in these areas. The self-assessment contains 50 sample items covering the appropriate proportion of subject matter to match the CISM exam blueprint. These items are representative of the types of questions that could appear on the CISM exam but have not appeared on the CISM exam. Note: The result of the self-assessment does not guarantee or indicate an individual’s success on the CISM exam.
    The assessment is indicative of your strong and weak areas. At least it is for me.icon_redface.gif
    Tongy wrote: »
    I already took the assessment and scored well, I just wondered how faithful an indicator it is of the actual exam in terms of difficulty.
    We will know when the results are announced around Jan next year. Guess your score should be in the top 5%, possibly even top 1%. Do keep us updated.
  • TongyTongy Member Posts: 234
    Mike7 wrote: »
    Guess your score should be in the top 5%, possibly even top 1%. Do keep us updated.

    Easy on the sarcasm.

    Not sure the NDA covers speculation on self-assessment tests.
  • Mike7Mike7 Member Posts: 1,084 ■■■■□□□□□□
    Tongy wrote: »
    Easy on the sarcasm.Not sure the NDA covers speculation on self-assessment tests.

    My apologies. That was not the intent; it was meant to encourage.

    FWIW, I barely passed the self-assessment when I took it in early April. Started studying in mid-April and pass the June exam with top 5% score. As mentioned, the CISM Review Manual and QAE are great study resources; and working experience helps in the exam.

    As to whether self-assessment test scores will truly reflect actual exam results, it is a good indicator of your weak areas. The final outcome depends on the individual and other factors.
  • TongyTongy Member Posts: 234
    I am looking forward to the exam, it'll be great to have something to focus on for the next couple of months. It's a heavyweight cert in Infosec and a great addition to my CV then I can start 2016 with my sights on CISSP.
  • eric_gokongweieric_gokongwei Member Posts: 75 ■■□□□□□□□□
    Me lah, Im taking CISM this December :) I just passed CISA last June hoping to get another ISACA Certification this December.
  • SecMan320SecMan320 Registered Users Posts: 4 ■□□□□□□□□□
    Hi Splash,Have you purchased the CISM study material.I would like to have a look on the study material before I decide to buy. Can you help.
  • NerdJockNerdJock Member Posts: 13 ■■■□□□□□□□
    Mike7 wrote: »

    SecMan320, you can also try the CISM Self-Assessment Exam to assess your level of knowledge.

    I took the September 2015 exam and came out of it really pissed because I was told over and over that the QAE was a reflection of questions you'd see on the exam and I thought that was the furthest from the truth possible. I found that the questions in the QAE were pretty straight forward in terms of the questions and answers. On the exam though, ISACA went out of their way to change the fundamental terminology.

    Someone else on this post said it best and I'm going to use it here, the credit belongs to them...

    During the QAE, you'll see a question like this:

    1. You see the American Flag waiving boldly against a blue sky backdrop, what is the first color you notice?

    A. Red
    B. White
    C. Blue
    D. Silver

    A. Silver, because without the pole, the flag would not be able to waive in the sky.

    On the exam, it would read something like this:

    2. A rectangular shaped piece of fabric designated as the cultural sign of freedom frolics about atop a tall cylindrical post, which coloration should you observe in the MOST chronological order?

    A. Cardinal
    B. Indigo
    C. The color that reflects the most wavelengths of visible light
    D. Corroded metallic

    By the way, I studied for almost 3-months for the exam. I read the book, front to back, and spent 100+ hours taking the 2015 DB questions, and I took a 5-day boot camp, in which I was scoring 87% leading up to the exam. I came out of the test fairly positive I failed it and accepted I'll have to take the exam again in December, just waiting for the results to come in before I actually spend the money.

    One question in particular, I spent 15-20 minutes on trying to figure out what exactly it was asking. I had to break it down 3rd grade style, underlining nouns and verbs. I couldn't figure it out and just had to guess that a ISM doesn't need to report to a network admin or something to that effect. It was the only one that I thought, of the 4 answers, that didn't align with the material I'd gone over.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 12,027 Admin
    NerdJock wrote: »
    It was the only one that I thought, of the 4 answers, that didn't align with the material I'd gone over.
    That may have been a research item that was to test what answer people would most/least choose. Those don't count in the exam score.
  • andhowandhow Member Posts: 151
    Well, I'm going to try to wrap up my core ISACA certifications. I already have the CISA, CRISC, and CGEIT from ISACA. Now, I'll shoot for the CISM.

    Personally, I like the ISACA certifications. It gets everyone to use a common language when talking about security, controls, governance, and risk.
  • SecMan320SecMan320 Registered Users Posts: 4 ■□□□□□□□□□
    Mike7 wrote: »

    SecMan320, you can also try the CISM Self-Assessment Exam to assess your level of knowledge.

    Thanks Mike. I will try this.
  • razorbackzrazorbackz Member Posts: 28 ■■□□□□□□□□
    highly recommend the two day megamind cism prep course. live recorded session with about 100 questions per domain and with q and a from the instructor. definitely helped me.icon_study.gif
  • csiciliacsicilia Member Posts: 29 ■□□□□□□□□□
    I am going for CISM in December, I have noticed this "CISM : Certified Information Security Manager - Certification App" in IOS Apple Store for $20:
    App Contents:
    √ 631+ Practice Questions
    √ Based on 2015 Syllabus
    √ Detailed Answer and Explanations
    √ Test-Taking Strategy Guide

    • Most Updated Questions.
    • Two practice modes: simulation and study.
    • Show Timer: Enabling this feature; The App will track your speed how fast you are going...
    • Explanation (On Study Mode)
    • Score Report At The End of Each Practice.
    • Review All Your Answers At The End of Each Exam

    Has anyone looked at it and have an opinion about it?

    That use of ISACA logo in the icon does not look legitimate and neither I am sure of the origin of the material… but it is on the Apple store…
  • Mike7Mike7 Member Posts: 1,084 ■■■■□□□□□□
    csicilia wrote: »
    That use of ISACA logo in the icon does not look legitimate and neither I am sure of the origin of the material… but it is on the Apple store…
    You said it yourself. icon_wink.gif Look at list of apps created by the developer. Check for customer ratings.
    On Apple store does not mean all apps are good. You may still get bad apples icon_rolleyes.gif
    Just last month, Apple have to remove hundreds of apps infected with malware.

    To me, CRM 2015 and QAE DB are still the best study resource for CISM exam.
  • Gershom TangaGershom Tanga Member Posts: 12 ■□□□□□□□□□
    I am sitting for Dec2015 CISM exams - so, far so good. It's not as hard as CISA...
  • razorbackzrazorbackz Member Posts: 28 ■■□□□□□□□□
    None of the question the I studied were really on the test in June, but really understanding the way the questions were written helped a lot. Still recommend the online weekend megamind CISM prep. It's a management cert, getting tight into very technical answers can hurt you. Typically, the most vague and encompassing answer is the right one.

    1) initiate incident response procedures. (the right answer)
    2) contact the police.
    3) disconnect the server
    4) notify the held desk.

    A few key words can give the same question different answers. Being a paper test, I literally underlined key words and read the question twice to understand what they were asking. The gold standard for a server that has been breached is to disconnect from power and network first. They might through a curve ball and put in volatile memory, which you will lose because of power etc. Notifying management first is typically correct, then a question may say management is not around or reachable etc. Or the answer could be to first verify that was an actually incident to begin with. Sometimes it will be picking the best of what's available and none of them make much sense lol
  • jimmingtonjimmington Registered Users Posts: 4 ■□□□□□□□□□
    Apologies in advance for the negativity of this post....!
    I have just had my September CISM results in, and it is a pass - which combined with my faux pas of bonus booking CISA by mistake in June I am pleased with.
    However, i thought the CISM exam was terrible, I thought it was badly worded, bore little resemblance to real life and the questions too samey. I actually preferred the CISA exam which considering i had zero prep for actually felt to me like it was relevant to the real world. There is no doubting the value of the CISM in terms of employers and CVs, but what it brings to the table for me as an exam and course was very little. I found the course awfully dry and the only saving grace was that it was delivered by a guy with a great personality, otherwise it would have been horrendous. In terms of how to study for it, I went on a course which had their own slide set (freely available on the internet quite amazingly) an official review manual and a smaller book of ISACA questions. I did not open the main manual once other than to look at it and realise it looked like a really heavy read, and only worked off of the slide sets and the questions. To give a little more context to my background, I have been working in InfoSec for a fairly chunky time and am currently on an Information Security MSc, so these exams should be doable for me - however I found CISM incredibly soulless, fairly irrelevant and not enjoyable in the slightest.
    Of course the above is pure personal opinion only and i wish those prepping for it in December much success when it comes to exam time, but my advice would be to try and decipher ISACA speak as your first port of call, and understand how they will phrase their questions as Razor suggests above.
  • tuabuikiatuabuikia Member Posts: 52 ■■□□□□□□□□
    Good luck to all candidates taking the exam tomorrow. :)
  • upnorth77upnorth77 Member Posts: 23 ■□□□□□□□□□
    thanks! you too!
  • Mike7Mike7 Member Posts: 1,084 ■■■■□□□□□□
    Good luck to all exam takers.
    May the force be with you. 😃
  • mokazmokaz Member Posts: 172
    okay went there, answered to the best i could and honestly i think i failed it... well 6 to 8 weeks now...
  • TongyTongy Member Posts: 234
    Finished mine a few hours ago and found that very hard. 5 weeks to go - 15th January by my reckoning.
  • andhowandhow Member Posts: 151
    I finished about an hour ago. There were a few questions which should earn the exam writers a slap. I assume they were not "real" questions. Who knows... I also found the same question, phrased several different ways which was a bit disappointing. Other than that, not a bad test. I only used the exam manual to study and it seemed spot on. I'll let you know what I scored.
  • CaliforniaKingCaliforniaKing Registered Users Posts: 1 ■□□□□□□□□□
    I took the exam and finished with an hour and a half left. I didn't study the way I should've because of work reasons but I while taking the test I felt like I knew the answers. The phrasing on some of the questions were pretty poor but I circled those for review and came back to them at the end. I hope I passed but we'll see in January.
  • tuabuikiatuabuikia Member Posts: 52 ■■□□□□□□□□
    Another 15 days to go...:D
  • razorbackzrazorbackz Member Posts: 28 ■■□□□□□□□□
    Results will be out the day after the feedback windows closes. 12pm cst
Sign In or Register to comment.