Pass
Passed CISSP exam yesterday and it was my first attempt.
Overall experience was pretty much like any other you read about. The test was long and the questions are written at a high level and with little technical detail. It is a difficult test but not in the traditional sense of being "hard", it's just that there is a lot of material and the questions are written in very soft/fuzzy way. It's really quite irritating to read through.
I believe that success comes from reading the question just carefully enough to ensure you understand what aspect of security they are addressing, but do not overthink it. Many questions have multiple answers that seem acceptable but are narrowed down by identifying the focus of the question. Despite the nature of the questions, I had very few that I marked for a second review and I just marched through them. I think that for this test it would be unwise to review your answers too much as that could lead one to over-think and talk one's self out of the correct answer.
By the end of the first 125 questions I was getting blurred vision and a mild headache from the questions. I took a quick bathroom and stretch break which helped. By the end of the 250 questions I was really sick of being there and glad to be done. I was pretty confident I had done well but with the wishy-washy nature of the questions there was also an element of doubt. It was hard to be certain. I was very happy to read the letter saying I passed when I was done. I left the center 2.5 hours after I entered.
I have around 15 years of IT experience, with about 7 of that in straight up security roles and the rest in systems/network administration or programming roles. Work experience certainly helps but the scope of the exam is so wide that there's only so much one can pull from hands-on experience.
Thankfully I didn't go to a boot camp, I think I'd go insane if I had to sit through 5 days straight of this material. I studied Shon Harris's book, Eric Conrad's book, and used the SSI Logic exam prep question book. I did sample the CBT Nuggets videos but never bought a subscription. All of those resources are good and helpful. I think Conrad's book is a good example of the level of depth you'll be tested at. Harris's book is good for a deeper dive so you have more depth, but in final tune-up you just want to skim and review main points, terms, and chapter summaries.
Virtually none of the questions really looked like the sample questions in any of those resources though. One really had to understand the underlying ideas and be able to answer the questions at a conceptual/management level. I think the best recipe for success is a repeated cycling through the material so that the specific language and ideas are embedded in one's mind. Read a couple books, take a bunch of practice exams, review notes, and repeat. You need to be able to intuitively identify which concept is being targeted to handle the questions well.
I sent in my completed endorsement today with no idea how long it will take to get the official cert. Have read it takes people several weeks to get their confirmation but have no idea why it would take ISC2 that long, especially if an existing CISSP already did the work to verify and endorse experience... oh well, we'll see... the hard part is over.
Overall experience was pretty much like any other you read about. The test was long and the questions are written at a high level and with little technical detail. It is a difficult test but not in the traditional sense of being "hard", it's just that there is a lot of material and the questions are written in very soft/fuzzy way. It's really quite irritating to read through.
I believe that success comes from reading the question just carefully enough to ensure you understand what aspect of security they are addressing, but do not overthink it. Many questions have multiple answers that seem acceptable but are narrowed down by identifying the focus of the question. Despite the nature of the questions, I had very few that I marked for a second review and I just marched through them. I think that for this test it would be unwise to review your answers too much as that could lead one to over-think and talk one's self out of the correct answer.
By the end of the first 125 questions I was getting blurred vision and a mild headache from the questions. I took a quick bathroom and stretch break which helped. By the end of the 250 questions I was really sick of being there and glad to be done. I was pretty confident I had done well but with the wishy-washy nature of the questions there was also an element of doubt. It was hard to be certain. I was very happy to read the letter saying I passed when I was done. I left the center 2.5 hours after I entered.
I have around 15 years of IT experience, with about 7 of that in straight up security roles and the rest in systems/network administration or programming roles. Work experience certainly helps but the scope of the exam is so wide that there's only so much one can pull from hands-on experience.
Thankfully I didn't go to a boot camp, I think I'd go insane if I had to sit through 5 days straight of this material. I studied Shon Harris's book, Eric Conrad's book, and used the SSI Logic exam prep question book. I did sample the CBT Nuggets videos but never bought a subscription. All of those resources are good and helpful. I think Conrad's book is a good example of the level of depth you'll be tested at. Harris's book is good for a deeper dive so you have more depth, but in final tune-up you just want to skim and review main points, terms, and chapter summaries.
Virtually none of the questions really looked like the sample questions in any of those resources though. One really had to understand the underlying ideas and be able to answer the questions at a conceptual/management level. I think the best recipe for success is a repeated cycling through the material so that the specific language and ideas are embedded in one's mind. Read a couple books, take a bunch of practice exams, review notes, and repeat. You need to be able to intuitively identify which concept is being targeted to handle the questions well.
I sent in my completed endorsement today with no idea how long it will take to get the official cert. Have read it takes people several weeks to get their confirmation but have no idea why it would take ISC2 that long, especially if an existing CISSP already did the work to verify and endorse experience... oh well, we'll see... the hard part is over.
Comments
-
Eburon
Member Posts: 29 ■□□□□□□□□□
Congrats and thank you for sharing your insights. Now, go grab a pint! -
rfra
Member Posts: 8 ■□□□□□□□□□
Contacted ISC2 this morning and they said current processing times are about 4 weeks if one already has been endorsed by another CISSP. ISC2 needs to work on some process streamlining apparently, but I guess that's been SOP for them for years so is unlikely to change.
-
impelse
Member Posts: 1,237 ■■■■□□□□□□
CongratsStop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
greg9891
Member Posts: 1,189 ■■■■■■■□□□
Congrats:
Upcoming Certs: VCA-DCV 7.0, VCP-DCV 7.0, Oracle Database 1Z0-071, PMP, Server +, CCNP
Proverbs 6:6-11Go to the ant, you sluggard! Consider her ways and be wise, Which, having no captain, Overseer or ruler, Provides her supplies in the summer, And gathers her food in the harvest. How long will you slumber, O sluggard?
When will you rise from your sleep? A little sleep, a little slumber, A little folding of the hands to sleep, So shall your poverty come on you like a prowler And your need like an armed man. -
Jebjeb
Member Posts: 83 ■■■□□□□□□□
Did you recieve any email confirmation as to the receipt of your endorsement paperwork? My endorser sent mine in Friday and I wanted to know whether to expect anything or just wait it out.
** NM go the confirmation this morning, now let the waiting Begin. -
zdravko
Member Posts: 12 ■□□□□□□□□□
CongratsPassed CISSP exam yesterday and it was my first attempt.
Overall experience was pretty much like any other you read about. The test was long and the questions are written at a high level and with little technical detail. It is a difficult test but not in the traditional sense of being "hard", it's just that there is a lot of material and the questions are written in very soft/fuzzy way. It's really quite irritating to read through.
I believe that success comes from reading the question just carefully enough to ensure you understand what aspect of security they are addressing, but do not overthink it. Many questions have multiple answers that seem acceptable but are narrowed down by identifying the focus of the question. Despite the nature of the questions, I had very few that I marked for a second review and I just marched through them. I think that for this test it would be unwise to review your answers too much as that could lead one to over-think and talk one's self out of the correct answer.
By the end of the first 125 questions I was getting blurred vision and a mild headache from the questions. I took a quick bathroom and stretch break which helped. By the end of the 250 questions I was really sick of being there and glad to be done. I was pretty confident I had done well but with the wishy-washy nature of the questions there was also an element of doubt. It was hard to be certain. I was very happy to read the letter saying I passed when I was done. I left the center 2.5 hours after I entered.
I have around 15 years of IT experience, with about 7 of that in straight up security roles and the rest in systems/network administration or programming roles. Work experience certainly helps but the scope of the exam is so wide that there's only so much one can pull from hands-on experience.
Thankfully I didn't go to a boot camp, I think I'd go insane if I had to sit through 5 days straight of this material. I studied Shon Harris's book, Eric Conrad's book, and used the SSI Logic exam prep question book. I did sample the CBT Nuggets videos but never bought a subscription. All of those resources are good and helpful. I think Conrad's book is a good example of the level of depth you'll be tested at. Harris's book is good for a deeper dive so you have more depth, but in final tune-up you just want to skim and review main points, terms, and chapter summaries.
Virtually none of the questions really looked like the sample questions in any of those resources though. One really had to understand the underlying ideas and be able to answer the questions at a conceptual/management level. I think the best recipe for success is a repeated cycling through the material so that the specific language and ideas are embedded in one's mind. Read a couple books, take a bunch of practice exams, review notes, and repeat. You need to be able to intuitively identify which concept is being targeted to handle the questions well.
I sent in my completed endorsement today with no idea how long it will take to get the official cert. Have read it takes people several weeks to get their confirmation but have no idea why it would take ISC2 that long, especially if an existing CISSP already did the work to verify and endorse experience... oh well, we'll see... the hard part is over. -
rfra
Member Posts: 8 ■□□□□□□□□□
FYI, I received my email this morning that I have been awarded the CISSP designation. I submitted my peer-endorsed application the day after my exam, on Sept 22nd. So current processing time is about 2.5 weeks if you have an endorsement from another CISSP and do not require ISC2 to act as your endorser.
