Passed the 2nd Time

jaandrade3rdjaandrade3rd Member Posts: 14 ■□□□□□□□□□
Hi Everyone! I passed the exam Oct 5th. However, as indicated above it was the 2nd time. Previously, I took it on August 6th and failed with a score of 682--I was bummed needless to say. The top 3 domains I did poorly in were Security Engineering, Communication and Network Security, and Software Development Security.

I have 21 years of IT experience with the last 8 concentrating on Information Security. August 2014, I obtained the CompTIA Security+ (SY0-401). A year later (2015) I tried the CISSP exam, studying on and off for the past year with Sharon's and Conrad's books, Transcender's practice exam and Sunflower. I failed but I wouldn't say miserably. I didn't really expect to pass considering the vastness and shallowness of the exam and the many others also succeeding after numerous attempts. So of course, like all others I dusted myself off and hit the books.

I used a number of study materials. But here is the twist, instead of focusing on CISSP directly I took a different route. I obtained the EC-Council CEHv8 then Cisco CCENT (ICND1) during August and September and for the week leading up to the test I read the CISSP 7th edition and perused Sharon's book. The day of the test I glanced over Conrad's 11th Hour. I decided to deviate and obtain those certifications because I recognize the relevance of some of the questions on the August exam to the material covered in the certifications. For example, converting binary to decimal, penetration testing, collision domains and hacking techniques.

These are the tools:

CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide, 7th Edition by James M. Stewart and Mike Chapple. released on Sep 15th. This book is pretty good but not as comprehensive as Sharon's book but definitely relevant. The material is subdivided into 21 chapters covering the 8 domains--which was helpful in identifying the content relevant to the domains I did poorly in.

Eleventh Hour CISSP, Second Edition: Study Guide, 2nd Edition by Eric Conrad and Seth Misenar release October 13, 2013. This book was good for last minute review and brushing up but it lacks some of the newer content covered in the exam.

CISSP Study Guide, Second Edition, 2nd Edition by Eric Conrad and Seth Misenar released August 2012. This book is every good but also lacks some of the newer content covered in the exam. I imagine the new release next January will be the go to book.

CISSP All-in-One Exam Guide, 6th Edition by Shon Harris released Nov 2012. This is a really good book but it is deprecated based on some of the content of the newer exam. However, I would still recommend this book because it really helps in building a foundation in InfoSec concepts and understanding its evolution.

The Sunflower PDF v1.1. This is a pretty good guide and I would recommend perusing it briefly every day/night. There are actually some small snibbits that are very useful information. Hopefully, this gets revise soon.

These are the tools I used to get CEH and CCENT:

Certified Ethical Hacker (CEH) v8 (Exam 312-50) Course by Bobby Rogers. This is pretty good course and is nearly identical to the material covered in the official self-study course.

CCENT/CCNA ICND1 100-101 Official Cert Guide, 1st Edition by Wendell Odom release May 2103. This is pretty good book.

Cisco CCNA 640-801 Course by Greg Dickinson. This course was good in covering many of the concepts behind Odom's book and provided a visual learning experience.

QuickStart! - Cisco ICND 1 and 2 Update (exams 100-101 and 200-101) Course by Greg Dickinson. This course was good in covering many of the concepts behind Odom's book and provided a visual learning experience.

Final thoughts, I still plan to finish off and get the CCNA Routing & Switching (the ICND2 is not relevant to the CISSP since it is mostly troubleshooting). I'm also considering getting CCNA Security since it has been revised. I found the CISSP exam difficult not because of the technical/material but mostly because the material is outdated and doesn't reflect real world environments. At least, not real world in the private sector--probably still relevant to the Government/Military. C'mon who really uses the OSI model? That said, I think the key for me this time was getting out of the real world mindset and remember that CISSP is an international standard.

Lastly, thanks to everyone that posted their experiences in this forum--the sharing of study sources and the like helped me to pass the exam. Advance and protect the profession!

Update: Submitted my endorsement via email on 10-6-2015 and received the congratulatory certification email today. Certified!

Comments

  • havoc64havoc64 Member Posts: 213 ■■□□□□□□□□
  • CLICKCLICK Member Posts: 88 ■■■□□□□□□□
    Thanks for sharing and Congrats on the pass!!
  • g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
    Congrats and thanks for the feedback.
  • jasonperry10jasonperry10 Member Posts: 60 ■■■□□□□□□□
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Congrats!
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

    Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
  • g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
  • kiransav07kiransav07 Member Posts: 17 ■□□□□□□□□□
    Congratulations and thanks for sharing the resources for each certification
Sign In or Register to comment.