Options
Passed CISSP with a 20$ book :)
Hello everyone,
I passed the exam last Thursday, it was my first try, had to drive two hours from Oxnard to LA and another two hours in the LA traffic, I had time to read another chapter though
. Anyways, it seemed real easy to me, at least in the beginning, I didn't see what the fuss was about. After the first 60 questions I knew I was going to pass. I took the whole time, it took me four hours to go through all the question but I calmed myself down a little bit after 100+. After the 170 mark, I don't know if it was me, but the questions started to be a little bit more difficult. I took another two hours to review. After I started the review I've changed a few of them and I was really tired and I decided not to change any of them because all of them seemed wrong to me .
My experience:
15+ years in (almost) everything, from IOS cli to domain controllers, user accounts provisioning(ISC2 style wording), Exchange admin, Linux, all of the BSD's, FreeBSD, NetBSD and my personal favorite, OpenBSD. I was fortunate enough to work in environments where my bosses didn't care whether I've used Postfix/Exim vs Exchange email transport, and that's what helped me a lot to understand how things worked, they only wanted a dedicated email server with less spam than usual.
All of the materials used were borrowed from friends and I've digested all the postings in this forum and others, looking for free information.
Materials used:
1. Prudent man rule, do and act as a prudent man would do on the exam, choose the most prudent answer.
2. Shon Harris AIO, if I hear another bad talk about her or her book I'm going to smack you through your monitors. I will sneak myself in those unused bits from the TCP headers and will come out from underneath your monitors just like Chuck Norris had that fist underneath his chin in that Family Guy episode. Have a little respect for her and all her work. She was also my guardian angel in the car for the past two weeks or so. I would listen to her all the time. If you have time to study and digest material there's nothing wrong with this book: I GUARANTEE you that if they would let you on the exam with this book you will pass.
Just some jokes from her book:
Massive Array of Inactive Disks (MAID)
I have a maid that collects my data and vacuums.
Response: Sure you do.
RAID
Everyone be calm—this is a raid.
Response: Wrong raid.
Rest in peace Shon Harris, you helped at least this idiot pass that exam.
Practice questions:
McGraw-Hill Education | CISSP Practice Exams
3. The official CBK, the older version, 3rd I think, got it for 20 bucks used online.
4. Eric Conrad 11th hour. Very good, short and to the point. If time is a factor in your preparation use this book and TAKE A LOT OF FREE QUESTIONS. I can't stress enough this factor, take thousands of questions.
4. A lot of free questions that I could find:
These are some of the sites that I've studied:
http://opensecuritytraining.info/CISSP-Main_files/CISSP_CBK_Final_Exam_v5.5.pdf
You can find the answers here:
Cissp cbk final_exam-answers_v5.5
I even read the El Gamal paper for ECC:
http://groups.csail.mit.edu/cis/crypto/classes/6.857/papers/elgamal.pdf
Or this also for ECC:
http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa-cert.pdf
These are not required on the exam but I've read them just out of curiosity, not that I understood much.
5. I've read through the Sybex book also and I've done all their online questions. Good resource, they have about 1000+ questions that can help you. Watch out for them because they call residual risk different than ISC2.
6. Kelly Handerhan from cybrary. So check this out: this lady has a serious set of balls on her, she took the exam three times, not because she didn't pass the first time but because she wanted to be up to speed with all the changes over the years. That showed some courage right there.
7. All of my experience through the years has helped me a lot in passing.
I used to get up at 4 AM for the last two weeks and start reading on my phone in bed until 6 AM when I'd leave for work. In the car I'd listen to Shon Harris. Her book is to be used as a future reference and on the job, but yes, she has tons of material in there.
I've read the book because it was a pleasure for me and I liked her work a lot.
I wanted to thank everyone from this forum who's helped me with their postings and I've learned even from the ones that didn't pass. To those of you that didn't pass, don't ever give up, it's definitely a passable exam. My guess is that you didn't have enough experience in the field. Get a 5$ router from Goodwill and try to break WEP. After you've done that try and break WPA/TKIP, move up to WPA2 with AES and understand why you can't break that. Capture the handshake and run it through a wordlist, DOS the AP so that other clients get disconnected, understand why that is.
This is only an example, you could also get a VM and experiment at home with things, get the packet tracer from Cisco and make a VLAN to understand why you can ping this subnet and not the other, setup routes and see if you can ping hosts. I know it's too technical and they won't ask you commands, but you have to understand the bigger picture on why things work the way they do.
My personal scale on passing this thing would be like this:
< 5 years, you need a lot of reading, read everything you can get your hands on + thousands of questions.
< 10 years, just do the 11th hour and practice questions as many as you can find
< 15 years, you will pass, do the free questions and lookup answers that you got wrong and understand why picked the wrong answer and why the right answer is right.
Tips for the exam:
Take the time to write down what you remember on the pad that they will give you. I used that pad during the 5 minutes I had with the NDA. The pad is plastic, it's not paper, I found that annoying, I would've loved just a paper and a pencil.
After you hit submit, it will say congrats, don't get excited, go to the reception and they will hand you your score on a printed paper. Take some snacks with you, they will allow you unscheduled breaks so you can eat a sandwich.
Tips that helped me remember things:
TCSEC
A>B3>B2>B1>C2>C1>D(A is greater/better than, you'll get it)
DRP = R A C A R (spells as CAR and backwards) Respond/Assess/Communicate/Assemble/Recover
This one is stolen from cccure:
Bell LaPadula WURD(Write Up/Read Down) IS ALLOWED -- opposite is not allowed.
Biba RUWD( I in bIba stands for IntegrIty and biba is rude) IS ALLOWED -- opposite is not allowed
Bell is wurd up man, while biba is rude.
Trick to get the TCSEC CC and ITSEC in line
A(top dog) EAL 1 F5-E6
B3 EAL 2 F5-E5
B2 EAL 3 F4-E4
B1 EAL 4 F3-E3
C2 EAL 5 F2-E2
C1 EAL 6 F1-E1
D EAL 7 E0(that's a zero, meaning it doesn't count)
If I made a mistake please let me know, but as a general idea you can see a pattern forming. Forgive the formatting, it's just to help you in the process. Write it down many times to form your mind around it.
Know your models:
Bell LaPadula, Biba, Clark Wilson, Brewer Nash.
Last but not least:
Shoutz to everyone who helped me along and has published documentation for idiots like me(I know, too cheesy):
Richard Stallman from MIT, Robert Graham from Errata Security look him up on archive.org https://web.archive.org/web/20030401154614/http://www.robertgraham.com/pubs/index.html read the Hacking Lexicon. Eric S. Raymond for all his work, and for opening my mind, The Cathedral and the Bazaar, Theo De Raadt from OpenBSD, man that kicks ass, Torvalds for all his work on the Linux kernel, Rainforest puppy, nobody likes IIS still, too many to mention.
Thank you everyone for reading my crazy post.
I passed the exam last Thursday, it was my first try, had to drive two hours from Oxnard to LA and another two hours in the LA traffic, I had time to read another chapter though
. Anyways, it seemed real easy to me, at least in the beginning, I didn't see what the fuss was about. After the first 60 questions I knew I was going to pass. I took the whole time, it took me four hours to go through all the question but I calmed myself down a little bit after 100+. After the 170 mark, I don't know if it was me, but the questions started to be a little bit more difficult. I took another two hours to review. After I started the review I've changed a few of them and I was really tired and I decided not to change any of them because all of them seemed wrong to me .My experience:
15+ years in (almost) everything, from IOS cli to domain controllers, user accounts provisioning(ISC2 style wording), Exchange admin, Linux, all of the BSD's, FreeBSD, NetBSD and my personal favorite, OpenBSD. I was fortunate enough to work in environments where my bosses didn't care whether I've used Postfix/Exim vs Exchange email transport, and that's what helped me a lot to understand how things worked, they only wanted a dedicated email server with less spam than usual
.All of the materials used were borrowed from friends and I've digested all the postings in this forum and others, looking for free information.
Materials used:
1. Prudent man rule, do and act as a prudent man would do on the exam, choose the most prudent answer.
2. Shon Harris AIO, if I hear another bad talk about her or her book I'm going to smack you through your monitors. I will sneak myself in those unused bits from the TCP headers and will come out from underneath your monitors just like Chuck Norris had that fist underneath his chin in that Family Guy episode
. Have a little respect for her and all her work. She was also my guardian angel in the car for the past two weeks or so. I would listen to her all the time. If you have time to study and digest material there's nothing wrong with this book: I GUARANTEE you that if they would let you on the exam with this book you will pass.Just some jokes from her book:
Massive Array of Inactive Disks (MAID)
I have a maid that collects my data and vacuums.
Response: Sure you do.
RAID
Everyone be calm—this is a raid.
Response: Wrong raid.
Rest in peace Shon Harris, you helped at least this idiot pass that exam.
Practice questions:
McGraw-Hill Education | CISSP Practice Exams
3. The official CBK, the older version, 3rd I think, got it for 20 bucks used online.
4. Eric Conrad 11th hour. Very good, short and to the point. If time is a factor in your preparation use this book and TAKE A LOT OF FREE QUESTIONS. I can't stress enough this factor, take thousands of questions.
4. A lot of free questions that I could find:
These are some of the sites that I've studied:
http://opensecuritytraining.info/CISSP-Main_files/CISSP_CBK_Final_Exam_v5.5.pdf
You can find the answers here:
Cissp cbk final_exam-answers_v5.5
I even read the El Gamal paper for ECC:
http://groups.csail.mit.edu/cis/crypto/classes/6.857/papers/elgamal.pdf
Or this also for ECC:
http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa-cert.pdf
These are not required on the exam but I've read them just out of curiosity, not that I understood much
.5. I've read through the Sybex book also and I've done all their online questions. Good resource, they have about 1000+ questions that can help you. Watch out for them because they call residual risk different than ISC2.
6. Kelly Handerhan from cybrary. So check this out: this lady has a serious set of balls on her, she took the exam three times, not because she didn't pass the first time but because she wanted to be up to speed with all the changes over the years. That showed some courage right there.
7. All of my experience through the years has helped me a lot in passing.
I used to get up at 4 AM for the last two weeks and start reading on my phone in bed until 6 AM when I'd leave for work. In the car I'd listen to Shon Harris. Her book is to be used as a future reference and on the job, but yes, she has tons of material in there.
I've read the book because it was a pleasure for me and I liked her work a lot.
I wanted to thank everyone from this forum who's helped me with their postings and I've learned even from the ones that didn't pass. To those of you that didn't pass, don't ever give up, it's definitely a passable exam. My guess is that you didn't have enough experience in the field. Get a 5$ router from Goodwill and try to break WEP. After you've done that try and break WPA/TKIP, move up to WPA2 with AES and understand why you can't break that. Capture the handshake and run it through a wordlist, DOS the AP so that other clients get disconnected, understand why that is.
This is only an example, you could also get a VM and experiment at home with things, get the packet tracer from Cisco and make a VLAN to understand why you can ping this subnet and not the other, setup routes and see if you can ping hosts. I know it's too technical and they won't ask you commands, but you have to understand the bigger picture on why things work the way they do.
My personal scale on passing this thing would be like this:
< 5 years, you need a lot of reading, read everything you can get your hands on + thousands of questions.
< 10 years, just do the 11th hour and practice questions as many as you can find
< 15 years, you will pass, do the free questions and lookup answers that you got wrong and understand why picked the wrong answer and why the right answer is right.
Tips for the exam:
Take the time to write down what you remember on the pad that they will give you. I used that pad during the 5 minutes I had with the NDA. The pad is plastic, it's not paper, I found that annoying, I would've loved just a paper and a pencil.
After you hit submit, it will say congrats, don't get excited, go to the reception and they will hand you your score on a printed paper. Take some snacks with you, they will allow you unscheduled breaks so you can eat a sandwich.
Tips that helped me remember things:
TCSEC
A>B3>B2>B1>C2>C1>D(A is greater/better than, you'll get it)
DRP = R A C A R (spells as CAR and backwards) Respond/Assess/Communicate/Assemble/Recover
This one is stolen from cccure:
Bell LaPadula WURD(Write Up/Read Down) IS ALLOWED -- opposite is not allowed.
Biba RUWD( I in bIba stands for IntegrIty and biba is rude) IS ALLOWED -- opposite is not allowed
Bell is wurd up man
, while biba is rude.Trick to get the TCSEC CC and ITSEC in line
A(top dog) EAL 1 F5-E6
B3 EAL 2 F5-E5
B2 EAL 3 F4-E4
B1 EAL 4 F3-E3
C2 EAL 5 F2-E2
C1 EAL 6 F1-E1
D EAL 7 E0(that's a zero, meaning it doesn't count)
If I made a mistake please let me know, but as a general idea you can see a pattern forming. Forgive the formatting, it's just to help you in the process. Write it down many times to form your mind around it.
Know your models:
Bell LaPadula, Biba, Clark Wilson, Brewer Nash.
Last but not least:
Shoutz to everyone who helped me along and has published documentation for idiots like me(I know, too cheesy):
Richard Stallman from MIT, Robert Graham from Errata Security look him up on archive.org https://web.archive.org/web/20030401154614/http://www.robertgraham.com/pubs/index.html read the Hacking Lexicon. Eric S. Raymond for all his work, and for opening my mind, The Cathedral and the Bazaar, Theo De Raadt from OpenBSD, man that kicks ass, Torvalds for all his work on the Linux kernel, Rainforest puppy, nobody likes IIS still
, too many to mention.Thank you everyone for reading my crazy post.
Comments
-
Options
gespenstern
Member Posts: 1,243 ■■■■■■■■□□
Did you have any questions on TCSEC levels on the exam? Congratz! -
Optionscfirsten
Member Posts: 42 ■■□□□□□□□□
gespenstern wrote: »Did you have any questions on TCSEC levels on the exam? Congratz!
They made me sign an NDA man, sorry
. -
Options
clarkincnet
Member Posts: 256 ■■■□□□□□□□
CongratsGive a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F -
Optionsrony1234
Member Posts: 27 ■■■□□□□□□□
Congratulations on passing the exam. Yes I too noticed, the questions get a bit more difficult around the 150 mark. It could also be that we feel like that cos we are just mentally tired
-
Optionscfirsten
Member Posts: 42 ■■□□□□□□□□
lol @$20..congrats for your hardwork
Yeah every vendor out there will tell you, hey buy our book, buy our questions and you will pass. That's a bunch of bull, only you count in that room, what you have learned over the years, no class is going to teach you that. There's also the issue of you wanting to know about things, do you want to take this exam because you want to pass it or because you want to know what's right and what's wrong. If you go to a class you will probably learn something and you'll forget it in a few years/months because it's not in you; if you don't have the passion for it then you only have the cert and not the passion and some day you will be faced with a tough decision and you'll cost your employers money or even worse, you'll put people in danger.
Nevertheless, I really liked the exam, I'd take it one more time just for the fun of it. And as another example: I was faced at work with a decision for the networking team because they wanted to implement an SSL proxy so that they "inspect malware" coming into our networks. I told them to go f__ themselves, people have to have some level of privacy, we're not going to turn into the Patriot Act just for the sake of security. I know what you'll say that company's PCs/traffic it's the company's, but you have to exhaust all your other means and even then, I would turn that feature on only when we're infected and we're trying to prevent it from spreading not as a regular operation unless you're developing a new chip for god knows what bleeding edge device.
Anyway, thank you for thoughts, it's was a joy ride for me. I'd do it all over again, now that I know what it's about. Good luck to all of you!!! -
OptionsTheFORCE
Member Posts: 2,297 ■■■■■■■■□□
Well done! Congrats! Do you hold any other certifications since you have been in the industry for so many years?
-
Optionscfirsten
Member Posts: 42 ■■□□□□□□□□
Well done! Congrats! Do you hold any other certifications since you have been in the industry for so many years?
Yeah, I have that Sec+ from Comptia, and actually I think that was harder for me because I didn't study at all, I just walked in, but the CISSP is different, they will test you for endurance and managerial skills.I have a lot of street cred though, if you haven't actually banged your head against the wall on why one DC won't replicate to another, then no cert is going to help you.
