Hello everyone,
I passed the exam last Thursday, it was my first try, had to drive two hours from Oxnard to LA and another two hours in the LA traffic, I had time to read another chapter though
. Anyways, it seemed real easy to me, at least in the beginning, I didn't see what the fuss was about. After the first 60 questions I knew I was going to pass. I took the whole time, it took me four hours to go through all the question but I calmed myself down a little bit after 100+. After the 170 mark, I don't know if it was me, but the questions started to be a little bit more difficult. I took another two hours to review. After I started the review I've changed a few of them and I was really tired and I decided not to change any of them because all of them seemed wrong to me
.
My experience:
15+ years in (almost) everything, from IOS cli to domain controllers, user accounts provisioning(ISC2 style wording), Exchange admin, Linux, all of the BSD's, FreeBSD, NetBSD and my personal favorite, OpenBSD. I was fortunate enough to work in environments where my bosses didn't care whether I've used Postfix/Exim vs Exchange email transport, and that's what helped me a lot to understand how things worked, they only wanted a dedicated email server with less spam than usual
.
All of the materials used were borrowed from friends and I've digested all the postings in this forum and others, looking for free information.
Materials used:
1. Prudent man rule, do and act as a prudent man would do on the exam, choose the most prudent answer.
2. Shon Harris AIO, if I hear another bad talk about her or her book I'm going to smack you through your monitors. I will sneak myself in those unused bits from the TCP headers and will come out from underneath your monitors just like Chuck Norris had that fist underneath his chin in that Family Guy episode
. Have a little respect for her and all her work. She was also my guardian angel in the car for the past two weeks or so. I would listen to her all the time. If you have time to study and digest material there's nothing wrong with this book: I GUARANTEE you that if they would let you on the exam with this book you will pass.
Just some jokes from her book:
Massive Array of Inactive Disks (MAID)
I have a maid that collects my data and vacuums.
Response: Sure you do.
RAID
Everyone be calm—this is a raid.
Response: Wrong raid.
Rest in peace Shon Harris, you helped at least this idiot pass that exam.
Practice questions:
McGraw-Hill Education | CISSP Practice Exams
3. The official CBK, the older version, 3rd I think, got it for 20 bucks used online.
4. Eric Conrad 11th hour. Very good, short and to the point. If time is a factor in your preparation use this book and TAKE A LOT OF FREE QUESTIONS. I can't stress enough this factor, take thousands of questions.
4. A lot of free questions that I could find:
These are some of the sites that I've studied:
http://opensecuritytraining.info/CISSP-Main_files/CISSP_CBK_Final_Exam_v5.5.pdf
You can find the answers here:
Cissp cbk final_exam-answers_v5.5
I even read the El Gamal paper for ECC:
http://groups.csail.mit.edu/cis/crypto/classes/6.857/papers/elgamal.pdf
Or this also for ECC:
http://cs.ucsb.edu/~koc/ccs130h/notes/ecdsa-cert.pdf
These are not required on the exam but I've read them just out of curiosity, not that I understood much
.
5. I've read through the Sybex book also and I've done all their online questions. Good resource, they have about 1000+ questions that can help you. Watch out for them because they call residual risk different than ISC2.
6. Kelly Handerhan from cybrary. So check this out: this lady has a serious set of balls on her, she took the exam three times, not because she didn't pass the first time but because she wanted to be up to speed with all the changes over the years. That showed some courage right there.
7. All of my experience through the years has helped me a lot in passing.
I used to get up at 4 AM for the last two weeks and start reading on my phone in bed until 6 AM when I'd leave for work. In the car I'd listen to Shon Harris. Her book is to be used as a future reference and on the job, but yes, she has tons of material in there.
I've read the book because it was a pleasure for me and I liked her work a lot.
I wanted to thank everyone from this forum who's helped me with their postings and I've learned even from the ones that didn't pass. To those of you that didn't pass, don't ever give up, it's definitely a passable exam. My guess is that you didn't have enough experience in the field. Get a 5$ router from Goodwill and try to break WEP. After you've done that try and break WPA/TKIP, move up to WPA2 with AES and understand why you can't break that. Capture the handshake and run it through a wordlist, DOS the AP so that other clients get disconnected, understand why that is.
This is only an example, you could also get a VM and experiment at home with things, get the packet tracer from Cisco and make a VLAN to understand why you can ping this subnet and not the other, setup routes and see if you can ping hosts. I know it's too technical and they won't ask you commands, but you have to understand the bigger picture on why things work the way they do.
My personal scale on passing this thing would be like this:
< 5 years, you need a lot of reading, read everything you can get your hands on + thousands of questions.
< 10 years, just do the 11th hour and practice questions as many as you can find
< 15 years, you will pass, do the free questions and lookup answers that you got wrong and understand why picked the wrong answer and why the right answer is right.
Tips for the exam:
Take the time to write down what you remember on the pad that they will give you. I used that pad during the 5 minutes I had with the NDA. The pad is plastic, it's not paper, I found that annoying, I would've loved just a paper and a pencil.
After you hit submit, it will say congrats, don't get excited, go to the reception and they will hand you your score on a printed paper. Take some snacks with you, they will allow you unscheduled breaks so you can eat a sandwich.
Tips that helped me remember things:
TCSEC
A>B3>B2>B1>C2>C1>D(A is greater/better than, you'll get it)
DRP = R A C A R (spells as CAR and backwards) Respond/Assess/Communicate/Assemble/Recover
This one is stolen from cccure:
Bell LaPadula WURD(Write Up/Read Down) IS ALLOWED -- opposite is not allowed.
Biba RUWD( I in bIba stands for IntegrIty and biba is rude) IS ALLOWED -- opposite is not allowed
Bell is wurd up man
, while biba is rude.
Trick to get the TCSEC CC and ITSEC in line
A(top dog) EAL 1 F5-E6
B3 EAL 2 F5-E5
B2 EAL 3 F4-E4
B1 EAL 4 F3-E3
C2 EAL 5 F2-E2
C1 EAL 6 F1-E1
D EAL 7 E0(that's a zero, meaning it doesn't count)
If I made a mistake please let me know, but as a general idea you can see a pattern forming. Forgive the formatting, it's just to help you in the process. Write it down many times to form your mind around it.
Know your models:
Bell LaPadula, Biba, Clark Wilson, Brewer Nash.
Last but not least:
Shoutz to everyone who helped me along and has published documentation for idiots like me(I know, too cheesy):
Richard Stallman from MIT, Robert Graham from Errata Security look him up on archive.org
https://web.archive.org/web/20030401154614/http://www.robertgraham.com/pubs/index.html read the Hacking Lexicon. Eric S. Raymond for all his work, and for opening my mind, The Cathedral and the Bazaar, Theo De Raadt from OpenBSD, man that kicks ass, Torvalds for all his work on the Linux kernel, Rainforest puppy, nobody likes IIS still
, too many to mention.
Thank you everyone for reading my crazy post.
