Passed - Nov 5, 2015

dochooddochood Member Posts: 11 ■■□□□□□□□□
Dear CISSP::Candidate::Friends,

I found this website a couple months back as I was researching the CISSP test, how difficult it was to pass, and what tips different folks had.

I have been a Computer Programmer / Software Engineer for 28 years. Having been in the US Air Force, particularly in two fields where security was very important, I have always been interested in computer security. Recently, I decided to branch out and take a job as a Cyber Security Specialist. Having no "official" experience as a penetration tester, incident response specialist, forensic specialist, etc, there was a stipulation on my offer letter: I had to become certified in Security+ and CISSP within six months of my employment.

I had some time before my new job started, so I began by working on the Security+ certification. I had taken a class at the local university which was supposed to cover "60% of the Sec+ Requirements". I also purchased Darril Gibson's book on Sec+ (along with the test question book, which seemed to be a re-hash of the chapter review and practice questions in the main book, anyway), and I studied about 90 minutes per day for three weeks. I took the test and got an 850 out of 900. The test felt harder than the practice tests in the books that I bought, but I did better than I expected to. The questions were more in depth and required a good grasp of security concepts, not just memorizing the facts, though there were plenty of facts as well.

After that, I proceeded to the CISSP. I bought the official guide (Darril Gibson's name was also on this one), which was about 1,000 pages long, including the answers in the back. I studied that for about three weeks, and I was averaging about 85-90% on the practice questions in the book. I was about ready to schedule my test, when I ran across this website. I found one posting that recommended the Transcender question set. I purchased it for $150 (with a discount code), and very quickly regretted it (at the time, anyway)! As I went through the Transcender questions, I ran across about 25-30% of the questions which seemed to not be covered at all in the official study guide! I was only averaging about 73% on the Transcender tests, with lots of flat-out guessing.

I took the other recommendation from that same post, and I bought the Eric Conrad book (not 11th hour) for the 2012 test (2015 is not out yet). It is 500 pages long, and much more concise and to the point than the Gibson guide. It did cover some of the things not covered in the official guide, but I was still only getting about 77% on the Transcender questions.

I went ahead and scheduled the test for the sixth week of CISSP studying, and I finished up the Conrad book. I also started watching the Cybrary.IT study videos with Kelly Handerhan (!!! ANOTHER EXCELLENT IDEA from the same post I referenced above!!!). I squeezed in the 15 hours of video in about two weeks, taking profuse notes, which I didn't really go back and look at.

I took the test on Nov 5. As I went through the first twenty five questions, I started to panic a little! There were really no "memory" questions to speak of, only "concept questions!" As I continued through my first pass, I was shocked at how few "memory / technical" questions there were on my copy of the test. I am much better at the technical stuff than the managerial stuff. I was hoping for more technical questions.

The first pass took me just over two hours to complete. I got up, took a break, had some water and a snack, and groused a little to the test proctor! After about ten minutes, I went back in and went through the questions I had flagged (about 140-150 of them at least). I took more time to carefully read over the question and all four choices. I immediately eliminated the ones that didn't make sense. I also paid special attention to the grammar of the question, looking for key "gotcha" words. I also applied a little "critical thinking" to the remaining answers. I asked myself things like "which of these things is not like the others", and "why would this answer make more sense than the other." I also thought back to key concepts that Kelly Handerhan emphasized in the Cybrary.IT videos and applied those as well.

On the second pass through, I started getting more confidence. I realized that I had just needed to spend a little more time to read the questions through. On the first pass, the questions can seem very vague and fuzzy. There seemed to be very few questions that I would classify as "straight-forward." And the low number of "technical" questions on my copy of the test shocked me! I think others will get more, but I doubt that I had more than 35 technical questions! And the ones I did have were pretty easy; nothing terribly obscure.

I would definitely say the study guide that helped me the most was the Cybrary.IT videos! Kelly Handerhan, a North Carolina country-gal with a strong southern accent, is one of the best teachers I have ever had on ANY subject! Her home-spun examples really simplify things, and she does a GREAT job of emphasizing the very concepts that will help you get past the managerial-gobbledy-gook of the questions to the CORE ISSUES of security. If Kelly says something TWICE, write it down THREE TIMES! I cannot over emphasize the helpfulness of these videos!

To summarize, the main things that helped me pass the exam in only six weeks were:
  1. taking the Security+ test first
  2. the Cybrary.IT videos
  3. the official study guide
  4. practice tests (as much as I hated the Transcender questions, they were much closer to the real test content than the official study guide questions were)
  5. studying consistently nearly every day for 90-120 minutes
  6. the fact that I'm a pretty good test-taker, and I have decent English grammar and critical thinking skills
  7. I didn't just punt after the first pass through, and I spent the time carefully reviewing the questions that I marked (after picking a non-completely-stupid answer); also, applying the concepts emphasized in the Cybrary.IT videos
I hope this wasn't too much of a ramble, and I hope you find it helpful. Please feel free to ask any questions you may have.

Comments

  • g33k3rg33k3r Member Posts: 249 ■■□□□□□□□□
    Congrats!!

    I also purchased the Transcender questions and have found them quite challenging. I haven't take the exam yet so I can't say what resources helped me the most but I really like the Cybrary videos as well!
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Thanks so much for the detailed write up. It really helps future contenders with what to study. I recently bought the Sybex CISSP 7th edition found here: http://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119042712 and I find it to be really good so far. I saw that you signed up for Transcender and didn't mention CCCure like most others have. Did you use CCCure at all or no? And finally, congrats!

    ^ I don't know why it won't link to amazon it did that before...too tired to troubleshoot lol
    I am a Jack of all trades, Master of None
  • devilbonesdevilbones Member Posts: 318 ■■■■□□□□□□
    Not gonna read that but congrats.
  • dochooddochood Member Posts: 11 ■■□□□□□□□□
    danny069,

    I actually had planned on purchasing CCCure as well, which were a LOT cheaper, and were actually the only set recommended by Larry Greeblatt (?), the guy on the YouTube channel that does CISSP Kung Fu (or whatever... that test must have really fried my brain!). They were $50, but by the time I spent $150 on the Transcender, and the money on both of the books, I didn't really feel like spending any MORE money on any study materials! Plus, the official book:

    CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide 7th Edition


    came with four practice exams as well. Also, I just didn't have the time to go over another set of questions in the amount of time I alloted.



  • dochooddochood Member Posts: 11 ■■□□□□□□□□
    Hahaha... yeah, if it lets me edit it, I'll put the summary at the beginning!
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Congrats! That's awesome! Thank you for the detailed information.
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

    Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
  • IaHawkIaHawk Member Posts: 188 ■■■□□□□□□□
    Congrats! I just started studying for the exam, plan on taking in February.
  • mahemahe Registered Users Posts: 4 ■□□□□□□□□□
  • ccnpninjaccnpninja Member Posts: 1,010 ■■■□□□□□□□
Sign In or Register to comment.