Passed CISSP 12-9-15

After 8 months of on and off studying, I just left the testing center with a congratulations letter in my hand!

I found the test to be actually easier than the practice questions I had been utilizing through McGraw-Hill and Sybex. The application of concepts was easier for me than the technical memorization. The exam took me 3 hours of the scheduled 6 to complete. I marked about 15 questions for review, though I only changed the answers on 2 of them.

Rather than looking for the correct answer, I first eliminated the incorrect answers. If you can do that for every question, you change from 1000 possible answers to 500 possible answers over 250 questions. That leaves you 50/50 to get the remaining answers correct. So from 50%, that takes you to 75%. Granted, this is rough to apply and not scientifically accurate 100%, but it worked for me! The resources I used are as follows:

Shon Harris AIO - I read probably 50% of the book but had trouble retaining.
Conrad's 11th Hour - invaluable resource to refresh
Cybrary CISSP Videos - Kelly Hanrahan is spot on. Best study method for me!
Sunflower Notes
McGraw-Hill practice exams
Sybex - Practice Exams
I didn't use CCCure or Transcender at all.

I studied HARD for about 1.5 months leading up to the exam, focusing on the Cybrary videos, practice questions and using the 11th hour to review.

FYI, I found more questions on Software Development than I would have cared to. That is one domain I didn't spend a whole lot of time. Got unlucky in the test bank questions I guess.

Now I have to move on to the endorsement phase. If only I knew a current CISSP well enough to use them. Guess I have to use ISC2 endorsement.

Feel free to ask any other questions that wouldn't violate the NDA.

Find more posts tagged with

Comments

danny069

Congrats! Which were the top two materials you found most helpful? And what's next for you?

threatguru

The cybrary videos and the 11th hour were the most beneficial to me. I forgot to mention, but I have about 15 years of overall IT experience, with about 10 across different security domains. The area that came easiest for me was Risk Management. I worried most about Crypto, networking and system security.

For me, I would like to take my CISM next I think. I really am not sure though. I need to think about exactly what I want to focus on. Open to recommendations. I currently focus most of my time on client security audits, risk management, etc. CRISC or CISM? Open to suggestions!

threatguru

Sorry, I am excited...forgot another tidbit. This was my FIRST EVER certification exam. I had never taken any before.

danny069

That is a great first cert! CISM is surely the next logical step. I assume you don't want to take the CISA since you already do audits?

threatguru

The security audits are done against us. I provide the info, insight and documentation from an infrastructure and security perspective. Auditing is not something I want to do. Risk Assessments and more managerial tasks will be my focus.

gespenstern

Congrats! What's next?

threatguru

The CISM, I believe.

gespenstern

Good luck on that!

g33k3r

Congrats on your pass!!

mj1982

Congrats for the pass.. time to relax and party

cledford3

threatguru wrote: »

FYI, I found more questions on Software Development than I would have cared to. That is one domain I didn't spend a whole lot of time. Got unlucky in the test bank questions I guess.

I keep hearing this over and over again, including from 3-4 guys who were retakes in my Training Camp class back in October. Out of my Training Camp class, the one person who passed, who I would have put money down wouldn't have (no disrespect to them - just no prior prep and virtually zero exposure to other aspects of IT other than software development) passed - go figure.

eawemu

ThreatGuru CONGRATULATIONS!! I sat for CISSP for the first time on Nov 18th and got 617. I was so confident that I will pass. I consumed all six hours and went through my questions again. I was very disappointed but my wife is encouraging me to retake the exams. I will retake it early 2016 and hopefully pass it then.

threatguru

Eawemu, stick with it! You will get it next time. I really recommend the Cybrary videos if you haven't watched them!