Should I test now or wait CISSP
I'm planning on relocating in 3 weeks at the earliest just waiting on a background check to clear, but I'm basically wanting an opinion on if I should test before I move or wait till I get settled in the new location. I'm kind of worried about waiting as I might lose some momentum with all the things that come with moving. I've been studying for strictly the CISSP since Nov 25 2015 and wouldn't test till Jan 22 at the earliest. I passed the CEH in July 2015 and then went directly into OSCP then directly into CISSP so I didn't start cold with CISSP prep.
CISSP prep
Sys admin / Network Admin 10 + years
Masters in Information Technology
Completed CBT nugget videos
50 percent of the AIO Shon Harris
500 questions pocket prep
500 question CCURE
Currently listening to Shon Harris MP3's during commute
Planning to read the 11th hour a week prior to testing
Please share your opinions on if I should attempt the exam if I only have 3 more weeks to study or if it would be best to wait.
CISSP prep
Sys admin / Network Admin 10 + years
Masters in Information Technology
Completed CBT nugget videos
50 percent of the AIO Shon Harris
500 questions pocket prep
500 question CCURE
Currently listening to Shon Harris MP3's during commute
Planning to read the 11th hour a week prior to testing
Please share your opinions on if I should attempt the exam if I only have 3 more weeks to study or if it would be best to wait.
Comments
-
tuabuikia Member Posts: 52 ■■□□□□□□□□Take it when you're comfortable with it. You have already secured a new job and I think there's no need to rush into it. Just my 2 cents.
-
lion007 Member Posts: 36 ■■□□□□□□□□I'm planning on relocating in 3 weeks at the earliest just waiting on a background check to clear, but I'm basically wanting an opinion on if I should test before I move or wait till I get settled in the new location. I'm kind of worried about waiting as I might lose some momentum with all the things that come with moving. I've been studying for strictly the CISSP since Nov 25 2015 and wouldn't test till Jan 22 at the earliest. I passed the CEH in July 2015 and then went directly into OSCP then directly into CISSP so I didn't start cold with CISSP prep.
CISSP prep
Sys admin / Network Admin 10 + years
Masters in Information Technology
Completed CBT nugget videos
50 percent of the AIO Shon Harris
500 questions pocket prep
500 question CCURE
Currently listening to Shon Harris MP3's during commute
Planning to read the 11th hour a week prior to testing
Please share your opinions on if I should attempt the exam if I only have 3 more weeks to study or if it would be best to wait.
Hello Vonn,
I've reach your question carefully, and here is my analysis and feedback if it helps:
1. Having good practical networking background is great, but my question is: have you been into a Managerial position before? The reason I am asking this because CISSP certificate is a certificate to prove you are a Manager and have the talent to think like a Manager. If I had 10+ years experience in network admin job, this means my "Mindset" is more towards technical than a Manager who manages staff and making "Managerial Decisions". Although this is excellent experience in the real-life, but when it comes to sit your CISSP exam, this 10+ years can be your worst enemy. Please read this example which I explained in my post earlier in this forum:
If you have not been a Manager, then pick up the answer That Your Manager Would Pick Up
So for example, I am making up this question to explain this point:
Q/ What is the BEST approach to increase security in your organisation:
A- Install Bio-metric for physical access control.
B- Install Bio-metric for physical access control and Firewall/IDS/IPS for the logical access control.
C- Install Bio-metric for logical access control and Firewall/IDS/IPS for the physical access control.
D- Apply Defense in Depth.
Analysis:
======
(A) is one example of Physical Access Control.
(B) is one example of Physical Access Control and three examples of Logical Access Control... which looks right, innit?
(C) mmmm... this is a tricky one, because the examples in (B) are the same here BUT the the examples do NOT match the access control types. So this option (C) is trying to confuse me with the possible Right answer which is definitely (B)?? Maybe?
(D) mmmmm... this is tooooo short to be a good answer!! And what the heck is "Defense in Depth" anyway??!! Nah forget it... the right answer is absolutely (B)!! It stands as a good TECHNICAL ANSWER and MY PAST EXPERIENCE matches this way of thinking... Bio-metric physical access control is heaven for me! and Firewall/IDS/IPS is super right answer for ANY organisation, is it not!! ..... so I will go for (B)
You know what, you are WRONG!
Did you read the question? Again? And Again? Did you notice the Keyword "BEST"?
The Correct answer is the BEST answer you choose as a MANAGER... which is here (D) : Defense in Depth !
The concept of "Defense in Depth" is the answer that a Manager would choose. Because it implies all the physical & logical examples mentioned in (B) BUT not only this, it covers all the three main controls in CISSP: Physical + Logical + Administrative.
2- In the CISSP Prep list, you rely heavily on Shon Harris (RIP Shon!). The bad news is: Shon's study materials are "Out of Date" for the new exam. I am not referring only to the new 8 domains versus the old 10 domains which anyone can argue that they are the same contents, but I am strictly referring to the "Fact" that ISC2 have shifted their focus in the CISSP exams towards the New Fashion of Security which was delivered in the SYBEX 7th Edition book. The new fashion security, in addition to being managerial strategic security mindset not technical, it is more focused on concepts like "Advanced Persistent Threat (APT)", Zero-day attacks, mobile security, data security on cloud computing, configuration management for proactive defense. You will NOT find such topics fully explained in Shon's study materials (books or practice tests).
3- To pass the CISSP exam, you need to read the Sybex 7th Edition book (cover to cover) and practice all its practice questions in the end of each chapter.
4- Having practice only 500 questions from the CCCure practice tests are simply not enough. You need to do ALL questions (they are 1800+ questions). You may skip techy questions on the Orange Book because they are removed from the exam.
Finally, it is important to set a deadline for yourself to sit the exam. But without considering the above and just sitting the exam will mean a high risk of failing the exam. If -God forbid- you failed the exam, you will have to wait 30 days until you can sit your second attempt. So my advice is to prepare well and manage your revision time to cover the above and when you are ready book the exam.
Trust me, failing this exam does hurt I failed my first attempt - that was before I come to know this forum and before listening to the advice of those who passed.
Hopefully this was helpful
All the best mate. -
TheFORCE Member Posts: 2,297 ■■■■■■■■□□If you feel comfortable go for it. You have enough experience and other certifications that overlap some domains for CISSP. You should be able to pass it. Just focus on the questions, they can be tricky the way they are worded.
Lion is exaggerating things, there is no one book that will help you pass. Everyone has different experiences. He being too nevagtive. Just go to the exam with a positive attitude. -
dustervoice Member Posts: 877 ■■■■□□□□□□3 weeks is not a lot but if you have the experience and in those 3 weeks you've focused on your weak domains then maybe you can give it a shot. If you feel comfortable then go if not postpone it. Good Luck.
-
lion007 Member Posts: 36 ■■□□□□□□□□If you feel comfortable go for it. You have enough experience and other certifications that overlap some domains for CISSP. You should be able to pass it. Just focus on the questions, they can be tricky the way they are worded.
Lion is exaggerating things, there is no one book that will help you pass. Everyone has different experiences. He being too nevagtive. Just go to the exam with a positive attitude.
I was advising that this exam needs preparation. It is not a matter of being too negative or too positive. We are security experts and our "religion" is Risk Management. CISSP exam is not shopping! Either you pass or fail. If your Risk Analysis tells you it is okay to have Risk Acceptance of possible failing then go for it. Maybe you are okay seeing how the exam looks like regardless the result? Why not giving it a go.
But my approach after I failed the first attempt was a big blame to myself why didn't I prepare well before spending money on "giving it a go".. However everyone of us is free to make their own decision, we are professionals. In the end, this forum is for giving different opinions and sharing our own experience, leaving it to new comers to make their own decisions of how they want to plan their journey.
You and I dear TheFORCE have passed it already, so let's share our experience and let the candidates follow their gut-feeling
Good luck to you Vonn and I apologise if I sounded "too negative"! -
harrym1 Member Posts: 27 ■□□□□□□□□□Thank you, Lion for your write up here http://www.techexams.net/forums/isc-sscp-cissp/116355-passed-cissp-20-dec-2015-passing-formula.html
I have not given the exam yet, but I like the Sybex 7th edition.
It looks like you guys have a difference of opinion in this thread, but a healthy and respective discussion does not hurt anyone. -
TechGuru80 Member Posts: 1,539 ■■■■■■□□□□Take it when you're comfortable with it. You have already secured a new job and I think there's no need to rush into it. Just my 2 cents.
-
lion007 Member Posts: 36 ■■□□□□□□□□Thank you, Lion for your write up here http://www.techexams.net/forums/isc-sscp-cissp/116355-passed-cissp-20-dec-2015-passing-formula.html
I have not given the exam yet, but I like the Sybex 7th edition.
It looks like you guys have a difference of opinion in this thread, but a healthy and respective discussion does not hurt anyone.
Thank you harrym and I fully agree with you about having a healthy and respective discussion to express opinions. In the end, we all come here with good intention to help each other -
Vonn Member Posts: 14 ■□□□□□□□□□Thank you everyone for the extensive feedback, I wasn't aware of the 30 day retake policy and Iion007 your example question I had zero issues with. I'm leaning towards taking the exam but just scheduling it late as I possibly can before I move If nothing else it will be a learning experience to see what I need to focus on but I'm definitely looking to pass on the first attempt.
I will definitely take a look at the Sybex book as well as some of the concepts lion007 mentioned are not touched in the AIO. -
Vonn Member Posts: 14 ■□□□□□□□□□I just looked through all the chapters and sub-topics in the Sybex 7th edition and think I feel comfortable sticking with the AIO and stepping up my CCCure questions with review of the cloud and mobile technologies.
-
Vonn Member Posts: 14 ■□□□□□□□□□I just booked my exam for the 26th of this month, lion007 I plan to spend the week prior reviewing and going over the sybex book or there any particular chapters you would advise to look at that isn't covered in the AIO?
-
Vonn Member Posts: 14 ■□□□□□□□□□Just wanted to give an update that I sat for my exam today and passed, it took me 5 hours and 57 minutes but I got through it. I would say that Sybex 7th edition is the way to go forward.
-
iBrokeIT Member Posts: 1,318 ■■■■■■■■■□Congrats!2019: GPEN | GCFE | GXPN | GICSP | CySA+
2020: GCIP | GCIA
2021: GRID | GDSA | Pentest+
2022: GMON | GDAT
2023: GREM | GSE | GCFA
WGU BS IT-NA | SANS Grad Cert: PT&EH | SANS Grad Cert: ICS Security | SANS Grad Cert: Cyber Defense Ops | SANS Grad Cert: Incident Response -
Mike-Mike Member Posts: 1,860congrats, i dont know I can sit for almost 6 hours of testing..Currently Working On
CWTS, then WireShark -
NotHackingYou Member Posts: 1,460 ■■■■■■■■□□Congratulations!When you go the extra mile, there's no traffic.
-
nothing007 Member Posts: 14 ■□□□□□□□□□Hi Vonn,
Congrats...
Can you post your comments about Sybex 7th edition and how this book help your exam.. -
danny069 Member Posts: 1,025 ■■■■□□□□□□Wow it only took you 3 weeks, good job.I am a Jack of all trades, Master of None
-
Vonn Member Posts: 14 ■□□□□□□□□□I received my official email yesterday that I am a CISSP now, verification was about 5 weeks.
-
wayne_wonder Member Posts: 215 ■■■□□□□□□□I received my official email yesterday that I am a CISSP now, verification was about 5 weeks.
Was it worth taking
The Ceh beforehand -
Vonn Member Posts: 14 ■□□□□□□□□□I think it helped by just having me in the mindset up security and in study mode, not really the same scope of questions between the two tests though.
-
webpriestess Member Posts: 82 ■■□□□□□□□□Wow, congratulations! I am scheduled to take mine in less than two weeks. I haven't had much time to prepare, but hopefully I can be able to pull it off like you did. Congrats again