CISSP Passing tips...
Worldstoughest
Registered Users Posts: 2 ■□□□□□□□□□
in SSCP
Managed to pass the CISSP on first attempt today.
Thought I'd share a few thoughts for others to consider:
• It's not as difficult as it could be. I expected a lot more technically challenging questions, there were few.
• Comments to it being an "inch deep, mile wide" exam are very true.
• Often the questions have two answers you can eliminate immediately. i.e. They are obviously out of context.
• I found myself stumped by about 10 questions in total. A further 40 or so I was not confident about, but remainder were pretty clear cut.
• A higher volume of questions on BCP/DR, Cloud and web security than I was expecting.
• Few questions on encryption.
Ultimately, it was not the complex monster I was fearing. Suffice to say, I over studied.
Key recommendations would be to utilise Eric Conrad's CISSP study guide - by far the best text I used. The official ISC2 book and Shon Harris's publication are too detailed.
Also, leverage the excellent practice tests at www.freepracticetests.org - well worth the small investment for access.
I do have the good fortune of working 18 years in IT. This allowed me a familiarity with most concepts the exam covered. I studied intensely (6-8 hours per week) for about 5 weeks prior. But in retrospect, I over did it.
To anyone reading this concerned if they are ready to sit:
• Read the glossary of your preferred text and if MOST terms are familiar to you you're in good standing
• I averaged about 70-80% on practice exams I sat, occasionally bombing badly (50-60%). If you're doing similar you're likely ready.
And finally, remember it is a management exam - the focus is breadth not depth.
Good luck!
Thought I'd share a few thoughts for others to consider:
• It's not as difficult as it could be. I expected a lot more technically challenging questions, there were few.
• Comments to it being an "inch deep, mile wide" exam are very true.
• Often the questions have two answers you can eliminate immediately. i.e. They are obviously out of context.
• I found myself stumped by about 10 questions in total. A further 40 or so I was not confident about, but remainder were pretty clear cut.
• A higher volume of questions on BCP/DR, Cloud and web security than I was expecting.
• Few questions on encryption.
Ultimately, it was not the complex monster I was fearing. Suffice to say, I over studied.
Key recommendations would be to utilise Eric Conrad's CISSP study guide - by far the best text I used. The official ISC2 book and Shon Harris's publication are too detailed.
Also, leverage the excellent practice tests at www.freepracticetests.org - well worth the small investment for access.
I do have the good fortune of working 18 years in IT. This allowed me a familiarity with most concepts the exam covered. I studied intensely (6-8 hours per week) for about 5 weeks prior. But in retrospect, I over did it.
To anyone reading this concerned if they are ready to sit:
• Read the glossary of your preferred text and if MOST terms are familiar to you you're in good standing
• I averaged about 70-80% on practice exams I sat, occasionally bombing badly (50-60%). If you're doing similar you're likely ready.
And finally, remember it is a management exam - the focus is breadth not depth.
Good luck!
Comments
-
protacticus
Member Posts: 91 ■■■□□□□□□□
Congrats Worldstoughest ! Thanks for the preparation notes and tips. -
clarkincnet
Member Posts: 256 ■■■□□□□□□□
Thank you!Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F -
danny069
Member Posts: 1,025 ■■■■□□□□□□
Sweet! Congrats! I take it you didn't use the Sybex 7th edition?I am a Jack of all trades, Master of None -
Vonn
Member Posts: 14 ■□□□□□□□□□
Congrats I sit for my exam next week studying 5-6 hours a day for 2 months hopefully it pays off.
-
Worldstoughest
Registered Users Posts: 2 ■□□□□□□□□□
Hi all,
I used the CISSP Study Guide 2nd edition.
I had concerns about the new CBK and the fact this book wouldn't cover the new content.
As far as I could tell - the only new CBK content on the exam, not covered in the book, was related to Cloud Service Providers. There were maybe 2-3 questions in this regard.
Good luck all -
Dextra
Registered Users Posts: 4 ■■■□□□□□□□
Thanks for the insight. I've read the Shon Harris book three times, but it was just too much. I have the Conrad book and found it a bit easier to read. I also like the ISC2 book. I was told the Shon Harris book was for someone with absolutely no experience at all. I think I underestimated what I knew, so thanks for the insight. I think my approach will be a little different this time.
On another note, can anyone tell me which one of the three - CISSP, CRISC, or the CISM I should take first. I'd like to take them all, but in a manner that builds on one another reducing the amount of time I have to study for each. -
jcundiff
Member Posts: 486 ■■■■□□□□□□
Thanks for the insight. I've read the Shon Harris book three times, but it was just too much. I have the Conrad book and found it a bit easier to read. I also like the ISC2 book. I was told the Shon Harris book was for someone with absolutely no experience at all. I think I underestimated what I knew, so thanks for the insight. I think my approach will be a little different this time.
On another note, can anyone tell me which one of the three - CISSP, CRISC, or the CISM I should take first. I'd like to take them all, but in a manner that builds on one another reducing the amount of time I have to study for each.
Really depends on your experience and goals... The CISSP 1st in my opinion it is a holistic certification vs the specialization of the CRISC and CISM. I took CISSP 1st then CRISC, may do CGEIT and a couple of others before doing the CISM. With the CISM you have to have 5 years of InfoSec Management experience."Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
