CISSP Passing tips...

WorldstoughestWorldstoughest Registered Users Posts: 2 ■□□□□□□□□□
Managed to pass the CISSP on first attempt today.

Thought I'd share a few thoughts for others to consider:

• It's not as difficult as it could be. I expected a lot more technically challenging questions, there were few.

• Comments to it being an "inch deep, mile wide" exam are very true.

• Often the questions have two answers you can eliminate immediately. i.e. They are obviously out of context.

• I found myself stumped by about 10 questions in total. A further 40 or so I was not confident about, but remainder were pretty clear cut.

• A higher volume of questions on BCP/DR, Cloud and web security than I was expecting.

• Few questions on encryption.

Ultimately, it was not the complex monster I was fearing. Suffice to say, I over studied.

Key recommendations would be to utilise Eric Conrad's CISSP study guide - by far the best text I used. The official ISC2 book and Shon Harris's publication are too detailed.

Also, leverage the excellent practice tests at www.freepracticetests.org - well worth the small investment for access.

I do have the good fortune of working 18 years in IT. This allowed me a familiarity with most concepts the exam covered. I studied intensely (6-8 hours per week) for about 5 weeks prior. But in retrospect, I over did it.

To anyone reading this concerned if they are ready to sit:

• Read the glossary of your preferred text and if MOST terms are familiar to you you're in good standing

• I averaged about 70-80% on practice exams I sat, occasionally bombing badly (50-60%). If you're doing similar you're likely ready.

And finally, remember it is a management exam - the focus is breadth not depth.

Good luck!

Comments

  • protacticusprotacticus Member Posts: 91 ■■■□□□□□□□
    Congrats Worldstoughest ! Thanks for the preparation notes and tips.
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Thank you!
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

    Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
  • MechsMechs Member Posts: 25 ■□□□□□□□□□
    Hi, which version of Eric Conrad's book did you use
  • danny069danny069 Member Posts: 1,025 ■■■■□□□□□□
    Sweet! Congrats! I take it you didn't use the Sybex 7th edition?
    I am a Jack of all trades, Master of None
  • dustervoicedustervoice Member Posts: 877 ■■■■□□□□□□
    Congrats , thanks for the write-up.
  • VonnVonn Member Posts: 14 ■□□□□□□□□□
    Congrats I sit for my exam next week studying 5-6 hours a day for 2 months hopefully it pays off.
  • gncsmithgncsmith Member Posts: 459 ■■■□□□□□□□
    Congrats! Thanks for the feedback and tips!
  • WorldstoughestWorldstoughest Registered Users Posts: 2 ■□□□□□□□□□
    Hi all,

    I used the CISSP Study Guide 2nd edition.

    I had concerns about the new CBK and the fact this book wouldn't cover the new content.

    As far as I could tell - the only new CBK content on the exam, not covered in the book, was related to Cloud Service Providers. There were maybe 2-3 questions in this regard.

    Good luck all
  • sameojsameoj Member Posts: 366 ■■■□□□□□□□
  • DextraDextra Registered Users Posts: 4 ■■■□□□□□□□
    Thanks for the insight. I've read the Shon Harris book three times, but it was just too much. I have the Conrad book and found it a bit easier to read. I also like the ISC2 book. I was told the Shon Harris book was for someone with absolutely no experience at all. I think I underestimated what I knew, so thanks for the insight. I think my approach will be a little different this time.

    On another note, can anyone tell me which one of the three - CISSP, CRISC, or the CISM I should take first. I'd like to take them all, but in a manner that builds on one another reducing the amount of time I have to study for each.
  • Brain-DBrain-D Member Posts: 134
  • NotHackingYouNotHackingYou Member Posts: 1,460 ■■■■■■■■□□
    Congrats!
    When you go the extra mile, there's no traffic.
  • jcundiffjcundiff Member Posts: 486 ■■■■□□□□□□
    Dextra wrote: »
    Thanks for the insight. I've read the Shon Harris book three times, but it was just too much. I have the Conrad book and found it a bit easier to read. I also like the ISC2 book. I was told the Shon Harris book was for someone with absolutely no experience at all. I think I underestimated what I knew, so thanks for the insight. I think my approach will be a little different this time.

    On another note, can anyone tell me which one of the three - CISSP, CRISC, or the CISM I should take first. I'd like to take them all, but in a manner that builds on one another reducing the amount of time I have to study for each.

    Really depends on your experience and goals... The CISSP 1st in my opinion it is a holistic certification vs the specialization of the CRISC and CISM. I took CISSP 1st then CRISC, may do CGEIT and a couple of others before doing the CISM. With the CISM you have to have 5 years of InfoSec Management experience.
    "Hard Work Beats Talent When Talent Doesn't Work Hard" - Tim Notke
  • DocRoyDocRoy Member Posts: 41 ■■□□□□□□□□
    Congrats on your accomplishment
Sign In or Register to comment.