Passed the CISSP exam on 2/20/2016 – first attempt
clarkincnet
Member Posts: 256 ■■■□□□□□□□
in CISSP
I passed the CISSP exam on Saturday – first attempt.
Wow. What an experience. I can't believe I am actually posting this! This forum helped me identify successful materials so I wanted to give back.
Where to begin? I actually began this journey about five years when work had additional training credits and I volunteered to attend a security class. In ignorance, I selected a CISSP class and was blown away by the massive content and insanely large Shon Harris book. I decided that someday, if I ever had months to spare, I would study for the exam. Fast forward to late last year – after attending a work-sponsored security summit in Chicago, my interest peeked in the CISSP certification and I decided to pursue it as a way to externally validate my 10 years of security experience.
After 92 days of studying a minimum of 4 hours a day Monday – Friday and more on Saturday, I finally took the exam and passed.
My study plan:
Conrad 2E book (7/10) – I read this book from cover to cover, highlighted a ton of concepts, and took notes on Brainscape. Decent enough book and it helped me to gain a basic understanding of the domains. I think I rather preferred the 10 Domain format – I felt like I could understand the subjects better.
Cybrary.it (10/10) – Kelly does a WONDERFUL job of breaking down the topics in an easy to understand format. I read a chapter in Eric Conrad 2E and then watched the corresponding Cybrary videos. I took notes from Kelly and added them to my Brainscape notes. I downloaded the MP3s and listened to them about three or four times altogether as I made several long trips in the car.
Brainscape (10/10) – so memorizing facts on notecards stink. I LOVE this site because they use an algorithm, based on your feedback to any one fact card, to show you only new fact cards when you are ready for them. I seriously think technology this helped me to gain command of data faster than other methods. I made close to 2,000 unique cards and ran through a total of 10,000+ views. The iPad was really easy to use. I cannot recommend this enough!!!
CBTNuggets (2/10) – I tried to use these videos and even watched about a third of them, but I couldn’t make it through the remainder. I think they are fine to help learn basic concepts but I personally couldn’t get into them. Some people have reported that they were able to really use them and I think they might work just fine for other people. Worth the cost of a month to see.
Shon Harris AIO (4/10) for study (10/10) for desk reference. I have two editions of this book – and I have read about 50% between both editions. Solid read on basic concepts. When I needed the detailed information about a concept, this book never let me down. The only issue is the current editions are dated and do not reflect the current exam.
Shon Harris MP3s (2/10) – I tried… seriously I tried. I got through one MP3. I almost fell asleep driving while listening to the calm soothing monotone voice of Shon so I decided for the driving safety of the general public I would switch over to Cybrary. Never looked back.
Sybex 7th edition (8/10) – If I had to choose a single book to read (which is crazy because I read almost every book generally suggested on the forums) this book would win. I read it cover to cover, highlighting new concepts I had not seen yet or concepts that I hadn’t completely memorized. It took some getting used to because I went from the 10 domain format to the 8 domain format. I’m not a fan of the 8 domains – I found myself having trouble trying to get a clear picture because they keep jumping around. Ok – this book verbose compared to Conrad. They literally repeat whole paragraphs from previous sections. At first I thought all the material I was reading was running together, but then I checked previous chapters and realized that it wasn’t me or deja vu – it was them. I really liked the chapter summaries – this really helped me. I later reread the book a second time only focusing on the highlighted areas and end of chapter summaries. Great book.
Conrad 3E (7/10) – I purchased this book and read through it looking for the differences and new content. The book has the same material as before (plus the extra content) but arranged in the 8 domains. No highlights as I knew the concepts by now. Great book.
I used the Combined Notes (no rating) found on this site as a last minute review but by the time I looked at it, I knew everything. It made for a good read on the airplane as I flew to my Training Camp class.
Larry Greenblatt Cyber Kung Fu (8/10) – I watched all five episodes of Larry’s Kung Fu magic. I watched this the week before I went to Training Camp. If I could do it over, I would have watched this first, and saved Kelly’s videos for last. Larry did a good job of making some concepts very easy to remember. I think some of the things he focused on were based on the old exam format.
Training Camp Online Class (3/10) – I started this class online in either December or January (midway through my preparation) but I gave up after about 3 modules or so. Honestly, I thought this was boring and not very high quality material. That’s surprising because the week long Training Camp I attended was super high quality and most wickedly awesome. I don’t know why they pushed this out – it seriously needs a revamp to catch up to their high quality live class. If you go the Training Camp route, and have limited time, either Kelly and/or Larry are worth it.
Training Camp Week Long Live Class (9/10) – This was worth the money and time. By the time I attended this class I had around 90 days of study under my belt using the books and classes referenced above (and practice tests listed below). I had a remarkable instructor who understood the material and brought it together with a lifetime of experiences which made it real. If you go this route then you need to prepare yourself for hours and hours of lecture. Did I forget to mention the hours and hours of lecture? But it was worth it. Completely worth it. I will use them again – and I’ve never really felt that way about a training center before (been around long enough to have tried several over my career).
Official CISSP CBK Training Guide (9/10) – This is the HUGE green book that you get when you attend an official course. This book covered so many topics that are not in any of the other books I had read. Some of these felt like extra knowledge type topics and some of the materials turned out to be vital to my understanding of specific concepts. After having read and studied from (nearly) all the current books out on the market for the new test, I feel I can say with some authority that they are all screwed up in some way, shape, or fashion. For example, this book is impossible to use to actually locate something. If you don’t use a sticky note to mark the page, you will never find it again. Can I just say again that I REALLY don’t like the way the domains are now organized? For example, crypto is spread all over the place. However, even with all that – this book did the best job of outlining the concepts. If you look at BCP or BIA in Sybex, Conrad, and this book, none of them explain the process the same way. That used to really bother me until I finally realized that you don’t need to memorize a specific numbered list of action items. You need to understand the bigger picture. I like absolutes, and of course, life rarely has any.
Practice Tests
Before I rate these, I wanted to make a few comments. First, I feel there are three types of questions: assessment questions, review questions, and practice questions. Each has a place but you need to understand how to use them.
Assessment Questions are either hard, easy, or equal. With this type of question, you can take a test, study concepts, and take another test. Your score should reflect the delta in your studying. Review Questions are used to point out your weaknesses – in other words – what are the things I don’t know. Both of these types of questions were very beneficial to me.
Practice Questions are realistic to the test. However, you are NOT going to find these questions on the Internet for several reasons. First, because they are simply too difficult to write. The question sites on the Internet are there to make money (and I’m glad they are there – I needed them and I really benefited from their services) but they make money by having a large number of questions in the test bank. Second, even if someone used their own skills and knowledge and wrote a question that was similar to a real test question, ISE2 would just deactivate the question in the batch. I took 1,600 questions from all different sources and they were all either assessment or review questions – nothing I worked on was close to the questions on the test. As far as brain **** - don’t believe for a second that you can find real CISSP test questions on the Internet because you will not. The site that publishes actual copyrighted questions will quickly experience a DCMA takedown.
CCCure (8/10) – This site provides a great mixture of assessment and review questions. The wording is off occasionally, the site is clunky and sometimes the reporting doesn’t work unless you click on the link several times, and there are a lot of old 10 Domain style questions. My biggest complaint with this service was the quality of the questions – there are plenty of good questions – it’s just some of the questions reference concepts that are no longer emphasized. GREAT Personal Customer Service!!!
Sybex Questions Online (8/10) – This site is terrible. The application interface is terrible. The questions; however, are high quality review questions. Best questions, hands down. I would give them a higher score if the site wasn’t a flashback straight out of 2005.
Sybex Chapter Questions (7/10) – The questions in the book were surprisingly good. I did all but a few chapters. They helped me to focus on problem areas. I liked these.
Transcender (5/10) – I got access to this through my CBTNuggets subscription. The first exam I took had networking questions and they asked me a series of subnetting questions. Spoiler Alert – you don’t have to subnet for the CISSP exam so it brings no practical purpose to do practice exams on it. I wasn’t impressed and with limited time and two solid resources (CCCure and Sybex), I decided not to try again. Maybe I got a fluke set of questions – certainly CCCure gave me some crazy questions – but I never had time to go back and give them a second chance. Other people I respect have reported they liked these so I wouldn’t rule them out.
Skillset CISSP Questions (5/10) – This site has the potential to be something very nice in the future. I watched several of their videos and thought they were succinct and very high quality. The format of the website was frustrating and the quality of the questions were “simply ok”. I think there is some real potential for this in the near future.
Final Thoughts
So… I’m an over preparer. I know it. I just wanted to learn everything I could and make sure that I had a solid understanding of all the material and not just enough to pass a certification exam. Most people do not need to do what I did – in fact now that I’ve written it all out it seems kinda crazy even to me. But I recognize this is just me.
People learn differently. I learn by using all my senses. I would read a concept, write it down on Brainscape, walk around my house, an airport, or a soccer field between innings watching my kids play, reading those concepts out loud and rating my mastery. I would then watch a video where someone else explained the concepts and added their personal experiences. Each time I touched the material I tried to attach the concepts to my own professional experiences in security. I'm a speed reader BTW.
I found it amazing that many people who attended the Training Camp class with me had done little to no studying ahead of time. One of which I know passed the exam. So, there are a lot of ways to do this and depending on who you are and how you study, you just need to find what works for you personally. Good Luck!
Sorry that was a LONG post. I don’t want to get into any specifics of the test because of the agreement I signed. Now, I’m going to fly back home and see if my wife and kids will remember who I am… Next week I will start on the credentialing process. CISM next?
Wow. What an experience. I can't believe I am actually posting this! This forum helped me identify successful materials so I wanted to give back.
Where to begin? I actually began this journey about five years when work had additional training credits and I volunteered to attend a security class. In ignorance, I selected a CISSP class and was blown away by the massive content and insanely large Shon Harris book. I decided that someday, if I ever had months to spare, I would study for the exam. Fast forward to late last year – after attending a work-sponsored security summit in Chicago, my interest peeked in the CISSP certification and I decided to pursue it as a way to externally validate my 10 years of security experience.
After 92 days of studying a minimum of 4 hours a day Monday – Friday and more on Saturday, I finally took the exam and passed.
My study plan:
Conrad 2E book (7/10) – I read this book from cover to cover, highlighted a ton of concepts, and took notes on Brainscape. Decent enough book and it helped me to gain a basic understanding of the domains. I think I rather preferred the 10 Domain format – I felt like I could understand the subjects better.
Cybrary.it (10/10) – Kelly does a WONDERFUL job of breaking down the topics in an easy to understand format. I read a chapter in Eric Conrad 2E and then watched the corresponding Cybrary videos. I took notes from Kelly and added them to my Brainscape notes. I downloaded the MP3s and listened to them about three or four times altogether as I made several long trips in the car.
Brainscape (10/10) – so memorizing facts on notecards stink. I LOVE this site because they use an algorithm, based on your feedback to any one fact card, to show you only new fact cards when you are ready for them. I seriously think technology this helped me to gain command of data faster than other methods. I made close to 2,000 unique cards and ran through a total of 10,000+ views. The iPad was really easy to use. I cannot recommend this enough!!!
CBTNuggets (2/10) – I tried to use these videos and even watched about a third of them, but I couldn’t make it through the remainder. I think they are fine to help learn basic concepts but I personally couldn’t get into them. Some people have reported that they were able to really use them and I think they might work just fine for other people. Worth the cost of a month to see.
Shon Harris AIO (4/10) for study (10/10) for desk reference. I have two editions of this book – and I have read about 50% between both editions. Solid read on basic concepts. When I needed the detailed information about a concept, this book never let me down. The only issue is the current editions are dated and do not reflect the current exam.
Shon Harris MP3s (2/10) – I tried… seriously I tried. I got through one MP3. I almost fell asleep driving while listening to the calm soothing monotone voice of Shon so I decided for the driving safety of the general public I would switch over to Cybrary. Never looked back.
Sybex 7th edition (8/10) – If I had to choose a single book to read (which is crazy because I read almost every book generally suggested on the forums) this book would win. I read it cover to cover, highlighting new concepts I had not seen yet or concepts that I hadn’t completely memorized. It took some getting used to because I went from the 10 domain format to the 8 domain format. I’m not a fan of the 8 domains – I found myself having trouble trying to get a clear picture because they keep jumping around. Ok – this book verbose compared to Conrad. They literally repeat whole paragraphs from previous sections. At first I thought all the material I was reading was running together, but then I checked previous chapters and realized that it wasn’t me or deja vu – it was them. I really liked the chapter summaries – this really helped me. I later reread the book a second time only focusing on the highlighted areas and end of chapter summaries. Great book.
Conrad 3E (7/10) – I purchased this book and read through it looking for the differences and new content. The book has the same material as before (plus the extra content) but arranged in the 8 domains. No highlights as I knew the concepts by now. Great book.
I used the Combined Notes (no rating) found on this site as a last minute review but by the time I looked at it, I knew everything. It made for a good read on the airplane as I flew to my Training Camp class.
Larry Greenblatt Cyber Kung Fu (8/10) – I watched all five episodes of Larry’s Kung Fu magic. I watched this the week before I went to Training Camp. If I could do it over, I would have watched this first, and saved Kelly’s videos for last. Larry did a good job of making some concepts very easy to remember. I think some of the things he focused on were based on the old exam format.
Training Camp Online Class (3/10) – I started this class online in either December or January (midway through my preparation) but I gave up after about 3 modules or so. Honestly, I thought this was boring and not very high quality material. That’s surprising because the week long Training Camp I attended was super high quality and most wickedly awesome. I don’t know why they pushed this out – it seriously needs a revamp to catch up to their high quality live class. If you go the Training Camp route, and have limited time, either Kelly and/or Larry are worth it.
Training Camp Week Long Live Class (9/10) – This was worth the money and time. By the time I attended this class I had around 90 days of study under my belt using the books and classes referenced above (and practice tests listed below). I had a remarkable instructor who understood the material and brought it together with a lifetime of experiences which made it real. If you go this route then you need to prepare yourself for hours and hours of lecture. Did I forget to mention the hours and hours of lecture? But it was worth it. Completely worth it. I will use them again – and I’ve never really felt that way about a training center before (been around long enough to have tried several over my career).
Official CISSP CBK Training Guide (9/10) – This is the HUGE green book that you get when you attend an official course. This book covered so many topics that are not in any of the other books I had read. Some of these felt like extra knowledge type topics and some of the materials turned out to be vital to my understanding of specific concepts. After having read and studied from (nearly) all the current books out on the market for the new test, I feel I can say with some authority that they are all screwed up in some way, shape, or fashion. For example, this book is impossible to use to actually locate something. If you don’t use a sticky note to mark the page, you will never find it again. Can I just say again that I REALLY don’t like the way the domains are now organized? For example, crypto is spread all over the place. However, even with all that – this book did the best job of outlining the concepts. If you look at BCP or BIA in Sybex, Conrad, and this book, none of them explain the process the same way. That used to really bother me until I finally realized that you don’t need to memorize a specific numbered list of action items. You need to understand the bigger picture. I like absolutes, and of course, life rarely has any.
Practice Tests
Before I rate these, I wanted to make a few comments. First, I feel there are three types of questions: assessment questions, review questions, and practice questions. Each has a place but you need to understand how to use them.
Assessment Questions are either hard, easy, or equal. With this type of question, you can take a test, study concepts, and take another test. Your score should reflect the delta in your studying. Review Questions are used to point out your weaknesses – in other words – what are the things I don’t know. Both of these types of questions were very beneficial to me.
Practice Questions are realistic to the test. However, you are NOT going to find these questions on the Internet for several reasons. First, because they are simply too difficult to write. The question sites on the Internet are there to make money (and I’m glad they are there – I needed them and I really benefited from their services) but they make money by having a large number of questions in the test bank. Second, even if someone used their own skills and knowledge and wrote a question that was similar to a real test question, ISE2 would just deactivate the question in the batch. I took 1,600 questions from all different sources and they were all either assessment or review questions – nothing I worked on was close to the questions on the test. As far as brain **** - don’t believe for a second that you can find real CISSP test questions on the Internet because you will not. The site that publishes actual copyrighted questions will quickly experience a DCMA takedown.
CCCure (8/10) – This site provides a great mixture of assessment and review questions. The wording is off occasionally, the site is clunky and sometimes the reporting doesn’t work unless you click on the link several times, and there are a lot of old 10 Domain style questions. My biggest complaint with this service was the quality of the questions – there are plenty of good questions – it’s just some of the questions reference concepts that are no longer emphasized. GREAT Personal Customer Service!!!
Sybex Questions Online (8/10) – This site is terrible. The application interface is terrible. The questions; however, are high quality review questions. Best questions, hands down. I would give them a higher score if the site wasn’t a flashback straight out of 2005.
Sybex Chapter Questions (7/10) – The questions in the book were surprisingly good. I did all but a few chapters. They helped me to focus on problem areas. I liked these.
Transcender (5/10) – I got access to this through my CBTNuggets subscription. The first exam I took had networking questions and they asked me a series of subnetting questions. Spoiler Alert – you don’t have to subnet for the CISSP exam so it brings no practical purpose to do practice exams on it. I wasn’t impressed and with limited time and two solid resources (CCCure and Sybex), I decided not to try again. Maybe I got a fluke set of questions – certainly CCCure gave me some crazy questions – but I never had time to go back and give them a second chance. Other people I respect have reported they liked these so I wouldn’t rule them out.
Skillset CISSP Questions (5/10) – This site has the potential to be something very nice in the future. I watched several of their videos and thought they were succinct and very high quality. The format of the website was frustrating and the quality of the questions were “simply ok”. I think there is some real potential for this in the near future.
Final Thoughts
So… I’m an over preparer. I know it. I just wanted to learn everything I could and make sure that I had a solid understanding of all the material and not just enough to pass a certification exam. Most people do not need to do what I did – in fact now that I’ve written it all out it seems kinda crazy even to me. But I recognize this is just me.
People learn differently. I learn by using all my senses. I would read a concept, write it down on Brainscape, walk around my house, an airport, or a soccer field between innings watching my kids play, reading those concepts out loud and rating my mastery. I would then watch a video where someone else explained the concepts and added their personal experiences. Each time I touched the material I tried to attach the concepts to my own professional experiences in security. I'm a speed reader BTW.
I found it amazing that many people who attended the Training Camp class with me had done little to no studying ahead of time. One of which I know passed the exam. So, there are a lot of ways to do this and depending on who you are and how you study, you just need to find what works for you personally. Good Luck!
Sorry that was a LONG post. I don’t want to get into any specifics of the test because of the agreement I signed. Now, I’m going to fly back home and see if my wife and kids will remember who I am… Next week I will start on the credentialing process. CISM next?
Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F
Comments
-
CLICK Member Posts: 88 ■■■□□□□□□□AWESOME review and wrap up. BIG Congrats on the Pass.. Really well deserved !
-
pskroyal Member Posts: 4 ■□□□□□□□□□clarkincnet wrote: »I passed the CISSP exam on Saturday – first attempt.
Wow. What an experience. I can't believe I am actually posting this! This forum helped me identify successful materials so I wanted to give back.
Where to begin? I actually began this journey about five years when work had additional training credits and I volunteered to attend a security class. In ignorance, I selected a CISSP class and was blown away by the massive content and insanely large Shon Harris book. I decided that someday, if I ever had months to spare, I would study for the exam. Fast forward to late last year – after attending a work-sponsored security summit in Chicago, my interest peeked in the CISSP certification and I decided to pursue it as a way to externally validate my 10 years of security experience.
After 92 days of studying a minimum of 4 hours a day Monday – Friday and more on Saturday, I finally took the exam and passed.
My study plan:
Conrad 2E book (7/10) – I read this book from cover to cover, highlighted a ton of concepts, and took notes on Brainscape. Decent enough book and it helped me to gain a basic understanding of the domains. I think I rather preferred the 10 Domain format – I felt like I could understand the subjects better.
Cybrary.it (10/10) – Kelly does a WONDERFUL job of breaking down the topics in an easy to understand format. I read a chapter in Eric Conrad 2E and then watched the corresponding Cybrary videos. I took notes from Kelly and added them to my Brainscape notes. I downloaded the MP3s and listened to them about three or four times altogether as I made several long trips in the car.
Brainscape (10/10) – so memorizing facts on notecards stink. I LOVE this site because they use an algorithm, based on your feedback to any one fact card, to show you only new fact cards when you are ready for them. I seriously think technology this helped me to gain command of data faster than other methods. I made close to 2,000 unique cards and ran through a total of 10,000+ views. The iPad was really easy to use. I cannot recommend this enough!!!
CBTNuggets (2/10) – I tried to use these videos and even watched about a third of them, but I couldn’t make it through the remainder. I think they are fine to help learn basic concepts but I personally couldn’t get into them. Some people have reported that they were able to really use them and I think they might work just fine for other people. Worth the cost of a month to see.
Shon Harris AIO (4/10) for study (10/10) for desk reference. I have two editions of this book – and I have read about 50% between both editions. Solid read on basic concepts. When I needed the detailed information about a concept, this book never let me down. The only issue is the current editions are dated and do not reflect the current exam.
Shon Harris MP3s (2/10) – I tried… seriously I tried. I got through one MP3. I almost fell asleep driving while listening to the calm soothing monotone voice of Shon so I decided for the driving safety of the general public I would switch over to Cybrary. Never looked back.
Sybex 7th edition (8/10) – If I had to choose a single book to read (which is crazy because I read almost every book generally suggested on the forums) this book would win. I read it cover to cover, highlighting new concepts I had not seen yet or concepts that I hadn’t completely memorized. It took some getting used to because I went from the 10 domain format to the 8 domain format. I’m not a fan of the 8 domains – I found myself having trouble trying to get a clear picture because they keep jumping around. Ok – this book verbose compared to Conrad. They literally repeat whole paragraphs from previous sections. At first I thought all the material I was reading was running together, but then I checked previous chapters and realized that it wasn’t me or deja vu – it was them. I really liked the chapter summaries – this really helped me. I later reread the book a second time only focusing on the highlighted areas and end of chapter summaries. Great book.
Conrad 3E (7/10) – I purchased this book and read through it looking for the differences and new content. The book has the same material as before (plus the extra content) but arranged in the 8 domains. No highlights as I knew the concepts by now. Great book.
I used the Combined Notes (no rating) found on this site as a last minute review but by the time I looked at it, I knew everything. It made for a good read on the airplane as I flew to my Training Camp class.
Larry Greenblatt Cyber Kung Fu (8/10) – I watched all five episodes of Larry’s Kung Fu magic. I watched this the week before I went to Training Camp. If I could do it over, I would have watched this first, and saved Kelly’s videos for last. Larry did a good job of making some concepts very easy to remember. I think some of the things he focused on were based on the old exam format.
Training Camp Online Class (3/10) – I started this class online in either December or January (midway through my preparation) but I gave up after about 3 modules or so. Honestly, I thought this was boring and not very high quality material. That’s surprising because the week long Training Camp I attended was super high quality and most wickedly awesome. I don’t know why they pushed this out – it seriously needs a revamp to catch up to their high quality live class. If you go the Training Camp route, and have limited time, either Kelly and/or Larry are worth it.
Training Camp Week Long Live Class (9/10) – This was worth the money and time. By the time I attended this class I had around 90 days of study under my belt using the books and classes referenced above (and practice tests listed below). I had a remarkable instructor who understood the material and brought it together with a lifetime of experiences which made it real. If you go this route then you need to prepare yourself for hours and hours of lecture. Did I forget to mention the hours and hours of lecture? But it was worth it. Completely worth it. I will use them again – and I’ve never really felt that way about a training center before (been around long enough to have tried several over my career).
Official CISSP CBK Training Guide (9/10) – This is the HUGE green book that you get when you attend an official course. This book covered so many topics that are not in any of the other books I had read. Some of these felt like extra knowledge type topics and some of the materials turned out to be vital to my understanding of specific concepts. After having read and studied from (nearly) all the current books out on the market for the new test, I feel I can say with some authority that they are all screwed up in some way, shape, or fashion. For example, this book is impossible to use to actually locate something. If you don’t use a sticky note to mark the page, you will never find it again. Can I just say again that I REALLY don’t like the way the domains are now organized? For example, crypto is spread all over the place. However, even with all that – this book did the best job of outlining the concepts. If you look at BCP or BIA in Sybex, Conrad, and this book, none of them explain the process the same way. That used to really bother me until I finally realized that you don’t need to memorize a specific numbered list of action items. You need to understand the bigger picture. I like absolutes, and of course, life rarely has any.
Practice Tests
Before I rate these, I wanted to make a few comments. First, I feel there are three types of questions: assessment questions, review questions, and practice questions. Each has a place but you need to understand how to use them.
Assessment Questions are either hard, easy, or equal. With this type of question, you can take a test, study concepts, and take another test. Your score should reflect the delta in your studying. Review Questions are used to point out your weaknesses – in other words – what are the things I don’t know. Both of these types of questions were very beneficial to me.
Practice Questions are realistic to the test. However, you are NOT going to find these questions on the Internet for several reasons. First, because they are simply too difficult to write. The question sites on the Internet are there to make money (and I’m glad they are there – I needed them and I really benefited from their services) but they make money by having a large number of questions in the test bank. Second, even if someone used their own skills and knowledge and wrote a question that was similar to a real test question, ISE2 would just deactivate the question in the batch. I took 1,600 questions from all different sources and they were all either assessment or review questions – nothing I worked on was close to the questions on the test. As far as brain **** - don’t believe for a second that you can find real CISSP test questions on the Internet because you will not. The site that publishes actual copyrighted questions will quickly experience a DCMA takedown.
CCCure (8/10) – This site provides a great mixture of assessment and review questions. The wording is off occasionally, the site is clunky and sometimes the reporting doesn’t work unless you click on the link several times, and there are a lot of old 10 Domain style questions. My biggest complaint with this service was the quality of the questions – there are plenty of good questions – it’s just some of the questions reference concepts that are no longer emphasized. GREAT Personal Customer Service!!!
Sybex Questions Online (8/10) – This site is terrible. The application interface is terrible. The questions; however, are high quality review questions. Best questions, hands down. I would give them a higher score if the site wasn’t a flashback straight out of 2005.
Sybex Chapter Questions (7/10) – The questions in the book were surprisingly good. I did all but a few chapters. They helped me to focus on problem areas. I liked these.
Transcender (5/10) – I got access to this through my CBTNuggets subscription. The first exam I took had networking questions and they asked me a series of subnetting questions. Spoiler Alert – you don’t have to subnet for the CISSP exam so it brings no practical purpose to do practice exams on it. I wasn’t impressed and with limited time and two solid resources (CCCure and Sybex), I decided not to try again. Maybe I got a fluke set of questions – certainly CCCure gave me some crazy questions – but I never had time to go back and give them a second chance. Other people I respect have reported they liked these so I wouldn’t rule them out.
Skillset CISSP Questions (5/10) – This site has the potential to be something very nice in the future. I watched several of their videos and thought they were succinct and very high quality. The format of the website was frustrating and the quality of the questions were “simply ok”. I think there is some real potential for this in the near future.
Final Thoughts
So… I’m an over preparer. I know it. I just wanted to learn everything I could and make sure that I had a solid understanding of all the material and not just enough to pass a certification exam. Most people do not need to do what I did – in fact now that I’ve written it all out it seems kinda crazy even to me. But I recognize this is just me.
People learn differently. I learn by using all my senses. I would read a concept, write it down on Brainscape, walk around my house, an airport, or a soccer field between innings watching my kids play, reading those concepts out loud and rating my mastery. I would then watch a video where someone else explained the concepts and added their personal experiences. Each time I touched the material I tried to attach the concepts to my own professional experiences in security. I'm a speed reader BTW.
I found it amazing that many people who attended the Training Camp class with me had done little to no studying ahead of time. One of which I know passed the exam. So, there are a lot of ways to do this and depending on who you are and how you study, you just need to find what works for you personally. Good Luck!
Sorry that was a LONG post. I don’t want to get into any specifics of the test because of the agreement I signed. Now, I’m going to fly back home and see if my wife and kids will remember who I am… Next week I will start on the credentialing process. CISM next?
Congratz, and thanks for the very good review...BTW-how long did it take you to finish the exam? -
User2097 Member Posts: 41 ■■□□□□□□□□Congrats! Now plan for the next big challenge!Cert Goals: CISSP-ISSAP (May 2016) | CISM (2016) | GSEC (2016) | OSCP (2017)
College: MBA Project Management (2012) | Bachelors IT Management (2010)
Experience: Cyber Security, Information Assurance, and IT Management Officer -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□Congrats on the pass! Great writeup too, like I mentioned in mine, everyone learns differently and there is no 100% way to prepare and pass for everyone. Seems like you covered all the bases.
-
impelse Member Posts: 1,237 ■■■■□□□□□□CongratsStop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
It is your personal IPS to stop the attack. -
bpenn Member Posts: 499I dont think there is such a thing as overpreparing for this exam. I spent 5 months preparing for the exam and I know I would have failed had I not dedicated all that extra time. Fantastic write-up, I am sure many people will benefit from your experience."If your dreams dont scare you - they ain't big enough" - Life of Dillon
-
voodoo26 Member Posts: 56 ■■□□□□□□□□Congratz2014 Goals CISSP COLOR=#008000]Passed[/COLOR, 2015 Goals CISM COLOR=#ff0000]June[/COLOR
-
Terminator X Member Posts: 60 ■■■□□□□□□□Congrats and welcome to the club.-Tact is for those not witty enough to be sarcastic-
~Unknown -
IaHawk Member Posts: 188 ■■■□□□□□□□First of all, congrats on the pass!
Thank you for the suggestion on brainscape, I have used Quizlet in the past and really like what I've seen so far with brainscape. I'm not sure if either of these are yours but I've just been studying the top two rated decks ...one being 865 cards, the other 2062 cards. -
DocRoy Member Posts: 41 ■■□□□□□□□□Congrats. Your study plan looks like a blue print for us all aspiring to get our CISSP.
-
psheehan5 Member Posts: 80 ■■■□□□□□□□clarkincnet, thanks for posting your study plan. I'm on the hunt for the CISSP and I've been reading a bunch of stuff from this forum. I'll definitely use some of your plan. Congrats on the pass too.
-
YuckTheFankees Member Posts: 1,281 ■■■■■□□□□□Awesome review! I am taking the Training Camp bootcamp the first week of April, I'm trying to get in as much studying before the class.
-
clarkincnet Member Posts: 256 ■■■□□□□□□□Couple of quick responses. First, several people have asked if I could provide them with my Brainscape CISSP deck. I’m hesitant to do this because a) there are going to be mistakes in the deck and I don’t want to be responsible for giving out bad information b) some of the note cards would only make sense to me because I made them to help me understand specific details, and, c) one of the reasons this was so effective for me was because by writing the cards myself, I created another touch-point with the information. I would read information in a book, research it on the web, or watch information on a video, and then write it down on a card in Brainscape. I would then review it often using Brainscape. Taking someone else’s information would have robbed me of that opportunity.
Someone else has asked about my test taking experience. I took 4.5 hours including two breaks. I took a break at question 100 and one at question 200. I used a specific test taking methodology that I practiced when taking practice questions. I would first read the answers starting with D first then C, then B, and finally I would read A. I would then take a second or two and think about each answer and make sure I understood the term. After this, I would read the question for the first time. I read the question first for understanding and then a second time for the identification of subject, verb, adverb, and adjectives. Usually at this point the correct answer would jump out at me. If it didn’t, I marked the question. I tried to only take 60 seconds for each question – some went faster and some went slower. It took about 4 hours to go through the first pass.
There were only three questions I couldn’t answer at the first pass. I ended up with a total of 30-some marked questions. I reviewed the 30-some questions and the first and last 25 questions (because my TrainingCamp instructor said that more people would fail if they were only graded on those questions because many people move too fast through them due to time pressure). I didn’t change any answers during my review – my purpose was to make me feel confident of my attempt.
I have no idea how I actually performed but I felt like the majority of questions I understood and answered correctly.Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F -
clarkincnet Member Posts: 256 ■■■□□□□□□□awesome mate .. thanks for sharing
I took the training camp session in Orlando, FL. It was held at a Marriott which I also elected to stay at.Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!
Have: CISSP, CISM, CRISC, CGEIT, ITIL-F -
boondock Registered Users Posts: 3 ■□□□□□□□□□As a current CISSP student, thanks for the Brainscape recommendation!
-
laurieH Member Posts: 109 ■■■□□□□□□□Congratulations! Make sure you never let it lapse - you don't want to have to retake it!