CISSP Today - DID NOT PASS!!!!
I did not pass today...I studied for months and this is no joke I felt like I did not have ONE easy question...This test had nothing to do with any of the material I studied...Nothing was easy. Not one question was a given easy answer....crazy..I am a little mad today and feel that I studied the WRONG materials. I studied Harris, CBT Videos, Cybrary, over a thousand test questions and Eric Conrad study 11th hour..I can say that there was maybe 30 questions that were familiar to me and the at least 50-100 questions did not make sense...This is crazy!!!!
I was extremely prepared and thought I was ready to go...Guess not..Good luck and share your thoughts if you feel the same way I do....
I was extremely prepared and thought I was ready to go...Guess not..Good luck and share your thoughts if you feel the same way I do....
Comments
I used the eric Conrad 3rd edition full study guide, Kelly Handehan Cybray IT and trancenders and I finished the test in three hours and it wasn't as hard to me. I only have 7 years experience
the cybex book is good also
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig
Cybrary helped to understand but I had no questions on the test that were straight forward "Definition\Term based" It was 100% scenarios and had 1 question on TCP\IP and maybe on question on CIA, one on MAC and one on DAC....Seriously...It was like this was a a bad dream...
My first questions were like that yesterday. It was really about the process of elimination and test taking. I don't feel like I aced it by any means. Good luck and don't be discouraged.
Man the scope on that test is so wide and the luck of the draw is so bad. I studied everything but I felt like I spent probably 20 worthless hours on just crypto.
~Unknown
I can relate to this so strongly! I didn't think it was an easy test at all, and while the questions kind of required a broad basis of IS understanding to be able to answer, I came away from mine feeling that much of what I studied was not relevant.
My recommendation is this: first, don't give up. YOu've come this far and have dedicated so much time and effort to this that you owe it to yourself to overcome your present frustration and give it another shot.
2. write down everything you remember from the test. The questions you found hard, terms you didn't know, types of questions in general... everything. Us this as the basis for your next study plan
3. reexamine your test taking techniques. A good portion of your correct answers can come from eliminating improbably answers and making a educated guess among the remaining ones. There's a variety of exam taking strategies like this you really be familiar with. I think this made the difference for me.
4. know that you're not alone in feeling this way. I came out having the exact same thoughts as you did, and while I passed, I doubt it was by much and I definitely didn't have confidence that i did at the end. Before I left I was prepared to rebook my exam in a couple months and give it anther shot - you should be too.
All the best. You can overcome if you believe you can
++ I don't think I got any straight definition questions, and I didn't expect any either. It's supposed to test your experience and understanding, not "what is the 4th layer of the OSI level". Either way, sorry about the fail, you have the right materials, you might just be going about the studying in a different manner. Being able to define what something is is one thing, but being able to look at that as part of a bigger plan and how it interacts with a few other things, while using the viewpoint they want you to use, is another thing entirely.
FWIW, on the quoted part above, everyone learns differently. I did thousands of test questions and I found it really helpful to narrow down what I needed to focus on. I had a very wide/varied background so I had touched on a lot of the different topics before, but wasn't clear on how deep a lot of them would need to be.
As for advice, I can only say what has been said...the CISSP exam is not a memorization or definition exam. I see some who fail the CISSP who have other certifications. The CISSP exam is more than a Factual exam, it's an Understanding the concept exam. Seen it time and time again in these forums....it's a Managerial exam.
When taking the test, do not read the questions in the wrong frame of mind, don't argue with the question. Determine what the question wants and then give it the best answer of what it provided. Don't think like a technician, think like a manager.
READ THE QUESTION LAST! This is what I do and I preach this over and over...Read the answers first, then read the question. In the question look at the Adverbs and Adjectives and descriptive words, i.e. Physical, Administrative, Best, Most Likely, Least, Worst. Defining these will eliminate one or more of the possible answers leaving you with fewer possible answers.
And most importantly, There is no single place to read or garner all the knowledge you need for this test. You will need experience in the field of Information Assurance (Information Security) and you will have to study many different sources.
If you look at this forum for the "CISSP Passed" threads you will see a lot of study questions and material mentioned. Additionally it has been mentioned SEVERAL times that there are ZERO question banks that are just like the test exam. The practice exams only test your knowledge and not your understanding of all the material you need to know to pass the CISSP exam. The CISSP certification is more of a Managerial Certification rather than a Technical..hence the stringent prerequisites. With all that being said, below is my list of study material.
(ISC)2 Official CBK - Hardest book I have ever read, so much fluff..
CISSP Study Guide, 2E by Eric Conrad
CISSP Study Guide 11th Hour by Eric Conrad
**CCCure Practice Exam
CCCure Review Notes
**Transcender Practice Exams
Sunflower Review Notes
**(ISC)2 Official Study Guide 7th Edition - Sybex
**Cybrary CISSP videos and MP3s.
**Combined Notes from this forum.
**Quizlet (ISC)2 Official Flash Cards (These are free and are the exact same flash cards they gave us at the class)
**Official (ISC)2 Traning Guide CISSP CBK - Official Training Guide from the class.
I read them all, cover to cover. The ones with the ** are what I think were most beneficial to my passing the exam. These along with the class, is what I believe helped me pass the exam. I took the official (ISC)2 Class November 2-7th, taught by Buzz Murphy from Training Camp. I took the exam on the 7th of November. It took me 4 hours to get through the first pass and an additional 44 minutes to go over the 40 flagged questions, if which I changed 11 of them.
There are a great many people who think they can read the Shon Harris book and pass the test. Maybe they can, but I don't recommend it. The majority of people who pass the test use several different resources and have years of experience.
Hope this helps, and good luck on the re-test.
Peace!
Now for some honest advice that hopefully with help you out.
This exam is targeted at Infosec Managers. Not saying that you have to be one to pass the exam or get the cert, but that's the target demo for this exam. What this means is that you need to not only know concepts, taxonomy, nomenclature, standards, frameworks, etc., dealing with information security, you need to be able to make managerial decisions and demonstrate your understanding of how those concepts play out in a realistic scenario.
Many people describe this exam as "mile wide, inch deep" or "know a little about a lot" but those are inaccurate IMO. The test attempts to determine if you can manage a security program/department, which doesn't require in-depth understanding of how to install or administer specific technologies, but rather solid enough understanding of the technology and information assets at risk, what the risks are, what admin and technical countermeasures could be deployed, where to draw the line between security and usability/cost/performance/stability/business need, etc. That requires a foundation of broad technical knowledge and management experience that over times forms professional judgment.
My advice is don't get a quick review guide and take a zillion practice test questions. There is no shortcut for this exam. Quick review guides are for exactly that - quick review of what you already learned. Practice exams are for that exactly - practice taking the exam. They assess your strong/weak areas and rehearse the exam process for you so you're not going into the real exam without an indicator of what to expect.
Read a full, thick, zillion page study guide that is recommended by those who have passed. Put your infosec manager hat on and keep it on while you study AND very importantly while you take the exam. For this exam you're an IT Security Manager for a large enterprise network. As you study the topic, keep that in mind - WHY is this important? WHEN will this be something to consider? WHAT are the pros/cons/impacts of using this?
Here and there test your progress with a practice exam. But practice exams aren't very helpful at teaching you the material. They show you what areas you need to focus on.
I wish you the best, learn from the experience and you will pass next time.
Time to start studying again soon...I think i am going to take my team and read and understand much better before trying it agin...Thought understanding the material was enough...need more managerial thinking and I am a manager...errrrrr....LOL
Scary thing to read! I still have about 45days to study.
I mostly use Sybex 2015 + Sybex questions + cccure questions.
Sybex questions are mostly copy/paste from the book, they are not easy, but almost no scenario, similar for cccure.
I use cybrary for the MP3, and video if I have time. I think they are really good, somehow more interresting than other. I guess Cybrary video covers about 75%, and probably are not totally up to date, but still nice to have.
Any recommendation for practicing scenarios??
Thanks!
I'm curious as to why you'd go for the CISSP with 0 years in IT?
Taking the CISSP exam with no infosec experience is a huge waste of time and money, FYI. Even if you pass, it does nothing for your job prospects because you need 5 years of experience to attain the CISSP cert.
You have to have 5 year experience or 4 years plus an approved certification or degree to sit for the exam. Even if you pass, you won't get certified because you won't be able to get an endorsement.
Ooh, thanks for explaining. I'll come back in a few years then.
M.I.S.M: Master of Information Systems Management
M.B.A: Master of Business Administration