Passed - CISSP First Attempt!

Roj4ckRoj4ck Registered Users Posts: 4 ■□□□□□□□□□
Thank you Techexams forum members for all of your assistance as I wouldn't have made it without your help! I honestly probably studied for about 4 month primarily in the last 6 weeks when I really focused on the exam (life tends to get in the way along with procrastination) Now down to what you're really here for materials:

CBT Nuggets - I did a month of this and honestly I gets overlooked and its a bit broad but its a great starter base for preparing for this exam.

Cybrary It - I listed to her MP3s on my commute to and from work everyday and read through the accompanying slides. I honestly found these better than her latest videos (even though they were geared to the last exam version) but both are solid solutions. You'll hear it across the forums time and time again but Kelly simply knows how to break down the material in a way that connected with me. During the exam I definitely used some of the thinking from her scenarios to make sense of a a question. I immediately made a donation to Cybrary upon completion and in fact you can use it for your CPEs and I'd highly recommend everyone do this and give back to this great free resource.

Eric Conrad 3rd Edition CISSP book - I honestly read this from end to end primarily because it was no fluff and it was the shortest book. I enjoyed it some may not in which case I'd recommend the Sybex book instead which is excellent. The chapter questions were excellent and I think it covered most of what is needed to past the exam.

Sybex 7th Edition. -I primarily utilized the Chapter questions and the online practice exams and read through the sections for things I was confused on in the Eric Conrad book. (I scored consistently in the low 70s not the best but it was enough)

Sunflower Notes / Combined Notes - Mainly focused on this to fill in the gaps at the end and crash course through what was left. These are truly great free resources that probably cover just about everything you will encounter on the exam and are great to review right before walking into the exam center so you can immediately jot down everythign on your little board for things you may forget (like any acronyms).

In the end it was definitely very broad but the focus was still managerial. Don't get caught up in technical details like encryption rounds and lengths. I think I got one question the whole exam that technical. You do need to get into the mindframe of thinking like a manager and resist the desire to fix things on your own. Always go with senior management first and always remember we do things to adhere with regulation and policy. You should know the major attacks covered in the books and OSI / TCP/IP models, Common Criteria, popular broad regulations (no need to get into details of those either). It truly is a mile wide inch deep exam so don't burn yourself out trying to memorize every little detail as you'll neverm ake it through. Also don't be afraid to choose an answer and mark it even if you don't know it. I probably only got through 50 questions in the first 80 minutes or so then I kind of settled in and started blowing through them. Some of those questions I couldn't find the answers for in the beginning I found the answers too later (perhaps it was my nerves too) and went back and the answers were clear to me the second time around. The first 5 questions probably took 15 minutes and I though I was in way over my head and lost hope but by the 2nd hour I got it back. It is a marathon but you can fight through it! As a side note also be careful with some of the wording which in some cases is really poorly written. If you're not a native English speaker or extremely comfortable with the language you may run into some issues because sometimes its the context of the question that makes it difficult. Several questions I found myself sitting there questioning what they meant until I figured it out then it was clearly only one choice. Good luck everyone and thank you all again!


  • Pathan89Pathan89 Member Posts: 6 ■□□□□□□□□□
    Congratulations icon_thumright.gif
  • d00gmand00gman Member Posts: 5 ■□□□□□□□□□
    Congratulations and thanks for the great writeup!
  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
  • IaHawkIaHawk Member Posts: 188 ■■■□□□□□□□
  • webpriestesswebpriestess Member Posts: 82 ■■□□□□□□□□
    Congratulations! Thanks for sharing your CISSP experience. What's next for you, man?

  • sameojsameoj Member Posts: 366 ■■■□□□□□□□
  • ChevelChevel Member Posts: 211 ■■■□□□□□□□
  • alfred06alfred06 Member Posts: 96 ■■□□□□□□□□
    Congrats, whats next for you.
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Good job!
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

  • SeabSeab Member Posts: 127
    Hey Clarkincnet,

    Just noticed that you are going for CEH after CISSP?
    I was wondering if that make sense a few days ago, is it working well togheter as a complement?
  • havoc64havoc64 Member Posts: 213 ■■□□□□□□□□
    Woot Woot! Welcome to the Club!
  • Roj4ckRoj4ck Registered Users Posts: 4 ■□□□□□□□□□
    Next haha! Well I've got my CASP and my CISSP so honestly at my point in my career I don't need any other certs. My current career doesn't really require many certs unless I'm switching into a different field. I would eventually like to obtain a CEH or a (gasp) OSCP but perhaps shifting focus into more of a PMP may be a better route. I suppose that depends on desire to focus on technical or management in the future. Honestly I plan on focusing on obtaining skills at this point particularly programming skills where I'm weak. I'd like to get a better handle on Java, Python, and .Net. and web application security skills as that's where the game is heading in my opinion.
Sign In or Register to comment.