Passed CISSP with 30 Days of Study (Detailed Post)

ZzBloopzZ

Passed the exam last week! I wanted to post this sooner but was mentally/physically/spiritually exhausted for 2-3 days after the exam, and had to catch up with work. Also, still working on my Endorsement paperwork which I plan to submit to my endorser by tomorrow night.

The Exam:

The exam itself was BRUTAL! I felt that I knew the material itself, however the hard part was trying to understand the English wording itself and trying to figure out what is exactly being asked? My English is pretty good but I still had to re-read some questions 4-5 times. That is my only gripe with ISC2, I feel that the wording is purposely trying to trick you instead of just testing your knowledge/experience. Just knowing the material is not enough, it really tests your reasoning/logic/deduction skills. However, I do understand; if the exam was too easy then it wouldn’t be worth what it is today. In the DC area having the CISSP is almost guarantee at LEAST 110k salary. I have friends making 168k, 180k and 220k and the highest certs they hold is the CISSP.
One HUGE STUPID mistake I made was near the middle of the exam. The time remaining counter is measured in minutes. For some reason I thought I had only 1.5 hours left and I wasn’t even half way through the exam! I went into PANIC mode and rushed through 15-20 questions but I was clearly not focused because of fear of running out of time in the back of my head. Then I used the on screen calculator and realized I had around 3 hours left, silly stupid me! I went back to those questions but wasted a good 30+ minutes because of this. Anyways, because of this self-inflicted incident I truly thought I was going to fail so I did all I could do, which was to try my absolute best. Even during my breaks I was thinking how I would re-focus my studies for next time. I finished the exam with 35 minutes left on the clock. I went to take a quick break and went back to go through my flagged questions. I did not even go through half of them as I ran out of time. Even though my mentor told me NOT to change questions at the end to just follow your instincts I knew for sure some of the earlier questions were wrong. I was in the flow in the middle of the exam on how “ISC2” wanted me to answer their questions. I can’t really explain it but there is a certain way they want you to answer. I changed at least 8 answers. When I got my print out that I passed, I had to look at it LITERALLY 3 times as I thought my eyes were playing tricks on me. I was so exhausted that I just let out a half smile, got my things, and went to the nearest bar for shots alone. Friend cooked me dinner then I passed out shortly after. It took a day or two to really sink in and accept that I passed.

Exam Myth:

Putting my pride/ego aside, I was always very intimidated by the CISSP. This is coming from someone that made 100/hour in his early 20’s when I didn’t really fear anything. Also, this is the only exam on this forum where people are like "Passed on the FIRST time!" As if it is expected to fail first time which doesn't help how one perceives the exam. I also know several super smart people that failed the exam (several times even). Even the Cyber Security Lead at my old job who was truly a genius on security failed it twice and gave up on it. He has at least 6-8 other security certifications and over 10 years’ experience in the field too. I truly thought that you needed to attend those highly rated boot camps that cost several thousands of dollars in order to pass and read 4-5 1000+ page books. You don’t need to do all that, it’s all hyped up BS! I did 100% self-study and did it in exactly 30 days of study. Yes, it was tough and took pure discipline/hard work but surprisingly not as much intelligence since this is not a memorization exam, it is conceptual. If I can pass, so can you! Just remove these stupid negative limiting beliefs. The real issue is that people just don't know how to study properly since we never really had to for our degrees typically. Also, everything happens for a reason since I delayed taking the exam the beautiful Sybex 7^th edition was available as a resource which is the first book to be actually verified by the exam writers themselves @ ISC2. I have to really thank this forum for helping me demystify the CISSP. :c)

How to Study (The way I WISH someone told me):

1. Watch the Cybrary videos first. It is roughly 16 hours long, do not take notes the first viewing just watch it through to get a full understanding. I originally took notes the first time and it was a waste… just trust me on this and take notes on the second viewing which you will do 2-3 days before the exam. Preferably over the weekend before the exam.
2. Read “Eric Conrad’s CISSP Study Guide, 3rd Edition” I wish someone explained it to me this way: It is a “boot camp” in a book format which even the introduction states this. My local library offered a digital version of this book for free!
3. Now it is time to read the “Sybex CISSP Official Study Guide, 7^th Edition” Yes, this book can be dry but thanks to a thread I made I realized that the official CBK is MUCH dryer. I wish I had gone through #1 and #2 before tackling this book so that way I would have gotten more out of it on each pass since concepts would have been understood before tackling this. Read it through, take notes and highlight. Then the second time through focus on the Exam Essentials sections. I recommend physical book otherwise your eyes will be dead. Also, scientific studies show that you retain information better by reading it physically over digitally.
4. Once you are done with #3 now it is time to do practice exams. I did LOTS of research on this and official Sybex exams and CCCure were the best. Don’t waste your time on the others especially stay away from Transcender. I would do at least 4-5 real world simulation 250 questions because 50% of the exam is your test taking endurance. Only way to work on endurance is practice however do not take any big exams within 48 hours of the exam as your brain needs to rest/recover like real world exercise. Also, use “Hard” mode for CCCure. I took a few smaller tests after passing the exam and can indeed verify that “Hard” mode is much more in alignment of the real exam. Even Kelly recommends to do CCCure in “Hard” mode. Also, I loved the mini 10 question CCCure that I could use while I am in the bathroom or waiting for something/someone. Website is basic but works beautiful on my iPhone and iPad. I would do mini quizzes for my weakest domains. Some of the summary's on why you got a question wrong/write are pure gold!
5. Review your own notes at least once every 3 days before you go to bed at night. This is the only thing you should look through the day before the exam, and certain sections of the Sybex book that you hopefully marked with those colorful stickies. I had over 40 pages of hand written notes. I retain info better.
6. Watch the Cybrary videos a 2^nd time through few days before the actual exam. I did it over a weekend which was an amazing refresher. Watch the Exam Part 3 video the morning of the exam. I honestly feel Cybrary was a close tie with the Sybex book in terms of helping me pass the exam itself. Cybrary shows you how deep you really need to go. I learned much more through Sybex naturally since it is more detailed.
7. I know I am the only one probably saying this, but I wish I stayed away from 11^th Hour. I read it before the day of the exam and it destroyed my confidence. It even had some things that contradicted the Sybex book for certain things. My confidence was through the roof until I read this book, although first half was a decent review. Confidence is key for every exam and this book really F#%*( everything up for me.

Study Tips:

1. I studied EVERY spare time I had. When work was slow (I work from home), woke up earlier then I normally do to study 1-2 hours before work and then during lunch and after work until midnight. Weekends I studied 10-14 hours. Only time I did not study was when I was eating, that was the only time I relaxed and sometimes watched a Top Gear UK episode (I was few seasons behind, what a fun and entertaining show!)
2. I told my GF that I will hardly be able to see her this month. She was very supportive and checked up on me every other day. She just started a new job so she has been really busy with that too.
3. I meditate for 5 minutes in the morning after I wake up. Close your eyes, sit down with back up straight and think of nothing. If you can’t do that, focus on your breathing. I use my iPhone to sound alarm after 5 minutes. Research shows it is better to mediate 5 minutes/day everyday then for various inconsistent times.
4. Exercise at least 5-6x a week. I do a 30 minute speed walk every day and I have energy all day. Sometimes I have to drink green tea to stay awake but mainly just drank water and mostly healthy organic food. Often I would just eat beans, eggs and other simple foods to maximize my study time.
5. 4-6 weeks is maximum I would study for this exam. It is a conceptual exam as everyone says. I way over studied memorizing too many things. Trust your experience that you already should have for this exam. I already was forgetting what I learned in the first week even on my 30 days of study. More than 6 weeks is counterproductive for the average person IMHO. I felt 30 days was just right for me, anymore study for me personally would have not helped me much as one’s brain can only help so much. 2 days before the exam I was already so tired of the material that I did not even want to look at it anymore. That was a sign for me that I am ready.
6. To repeat myself, confidence is key. Even the weekend before the exam I was already researching what certs to work on next since I was so confident I was going to pass, but boy did that 11^th Hour book really screw everything up even my mojo during exam itself.
7. Explain the concepts to someone or if no one is around just speak out loud as if you are teaching a class. If you can't explain it, you don't know it. Plus great way to work on your presentation/vocal skills.

Exam Tips:

1. Remember, usually you can easily eliminate 2 questions off the spot but then have to round it down to 2 questions which both can be “right”. When this was the case I would sometimes go with the answer that follows the “1 Mile Wide, 1 Inch Deep” phrase as I have a tendency to over analyze and look at things 5-6 steps ahead. I would answer with the knowledge that my previous managers would have. I would also ask what answer would a “Risk Advisor” pick?
2. Use the Code of Ethics to help answer questions as well. Remember safety/well-being is #1.
3. Following Kelly’s advice I would pick the managerial answer, even though it was going against my instinct to answer with the technical answer since I have a technical background. This was REALLY hard to do and felt wrong but I kept hearing Kelly’s voice in my head. Remember, technical people are much more likely to fail because of this mindset which is bad for the exam itself.

My Background:

Been in IT for over 10 years doing everything from consulting, desktop support, sys admin, management… currently a Security Systems Engineer which I have been doing for almost a year now. I work from home 100% which is awesome. I got tired of the 1 hour commute each way to DC everyday. Even for someone that has to be somewhere in work with discipline can crack this in under 6 weeks although no advice for you if you have children.

What’s Next?

I’m not sure yet. I was looking at other certs but they do not really seem to give as much of a ROI as the CISSP. Can’t afford the SAN’s stuff and CISM/CISA seems meh. Don't want to get too deep into Pen Testing either so that leaves out many certs. I was looking at the CCSP but since it is a new cert I rather wait until end of the year when better book books come out. I may tackle the higher levels of CISSP in a year or two from now. I’m an entrepreneur at heart so this cert was more of a backup plan for me. Probably will just go back to my self-help books (read over 16 this year already) and get into body weight fitness.

I want to thank all the helpful people on this forum for their support. If it was not for this community, I would probably have never even considered tackling the CISSP until few years from now. I am proud of myself for getting it before I hit 30. It is the second biggest goal for me for 2016. Special shout out to webpriestess and Seab. Good luck on your exams! Remember folks this is just an exam at the end of the day. It does not define who you are. If you fail, get back up and take it again. Authors are rejected on average over 20 times from publishers even some that made it to the best sellers list… your odds of passing the CISSP is MUCH better. Had I failed, I would be naturally upset but I still would have taken it 30 days later. Even if I failed it 3-4 times. Life is short, we will all leave this earth someday so stop wasting time on social media, news, negativity and actually focus on something that is fully in your control to improve your life.

Lastly, I cannot stress enough how important it is to have a short deadline... you are more likely to succeed when you do that. I don't know about you but my attention span is gone after a few weeks let alone a goal to study for several months. The 4 Hour Workweek makes a great point about this topic. I did the Security+ in 2 weeks of study and I was working 10+ hour days plus 2 hours of commute each way. I stayed in after work and studied until midnight every single day. Studied 12+ hours on the weekends. CEH I also did in about 2 weeks of study. Many people told me I should study more but at the end of the day if I did not feel fully ready I would re-schedule the exam but having a shorter deadline you feel is achievable makes you fully focus and study every second you have. Yes, it is hell during that time of study but then you look back and are like well hey that's just half a month or one month you used up. I am not that smart compared to many of the people especially on this forum, the only way I stand out in general is that I work hard and am very disciplined (Once I have my mind set on something worthy). I tell my friends/family to make me accountable. I am constantly reading books because the more you learn about the world/life the less afraid you become. Fear is the #1 thing that holds us back. Fear is #1 reason why I did not even attempt to tackle the CISSP 2 years back. You have nothing to fear, besides losing $600 which is honestly not much in the bigger picture. The average Joe (Glad I spell checked from some reason auto correct had replaced the J with a H LOL!) spends more then that in 6 months on their daily Starbucks run.

TechGuru80

Congrats!

Personally I don't like when people put short time frames for studying though because the percentage that fail their first time or multiple times become even more frustrated since (insert username) passed only studying for two weeks.