Another "passed" post
Preparation:
I took a 5 day class at Interface a month ago. Our instructor's philosophy was that you will not be able to pass the test with just the class. It was *not* a "bootcamp". We actually had a couple people drop out because of this. He said several times that there were sections we weren't even going to cover because "someone with 5 years of experience in the field would know these topics". We focused mainly on Security Models, Physical Security, Cryptography, and Risk Policy/Management.
The class was taught from the Shon Harris CISSP 6th Edition "gold book". This was my primary resource for both a cryptography class I took for school and for the exam. I read the whole crypto chapter, and all of the security model stuff, and then just spot checked all the summary info to check up on stuff I was less familiar with, fortunately there wasn't a lot of that.
For practice questions I used the TotalTester that was included with the gold book and went through a bunch of those questions, Googling anything I wasn't sure I understood (wikipedia FTW). Then I used the Sybex site for their 7th edition and went through all of the chapter questions (note, I didn't read the book itself, but had bought it awhile back so I had the code to register). I also found the McGraw-Hill site's questions rather useful, but by that time my brain was all melty. I only got through the 100 Access Control questions and half of the Business Continuity questions before I called it quits.
The exam itself:
For all the torture I put myself through the exam was way easier than the questions I had been practicing with. I took just under two hours and only reviewed about 10 questions before I submitted and took the long walk to the proctor to get my results. Unlike the rest of my certs, this time they just say "Thanks for taking the test" and make you wait until debriefing to get your pass notification.
My background:
I've been in security full time for five years, but I've been studying the field for about 10. My experience runs pretty much the full gamut, though. I do risk assessment, policy writing, firewall and webfiltering management, physical security design, security consulting, networking, vulnerability assessments, penetration testing, etc. I have my BS in InfoSec, and I'm 2/3 of the way through my Master's in Information Security and Assurance from WGU. I will say that the questions I seemed to have the most issues with during the practice were from the three classes I haven't taken yet. Funny how that works.
One caveat: infosec is my passion. It's pretty much all I do. I read it, talk about it, study it, teach it, dream about it, practice it, the list goes on. Whether that helped me pass the exam on the first attempt, well that's for you to decide.
I took a 5 day class at Interface a month ago. Our instructor's philosophy was that you will not be able to pass the test with just the class. It was *not* a "bootcamp". We actually had a couple people drop out because of this. He said several times that there were sections we weren't even going to cover because "someone with 5 years of experience in the field would know these topics". We focused mainly on Security Models, Physical Security, Cryptography, and Risk Policy/Management.
The class was taught from the Shon Harris CISSP 6th Edition "gold book". This was my primary resource for both a cryptography class I took for school and for the exam. I read the whole crypto chapter, and all of the security model stuff, and then just spot checked all the summary info to check up on stuff I was less familiar with, fortunately there wasn't a lot of that.
For practice questions I used the TotalTester that was included with the gold book and went through a bunch of those questions, Googling anything I wasn't sure I understood (wikipedia FTW). Then I used the Sybex site for their 7th edition and went through all of the chapter questions (note, I didn't read the book itself, but had bought it awhile back so I had the code to register). I also found the McGraw-Hill site's questions rather useful, but by that time my brain was all melty. I only got through the 100 Access Control questions and half of the Business Continuity questions before I called it quits.
The exam itself:
For all the torture I put myself through the exam was way easier than the questions I had been practicing with. I took just under two hours and only reviewed about 10 questions before I submitted and took the long walk to the proctor to get my results. Unlike the rest of my certs, this time they just say "Thanks for taking the test" and make you wait until debriefing to get your pass notification.
My background:
I've been in security full time for five years, but I've been studying the field for about 10. My experience runs pretty much the full gamut, though. I do risk assessment, policy writing, firewall and webfiltering management, physical security design, security consulting, networking, vulnerability assessments, penetration testing, etc. I have my BS in InfoSec, and I'm 2/3 of the way through my Master's in Information Security and Assurance from WGU. I will say that the questions I seemed to have the most issues with during the practice were from the three classes I haven't taken yet. Funny how that works.
One caveat: infosec is my passion. It's pretty much all I do. I read it, talk about it, study it, teach it, dream about it, practice it, the list goes on. Whether that helped me pass the exam on the first attempt, well that's for you to decide.
WGU - MSISA - Done!!
Next up: eCPPT, eWDP, eWPT, eMAPT
Next up: eCPPT, eWDP, eWPT, eMAPT
Comments
-
Clm Member Posts: 444 ■■■■□□□□□□congratsI find your lack of Cloud Security Disturbing!!!!!!!!!
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig