My CISSP Journey & Back to Life
So, I passed the CISSP on my first try this weekend!! Given all the things I learned from this forum that helped me prepare for this journey physically and mentally, I wanted to give back to those of you that are just starting this journey in hopes of helping you prepare as well as letting you know tips so you don’t make the same mistakes I did!
First, my background:
I have about 10 years working in the security field doing various ISSO/CISO type of roles. Since I manage the security office at where I work, I do not really do the nitty gritty hands on deck type of work however I did understand the technicalities of security and could provide the direction my team needs. I am also, a woman, a mother of two, have a full time high pressure job, and I also teach dance as a way of pursuing my passion. However, I have been wanting to get the CISSP cert now for years, not because it is going to really help me much in my current job or make me any richer, but more importantly to prove to all the men out there that have looked down on women or condemned women saying that they weren't as "technical" as them, or "not as good", or just didn't fit the stereotypical look or plain and simple good competition to them especially in a technical area of expertise, and especially in the Cybersecurity world, and worst if you're also a supervisor! I wanted to prove to myself and to them that I CAN do this, I AM as good or better than those men, and I will achieve my goal.
My journey:
So with that mindset I started my journey about four months ago. After looking at a slew of forums, here is a run down on what all I ended up reviewing, and a summary of whether these sources really helped or now.
- Eric Conrad 3rd edition CISSP book as well as his 11th hour book.
- The 3rd edition full version book was quite simply the “easiest” book to read from front to back. Eric & his crew did a great job in sticking with the essential facts of what they felt you needed for this exam and some of the content of this book I did not find in other books. It also comes with two 250 question practice exams which had some good questions.
Did it help? Looking back I do think this book helped me understand the concepts in a easier way and it will be a useful book to refer back to someday. Don’t waste your money on the 11th hour book – it did not really help me much.
- Sybex CISSP 7th edition
- If you wanted to just get one book, I would recommend getting this one. The content was a little harder to read than the Eric Conrad book however it was good content and the book came with four 250 question practice exams which were very good and a lot of the questions resembled the CISSP type of questions.
Did it help? I do think the practice exams from this book are very well written to resemble the CISSP question format/structure the best among all my sources, so yes I would recommend this.
- Subscription to CCCure
- Of course as most of you after reading all the reviews and with the attention that the CCCure website gets, I got a subscription for their practice questions that you had to pay for. I started off doing 50 questions at a time, then moved on to 100, then did a couple 250 question practice exams towards the end.
Did it help? Looking back at it now, I don’t really think going through this bank was all that helpful. It did help in testing you on very specific type of question (mostly technical questions) if you wanted to see which domain was your weakest, however the structure/format and even content of the questions did not even come close to the real CISSP exam. Some people may get a false sense of confidence thinking that scoring 80% or higher on practice questions from this test bank means they are in good shape for the real CISSP. Sadly, that is not the case.
- Audio files/mp3s/You Tube videos
As other sources, I also reviewed the Cybrary videos for the CISSP by Kelly Handerhan, CBT Nuggets mp3s, as well as the Shon Harris mp3s from McGraw Hill website.
Did it work? From all of these, the Cybrary videos were the best and definitely helpful and the most entertaining as well as educational. I would definitely recommend reviewing the videos then downloading the audio as mp3s and listening to them on your route to/from places. Did I mention they were free too!
The you tube videos by Larry Greenblatt were also somewhat educational, and humorous so you didn’t feel bored. However, I cannot really say they helped now looking back at it.
- Other Misc materials
I also reviewed the Sunflower CISSP notes, and this other CISSP combined notes. These were good as a quick review, but only served their purpose for a short term as the notes I got from my bootcamp were far more useful.
- Training Camp CISSP Bootcamp
So after going through all the above I went through a 6 day high intensity bootcamp with Training Camp the week of the exam with the 6th day afternoon being the exam. I had Dennis Lee as my instructor, and honestly he is a god send!!! His style of teaching with explaining topics with lots of diagrams, visuals, charts, fun pneumonics to remember concepts by, in addition to giving us daily quizzes during the classes and for homework was truly a gift to experience. I would highly highly recommend all of you to see if you can get him as your instructor if you wanted to look into bootcamps.
Did it help? I can honestly say if I didn’t take this training and have Dennis as our instructor I would have struggled a lot more with the exam than I did.
- CISSP Exam itself
So looking back at it now, I think overall attending the bootcamp probably got me through at least 50% of the exam, however the other 50% is where my overload of studying and real world experience proved to be helpful as well.
I would be happy to share any of my notes from the class, tips, or easy ways of remembering topics, or give you more feedback offline if anyone desires!
