Failed 651 need some study advice

Hey guys I just got back and failed my exam. My background is in law and asset security. I used the Sybex book, 11th hour book, Cybrary videos and one of the outlines that I found online. I started about 2 1/2 weeks ago and I was reviewing about 2-3 hrs per night and 5-6 on weekends.
I was getting roughly 70% right on the Sybex and MH practice exams. They were nothing like the real exam though. They were much more detailed than what is actually on the exam.
I felt like a lot of my time was wasted on memorizing useless facts. I don't come from an IT background so I thought there would be a lot of technical questions but in the end there were only like 5-10 pretty technical questions. I spent way too much time trying to memorize technical things. I thought that the reason why most people thought it wasn't technical was because they come from an IT background.
I actually thought I may have passed the exam at the end. There were a ton of questions where I thought it was 50/50 on the right or wrong choice. I finished in about 2.5 hrs. Most of the questions were you either know it or you don't.
My weakest areas are security engineering, identity and security operations.
My plan is to rematch the cybrary videos and then review my 4 weakest areas with the cybex book and try to retake.

Anyone have any other advice?

Thanks

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

alfred06

2 1/2 weeks of study and you took the exam? looks like everyone is trying to get the lowest amount of time to study for CISSP pretty soon we will have 1 week or couple of days study for the exam and passed

.

review your weak areas and make sure you understand that domain. check CCCure they have good practice exams. also try and put in a little more time into it. good luck.

if you would've studied a few more days or a week you would've passed it. Domain 5: Identity Access Management is pretty easy domain.

havoc64

Ok First off, congrats on getting a 651 with zero experience.

Secondly, why are you wanting the CISSP? If you are attempting this because of a job requirement, then I would say to your company that they need to re-think their hiring practice. They need to hire someone that either already has the CISSP or someone who has the experience to hold the certification. Heck it's going to be 4 years before you can even claim the CISSP when you do pass the exam.

I am only saying what everyone else will think when they read your post.. The number one way to help you pass the test is to GET SOME IT SECURITY EXPERIENCE.

It kind of upsets me and many other CISSP holders when we see someone with ZERO Experience come in and attempt this exam and fail and wonder why. People think our jobs are easy, "it's just computers, hell I work on my computer at home/work." I hear it all the time..

It's a slap in the face to us that have been in the trenches. Look at it this way. Could I study for the Bar, walk in and pass it without a law degree? Probably not, esp the way they vet people before they take the test. But I would venture a guess that a few of my learned friends could study for and pass the Bar, without taking a single law course. Would that be a slap in the face of all the others who went to 7-14 years of College to sit for the Bar?

The CISSP is the same for us. It is one of the TOP IT Security certifications for a reason. We worked hard to get where we are and it is insulting when the average Lawyer, Political Science, MBA and Accountant comes in and wants to "PAD" their resume with the CISSP to get an IT Management Job.

The amount of time you put into studying is no where enough for the average IT Security person who has 10+ years in the field. You have ZERO and expect to pass the exam with 2.5 weeks of studying? It can be done, but it's not common.

OK Rant part over, fire away..

Now for some constructive advice.

As for what to study...here's what I used and my study habits...Mind you, I have over 20+ years of IT Security Experience.

Books and study Material in order of my purchase and reading.
(ISC)2 Official CBK - Hardest book I have ever read, so much fluff..
CISSP Study Guide, 2E by Eric Conrad
CISSP Study Guide 11th Hour by Eric Conrad
**CCCure Practice Exam
CCCure Review Notes
**Transcender Practice Exams
Sunflower Review Notes
**(ISC)2 Official Study Guide 7th Edition - Sybex
**Cybrary CISSP videos and MP3s.
**Combined Notes from here
**Quizlet (ISC)2 Official Flash Cards (These are free and are the exact same flash cards they gave us at the class)
**Official (ISC)2 Traning Guide CISSP CBK - Official Training Guide from the class.

I read them all, cover to cover. The ones with the ** are what I think were most beneficial to my passing the exam. With the class I believe this is what helped me pass.

My study habits. From April to around August, I studied now and then, when I had time, mostly reading the Official CBK. From August until the test in November, I studied for about 4-6 hours a day. If I had a break at work, in line for lunch and then 2-3 hours a night at home. I only took Sundays off.

When I took the exam, it took me 4 Hours and 44 minutes to complete. For each question I read the answers first. Then read the question. Then re-read the question again and pointed out the Adverbs and Adjectives. Then looked at the answers again. I first eliminated the obvious answers that did not match the Adverbs or Adjectives. Then made an educated Selection of the remaining answers. If I wasn't 75% sure of my selection, I flagged the question.

After my first pass, I took a break, went to the restroom, drank a bottle of water and ate a granola bar. Then I reviewed my flagged questions, about 50 of them. I actually changed 11 of the answers, but only changed them if I was 100%. Those that I changed I either selected wrong the first time or the answers were identified by other questions in the exam.

YOU HAVE TO HAVE A MANAGEMENT MINDSET WHEN YOU TAKE THE TEST.

I cannot stress this enough. If you take the test with a Technician or Engineer mindset...it's not going to work. CISSP is a Management Certification, not a SSCP or Security + and not a test where you will get asked what color the sky is.

Good Luck!

webpriestess

Hey there! Sorry to hear about your setback. But I am also curious on why you are aiming for a CISSP. Anyways, I highly recommend that you watch Kelly's Cybrary videos. Especially the 3rd video - that's the one to watch right before the exam. Best of luck to you

::Claudia

thexfactor

I will definitely work harder and spend some more time on the book materials.

rebjav

Hi, I am about to reach my five year mark in Information Security and plan on taking my test next summer. I am working on my Masters in Information Security and even with that, I took a practice test and got a 68%.. But I know my weak area is Networking and Encryption. I have to learn the OSI Model in-and-out. Any recommendations in regards to this?

alfred06

rebjav wrote: »

Hi, I am about to reach my five year mark in Information Security and plan on taking my test next summer. I am working on my Masters in Information Security and even with that, I took a practice test and got a 68%.. But I know my weak area is Networking and Encryption. I have to learn the OSI Model in-and-out. Any recommendations in regards to this?

Suggest you take on Network+ or CCNA for Networking. for Encryption CISSP cybrary.it videos.

TheFORCE

In your position and with your background finishing the exam in 2.5 hours was not a good test taking method or idea. The exam allows you 6 hours to complete 250 questions. That means you have 1.44 minutes per question. If you finished in 2.5 hours that means you spend roughly 30-40 seconds per question, including reading the question and the answers and thinking on decining which is the correct answer. That right there to me seems way too fast, I'm even surprised you managed to get 651 with such a fast response time. I don't want to start assuming but not even those with many years of experience rush the exam the way you did. Good luck next time, take the time to go over the questions and read them multiple times. What you did suggests you didn't even bother spending the time to re-read or question any of your answers that you picked. Something off in my opinion.

jasonthepro

rebjav wrote: »

Hi, I am about to reach my five year mark in Information Security and plan on taking my test next summer. I am working on my Masters in Information Security and even with that, I took a practice test and got a 68%.. But I know my weak area is Networking and Encryption. I have to learn the OSI Model in-and-out. Any recommendations in regards to this?

Sybex Network+ book and possibly take the Network+ exam if you're interested, it kinda covers 3 domains-ish. I'm glad that I took sec+ and net+ first, it covered almost 1/2 of the 8 domains.

havoc64

rebjav wrote: »

Hi, I am about to reach my five year mark in Information Security and plan on taking my test next summer. I am working on my Masters in Information Security and even with that, I took a practice test and got a 68%.. But I know my weak area is Networking and Encryption. I have to learn the OSI Model in-and-out. Any recommendations in regards to this?

Hello rebjav,

I will say that you might want to look at some security+ and Network+ study material for the OSI model. Also look above in this thread for my study recommendations. I do love the quizlet app, there are free decks for it, from ISC2 that can also help. As I mention in my post above, I feel the Sybex book best helped me with my prep for the exam.

Good Luck,
Mike

TranceSoulBrother

1 - CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide 7th Edition (ISBN 978-1119042716)
2 - Eleventh Hour CISSP: Study Guide 2nd Edition (ISBN 978-0124171428 )
3 - CISSP Exam Cram 3rd Edition (ISBN 978-0789749574)
4 - CISSP All-in-One Exam Guide, 6th Edition (ISBN 978-0071781749)
5 - CISSP Study Guide 3rd Edition (ISBN 978-0128024379)