Thread #23142 Passed with some comments
So I just passed the exam today. Figure as a way of contributing should at least thank the forum that helped and also layout some sources that helped me along my path. Nothing really new below but any information can help. This whole post may sound rough as English was not my strong class.
Experience:
I have about 15+ years of computer experience and roughly 5 years of security related fun. I have been studying for the test off and on since 2012. 2015 I actually made a goal to attempt it. 2016 on a 2 1/2 month deadline I threw everything I had at it. Note that unless specified, everything is from the 2016 time frame.
Practice Tests:
I used a variety of sources here. A key to realize is that NONE of the sources should be used as the gospel for what is on the exam. Instead they should be referenced as a means of understanding your weak areas. Forget your final score after a practice run and instead focus on what the questions are asking, why the other answers are wrong, and how through an understanding you have of what was asked. I originally started out mimicking the exam by doing 250 question runs. But it became a lot more effective for me to just do 25-50 at a time, and then dissect every part of the question. But ultimately, do as many questions you can. Now on with the rankings.
CCure: 9/10. Most exam like which surprised me. I went into the exam expecting Shon Harris level questions. Format aside, this resource is great for all the links they provide to the questions and user input. Very good mnemonics and presentation of the reasons for why something is/isn't good. I only doc points because it was too technical.
Skillset: 3/10. I cannot verify the quality post September of 2015. However these questions when I took them were way too general. Great I suppose as a free resource and if you are just looking to compile a list of your weaknesses/strengths.
Shon Kelly: undecided/10. I have a love hate here. These questions are overkill for what is on the exam and how it is presented. BUT if you can thoroughly answer her questions, then you pretty much understand the topic and will be able to follow the logical conclusions or "tricks" the exam tries to pull. The negative here aside from depth is that a good chunk of the material is dated.
Sybex: 7/10. Not my choice without the book. However when combined with the book it makes for a solid refresher.
CISSP CBK: 5/10. I only got to questions as I had exhausted everything else and thought they might be good for understanding how the exam was worded. I would honestly put them at the sybex level not for quality, but simply as another means to hear what you know reworded differently.
Books:
Again used a variety of sources through the years. For retention and sanity, it may be a good idea to just pair up a "deep dive" book with a "light skim" refresher. Highly recommend chugging through a deep dive at least once, using a light refresher to keep the knowledge fresh, and questions in-between + sprinkled to allow for refinement.
CISSP official study guide 7th edition: 10/10(deep). This was my deep dive book. I read it roughly twice cover to cover over the 2015 - 2016 period and then continued to use it whenever a test showed a weak area. As everyone else has posted, easily the most relevent of the tests.
Shon Harris 6th edition 5/10(deep): Kind of read this off and on but it was simply too much and now too dated. Although I believe there is a new one for the 2015 update coming out. Good if you have 0 knowledge on the topics but it kept putting me to sleep.
CISSP for dummies: 6/10(light). I read this off and on in 2015. Simple and easy questions/read. I do not know if there is an updated version but should definitely not be used as a stand alone.
11th hour CISSP 2nd (3rd edition is CISSP Study guide): 10/10 (light). I listed the 2nd edition because I mainly studied with that and only got the 3rd two weeks prior to test. Both do an excellent job of summarizing what topics you need to know and explaining how they work.
Notes:
I did not start writing out my own notes until the last week 1/2. I attempted flash cards but those failed. Most effort I did in that regard was post its around my desk about trivia that might be helpful on the test (I think 1 note out of 20 was).
Sunflower documents: 9/10. These notes are practically the rite of passing it seems for CISSP students. At one point or another SOMEBODY refers to them. And with good reason. Very concise, organized, and to the point. I give it a 9 simply because some concepts of it are out of date and will require you to be able to recognize which.
CCure: 10/10. CCure gets another mention for having links to great notes and charts.
Other:
Study Notes and Theory CISSP Facebook Group: 20/10. Very, very helpful. Not because of the questions users posted (by this point I had did about 75% of the ones already referenced) but the whys and how people came to their conclusion. Honestly that group is more in line with what I expected this forum to be. The main website is also a great resource but my time was focused on the FB posts.
Techexams: 8/10 Very helpful community here. I don't think I would have gotten into the management mode without it. Everone's pass/fails/lessons learned truly helped me reach my goal.
Cybrary & Kelly Handerhan: 100/10. What she says is pretty much the gospel about the test. I will never look at a ticket carnival again. Do not pass her up. While I did not find myself going "Oh kelly said it just like that!" on the exam, her mp3s will focus you into the right mindset, what domains to focus on, and how nitty gritty you need to get. I must have listened over 20 times but each time was worth it.
Larry Greenblatt's 8 Domains of CISSP (youtube vids): 8/10. Very good for adding a new perspective on CISSP. Larry teaches CISSP classes and this is his first time putting some of them up for free. Overall I liked how he added new perspective on what to know from Kelly and take aways. However, the real gem about Larry's course is how he trains you to focus on wording. Out of everything he says, what stuck with me was his lawyer comment. I prefer Kelly more than Larry simply because she does not sidetrack as much and individual mp3s is a lot easier to flip through than youtube.
One last thing. Many, many people have complained about the quality of the tests. Maybe my experience was unique, but I found the questions very straight forward in what they were asking for and not tricky as some users described (note I am a native English speaker). One thing I noticed is that many of the questions are now bolding the positive/negative portion (i.e. MOST, NOT, LEAST). It took me 4 hours to finish the test with the last hour reviewing flagged questions.
And finial warning. Don't get wrapped up in technical nitty grities. I feel my exam was tilted on the management side of the domains, but things like port numbers or number of bits in an algorithm is just going too over kill.
Experience:
I have about 15+ years of computer experience and roughly 5 years of security related fun. I have been studying for the test off and on since 2012. 2015 I actually made a goal to attempt it. 2016 on a 2 1/2 month deadline I threw everything I had at it. Note that unless specified, everything is from the 2016 time frame.
Practice Tests:
I used a variety of sources here. A key to realize is that NONE of the sources should be used as the gospel for what is on the exam. Instead they should be referenced as a means of understanding your weak areas. Forget your final score after a practice run and instead focus on what the questions are asking, why the other answers are wrong, and how through an understanding you have of what was asked. I originally started out mimicking the exam by doing 250 question runs. But it became a lot more effective for me to just do 25-50 at a time, and then dissect every part of the question. But ultimately, do as many questions you can. Now on with the rankings.
CCure: 9/10. Most exam like which surprised me. I went into the exam expecting Shon Harris level questions. Format aside, this resource is great for all the links they provide to the questions and user input. Very good mnemonics and presentation of the reasons for why something is/isn't good. I only doc points because it was too technical.
Skillset: 3/10. I cannot verify the quality post September of 2015. However these questions when I took them were way too general. Great I suppose as a free resource and if you are just looking to compile a list of your weaknesses/strengths.
Shon Kelly: undecided/10. I have a love hate here. These questions are overkill for what is on the exam and how it is presented. BUT if you can thoroughly answer her questions, then you pretty much understand the topic and will be able to follow the logical conclusions or "tricks" the exam tries to pull. The negative here aside from depth is that a good chunk of the material is dated.
Sybex: 7/10. Not my choice without the book. However when combined with the book it makes for a solid refresher.
CISSP CBK: 5/10. I only got to questions as I had exhausted everything else and thought they might be good for understanding how the exam was worded. I would honestly put them at the sybex level not for quality, but simply as another means to hear what you know reworded differently.
Books:
Again used a variety of sources through the years. For retention and sanity, it may be a good idea to just pair up a "deep dive" book with a "light skim" refresher. Highly recommend chugging through a deep dive at least once, using a light refresher to keep the knowledge fresh, and questions in-between + sprinkled to allow for refinement.
CISSP official study guide 7th edition: 10/10(deep). This was my deep dive book. I read it roughly twice cover to cover over the 2015 - 2016 period and then continued to use it whenever a test showed a weak area. As everyone else has posted, easily the most relevent of the tests.
Shon Harris 6th edition 5/10(deep): Kind of read this off and on but it was simply too much and now too dated. Although I believe there is a new one for the 2015 update coming out. Good if you have 0 knowledge on the topics but it kept putting me to sleep.
CISSP for dummies: 6/10(light). I read this off and on in 2015. Simple and easy questions/read. I do not know if there is an updated version but should definitely not be used as a stand alone.
11th hour CISSP 2nd (3rd edition is CISSP Study guide): 10/10 (light). I listed the 2nd edition because I mainly studied with that and only got the 3rd two weeks prior to test. Both do an excellent job of summarizing what topics you need to know and explaining how they work.
Notes:
I did not start writing out my own notes until the last week 1/2. I attempted flash cards but those failed. Most effort I did in that regard was post its around my desk about trivia that might be helpful on the test (I think 1 note out of 20 was).
Sunflower documents: 9/10. These notes are practically the rite of passing it seems for CISSP students. At one point or another SOMEBODY refers to them. And with good reason. Very concise, organized, and to the point. I give it a 9 simply because some concepts of it are out of date and will require you to be able to recognize which.
CCure: 10/10. CCure gets another mention for having links to great notes and charts.
Other:
Study Notes and Theory CISSP Facebook Group: 20/10. Very, very helpful. Not because of the questions users posted (by this point I had did about 75% of the ones already referenced) but the whys and how people came to their conclusion. Honestly that group is more in line with what I expected this forum to be. The main website is also a great resource but my time was focused on the FB posts.
Techexams: 8/10 Very helpful community here. I don't think I would have gotten into the management mode without it. Everone's pass/fails/lessons learned truly helped me reach my goal.
Cybrary & Kelly Handerhan: 100/10. What she says is pretty much the gospel about the test. I will never look at a ticket carnival again. Do not pass her up. While I did not find myself going "Oh kelly said it just like that!" on the exam, her mp3s will focus you into the right mindset, what domains to focus on, and how nitty gritty you need to get. I must have listened over 20 times but each time was worth it.
Larry Greenblatt's 8 Domains of CISSP (youtube vids): 8/10. Very good for adding a new perspective on CISSP. Larry teaches CISSP classes and this is his first time putting some of them up for free. Overall I liked how he added new perspective on what to know from Kelly and take aways. However, the real gem about Larry's course is how he trains you to focus on wording. Out of everything he says, what stuck with me was his lawyer comment. I prefer Kelly more than Larry simply because she does not sidetrack as much and individual mp3s is a lot easier to flip through than youtube.
One last thing. Many, many people have complained about the quality of the tests. Maybe my experience was unique, but I found the questions very straight forward in what they were asking for and not tricky as some users described (note I am a native English speaker). One thing I noticed is that many of the questions are now bolding the positive/negative portion (i.e. MOST, NOT, LEAST). It took me 4 hours to finish the test with the last hour reviewing flagged questions.
And finial warning. Don't get wrapped up in technical nitty grities. I feel my exam was tilted on the management side of the domains, but things like port numbers or number of bits in an algorithm is just going too over kill.
Comments
-
Danielm7
Member Posts: 2,310 ■■■■■■■■□□
Congrats on the pass! I took a pretty similar path with the questions, drilled them really heavy for concepts, looked up everything I was unsure of, worked for me.
