JUST PASSED (August 4th)... my experience inside.

Hi all,

I just came out of the exam, and my head is hurting but I thought I'd come share my experience here, since this forum has been helpful to me.

My background:
Been doing Info-Sec for about 6 years, and currently an Info-Sec Engineer at the world's largest interconnected data-center provider. As part of my experience I also was an engineer in a Root CA National PKI Project. I did a Master's degree recently in Info-Sec. I did the ISO 27001 Lead Auditor.

BUT...
Although I have a fair amount of experience in Info-Sec, maybe over 70% of the CISSP content wasn't something I came across and I had to study hard for this stuff. With that experience I wouldn't have been able to pass the exam if I didn't read and study for it and cover ALL the 8 domains. Some of the crypto stuff and OSI model and technical details, yeah are familiar and experience did help with them, but still. I needed to study everything.

My study:
- I read the Cybex book the new one cover to cover.
- When I find a topic I don't fully understand, I google it.
- Last month I listened to the CISSP MP3s I found for free in the iPhone Podcast (just search CISSP)
- This week I went quickly through Eric's book, not in details.
- I did CCCURE questions.
- I spent about an hour or two yesterday skimming through the Cybrary MP3.

The Exam:
Until last night I was thinking (people are thinking too much of this thing) but I'll tell you, It's NO JOKE. This exam is not easy. But not too difficult either. Here's what I mean:
- If you memorize ALL CCURE questions, you'll fail
- If you simply memorize definitions in the books you'll fail
- If you understand the basic concepts, you should pass

And yes, when they tell you "It's for managers! It's no technical! think like the boss....etc" This is all CRAP!
CISSP, including the exam, gets very technical, whether you like it or not. So be prepared for that.

Oh yeah, and with 250 questions, when I reached 125 and I said "oh I'm half way" I felt like crying.

I finished the exam in about 4 hours, and then reviewed questions I marked for review and then I felt almost sure that I failed and I just wanted to leave.

Once done, I went outside and got the report that says "Congratulations...."

Find more posts tagged with

Comments

cyberguypr

Congrats on the pass!

the_Grinch

Congrats! No one told me you didn't get your score on the screen so when I didn't see anything and they said "Oh your report printed out" I thought "guess I failed", but thankfully I had passed!

gespenstern

Congratz!

I agree with your disdain for "manager's hat" concept. I always argue here that this idea serves well to people who come from strictly technical background and management concepts touched on the exam are new to them and they have to overcome their tendency to solve every problem with a technical approach.

But if you aren't that technical or even more come from managerial background this idea won't serve you well. You'd better stick with wearing "technician's hat", lol.

And the exam itself can easily go as deep as asking you on how exactly AES rounds work or Kerberos tickets specifics. Do not underestimate its technicality.

danny069

Congrats! And thanks for the write up!

agargav

Congrats !!

IaHawk

Congrats on the pass!

netdoc99

Congrats on the pass! Seems like with your background it would have been a breeze.

I have heard the description of the test being a "mile wide and an inch deep". I have also heard, think of it in terms of how a manager would think of it. Frankly, I have never known a manager that knows the difference between a block cipher and a stream cipher. In my experience, I have had managers that never really even understood my job much less how effective I am doing it.

Been studying for months. Will soon be scheduling the big day! Again - congrats!!!

sameoj

Congrats

thomasww123

Way to go!!!