Passed CISSP 8/20
PabloEscobar
Member Posts: 13 ■□□□□□□□□□
in SSCP
Hello guys thanks to Dr. Eric Cole and SANS i was able to pass the CISSP yesterday. I just wanted to give you all some heads up about what I remember from the test:
1. I got about five questions on polyinstantiation. Which was very very briefly covered if it all in my training. If you take your time and do some deduction you can get it down to a 50/50 without really knowing the concept. I would read up on it for sure for upcoming test takers.
2. I got 3 or 4 questions on L2TP. Two I believe were multiple choice and there were two in a scenario question.
3. Know your web application vulnerabilities. I got one question each on XSS, SQL injection, and Clickjacking. I would recommend making sure you know how OWASP top ten vulnerabilities exploit web apps.
Also my test taking tip would be to do a data **** at the beginning of the exam. At the pearson location they gave me an eraseable marker and 4 page pad. The first thing i did was write down all the ordered lists i committed to memory like the 6 step incident response, the attack kill chain, all of the symmetric and asymmetric ciphers etc. I did that for about 10 minutes before i started the test and it helped me in the log run (4 hours later).
Much success to you all!
1. I got about five questions on polyinstantiation. Which was very very briefly covered if it all in my training. If you take your time and do some deduction you can get it down to a 50/50 without really knowing the concept. I would read up on it for sure for upcoming test takers.
2. I got 3 or 4 questions on L2TP. Two I believe were multiple choice and there were two in a scenario question.
3. Know your web application vulnerabilities. I got one question each on XSS, SQL injection, and Clickjacking. I would recommend making sure you know how OWASP top ten vulnerabilities exploit web apps.
Also my test taking tip would be to do a data **** at the beginning of the exam. At the pearson location they gave me an eraseable marker and 4 page pad. The first thing i did was write down all the ordered lists i committed to memory like the 6 step incident response, the attack kill chain, all of the symmetric and asymmetric ciphers etc. I did that for about 10 minutes before i started the test and it helped me in the log run (4 hours later).
Much success to you all!
Comments
I am doing an intensive study during weekends and squeezing time during weekdays.
I have a question for you. How long did you take to schedule the exam and what material did you use for the study.
The on demand is a little more difficult because its all audio no visual. It's about 46 hours of audio material. I went through the material about 1 and a half times over 6 weeks.
During the six weeks I studied during all my spare time. After work every day and all day on the weekends. I took notes on almost everything that was covered in the material. The practice tests provided by the course were really helpful.
I also made about 150 of my own flashcards and reviewed them before the test. I would suggest making your own flash cards instead of using already created ones as writing the information helped me commit it to memory.
I'm trying to use every type of practice test I can find- CCCure, Conrad's, the AIO tests on the CD that came with the book..... any other one's recommended? thank you!
Thanks! My next target is the ISACA CRISC that I'm preparing for now
Yes,writing down the questions and answers yourself makes a huge difference