Passed CISSP today!!! What should I take next?

Passed today and couldn't be more relieved. Was expecting the exam to be far more technical.

My background: IT Audit for 5 years, mainly ITGCs related work. Would really appreciate recommendations for a next certification to take. I currently hold the CISA and would like to branch out into more technical related audits. Network+? Thanks in advance.

Resources:

1) Cybrary Videos & MP3s - If you're struggling and need a resource to clearly explain each domain, please start here and take notes. Kelly does a fantastic job of outlining the key material you should know for the exam. I also downloaded the MP3s and would listen on the commute to work. I really recommend listening to the videos if you commute to work, just hearing the concepts over and over again really helped me nail down key terminology and concepts.

2) Sybex 7th Edition - Extremely thorough. I'd suggest sucking it up and reading through it. Since I don't come from a technical background the long read was worth getting up to speed on the concepts that go into further detail than the Cybrary videos. The book comes with a downloadable PDF text version and glossary that were helpful when I need to quickly look up a concept/term.

3) CISSP Official Practice Tests 1st Edition - I probably spent the most time here preparing for the exam. Probably went through each domains online question set (100 questions each) about 2-3 times. Practice Tests were helpful to prepare me build stamina for the exam.

4) CCCure Test Enginel - I got through all the questions once. This is a good practice area and a good change of pace/style of questions if you are like me and have spent too much time with the Sybex test engine. Like the rest of the posts have stated, please make sure you use multiple sources.

Good luck!

Find more posts tagged with

Comments

TankerT

afrank9050 wrote: »

Passed today and couldn't be more relieved. Was expecting the exam to be far more technical.

My background: IT Audit for 5 years, mainly ITGCs related work. Would really appreciate recommendations for a next certification to take. I currently hold the CISA and would like to branch out into more technical related audits. Network+? Thanks in advance.

First of all, congrats!

So, if you have been in IT audit for a while, I would skip the Network+. Personally, I would say if you have the CISA, and are getting the CISSP, avoid all of the CompTIA certs. Those are basically entry level certs, while the CISSP is not. If you can do the CISSP, you can get some other more advanced certs. Or, try for something a bit more relevant to emerging fields.

Certs that come to mind:
AWS (various certs that are in demand)
CCSP (ISC2's cloud cert)

Cloud is the "next thing" and if you can get into that area, you still have a chance of getting experience in a field that isn't completely mature yet. (I.E. Network+... networks have been around for decades, and that cert doesn't cover a lot of emerging tech.)

Deadly-Dosage

Congrats! The hard work and time paid off! By the way, how did you feel throughout the exam, start good, nervous, etc. mid way, breaks, and of course ready to click the end exam button. Thanks!

sameoj

Congrats

afrank9050

TankerT wrote: »

First of all, congrats!

So, if you have been in IT audit for a while, I would skip the Network+. Personally, I would say if you have the CISA, and are getting the CISSP, avoid all of the CompTIA certs. Those are basically entry level certs, while the CISSP is not. If you can do the CISSP, you can get some other more advanced certs. Or, try for something a bit more relevant to emerging fields.

Certs that come to mind:
AWS (various certs that are in demand)
CCSP (ISC2's cloud cert)

Cloud is the "next thing" and if you can get into that area, you still have a chance of getting experience in a field that isn't completely mature yet. (I.E. Network+... networks have been around for decades, and that cert doesn't cover a lot of emerging tech.)

Thanks for the feedback on the CompTIA certs. The CCSP/Cloud related certs have definitely crossed my mind.

Aside from cloud related Certs, would you recommend any specific advanced certs to supplement the CISSP? My department in interested in performing a few vulnerability assessments possible using Nipper (https://www.titania.com/products/nipper-studio). I understand there's no certification that replaces hands on job experience but was curious if there's any certs that might help.

Thanks again!

afrank9050

Thank you!

Didn't feel as confident as I wanted. Definitely nervous, frustrated at times, but forced my self to keep going, maintain composure and remain confident. I also don't consider myself to be a "great" test taker but I know put the time in, read up on the forums to use the appropriate study materials.

esec1701

Congrats! I have mined booked for Jan. Fingers crossed..

May I ask how long you revised for and did you take personal notes for each domain? Also, did your rely on any other books apart from Sybex guide? Thanks in advance!

esec1701

Congrats! I have my exam booked for Jan. Fingers crossed..

May i ask how long you revised for the exam and did you take notes for every domain? Also, did you rely on any other books apart from the Sybex guide? Thanks in advance

libertine

Congrats. Here's some guidance on what to take next :

https://www.globalknowledge.com/us-en/content/articles/top-paying-certifications/

TankerT

libertine wrote: »

Congrats. Here's some guidance on what to take next :

https://www.globalknowledge.com/us-en/content/articles/top-paying-certifications/

I would be very hesitant to take this list at face value. It is from a training vendor that is only listing certifications that they have classes for. While I do think some of it is valid, it is skewed in some ways. I.E. - CEH is fine and dandy, but there are many arguably more valuable certifications in the hacking area. And, ITIL v3 Foundations? While ITIL is a solid framework, this certification is a walk in the park and I seriously personally doubt that getting that certification will get you a job for $99k as they indicate. Etc...

cyberguypr

Don't get me started with the salary surveys. Also, blindly posting a link to a list does not provide any value whatsoever.

beads

Stick with searching for real compensation tables rather than marketing fluff provided by trainers looking to sell you what else but the "next big thing".

Agreed. The CISSP is not overly technical nor is it a "management" test. So, overall its still worth more to the people without it than to people having passed the exam. No worries, the shock will soon wear off and you'll be fine.

- b/eads

afrank9050

Study time was approximately 2 months. I took notes for each domain while watching the Cybrary Videos and added on additional information when reading the Sybex book. If you're feeling confident with the concepts from the Sybex book I wouldn't read anything else.

afrank9050

cyberguypr wrote: »

Don't get me started with the salary surveys. Also, blindly posting a link to a list does not provide any value whatsoever.

I like your Certification List i.e. "others that should never be mentioned". For the GCFE, GCED, GCIH certs, is there anyone of the 3 that you would recommend as a next exam to take post CISSP?

DAVIS NGUYEN

Congrats!

malindak

Congratz on the pass.

cold you please tel me from where you download the MP3's - check with cybrary site didn't work for me.

afrank9050

malindak wrote: »

Congratz on the pass.

cold you please tel me from where you download the MP3's - check with cybrary site didn't work for me.

1) Navigate to https://www.cybrary.it/course/cissp/

2) Click Course Material Tab

3) See "Download CISSP course MP3s"

malindak

afrank9050 wrote: »

1) Navigate to https://www.cybrary.it/course/cissp/

2) Click Course Material Tab

3) See "Download CISSP course MP3s"

MP3 download link has a problem it seems. anyways managed to download the Presentation.

thanks for the support

IT_Nerd

Awesome job! This cert will be my goal for next year. Congrats!!

afrank9050

malindak wrote: »

MP3 download link has a problem it seems. anyways managed to download the Presentation.

thanks for the support

Link works fine for me after logging into Cybrary. So if you don't have an account that might be why.