CISSP Studies

veritas_libertas

I've decided that 2017 will be the year I pass the CISSP. I've bought the following:

Sybex CISSP study book
Syngress CISSP Stuby Book

I'm nearly finished with reading the Sybex book. I'm glad I'm not reading this right before bed. They could literally put you to sleep. Most of what I'm reading I was already familiar with. Maybe 10% of it was new to me.

I'm hoping to knock this out in the next few months.

Anyone else struggling to pay attention to the material?

Ertaz

veritas_libertas wrote: »

I've decided that 2017 will be the year I pass the CISSP. I've bought the following:

Sybex CISSP study book
Syngress CISSP Stuby Book

I'm nearly finished with reading the Sybex book. I'm glad I'm not reading this right before bed. They could literally put you to sleep. Most of what I'm reading I was already familiar with. Maybe 10% of it was new to me.

I'm hoping to knock this out in the next few months.

Anyone else struggling to pay attention to the material?

The Sybex book is an action movie compared to the actual CBK.

It took me months to do because I didn't care for it, but it was a requirement for my job so I sucked it up and buckled down on the material. Have you taken the practice tests yet? That might motivate you.

veritas_libertas

Not yet. I will be soon. Two chapters to go until I'm done with Sybex.

It's good stuff. Don't get me wrong, there is a lot of great INFOSEC management knowledge that I'm gaining. This is best practice, things should be done this way (high-level), risk based approach, etc.

JasminLandry

I'm studying for it too, and I'm having a hard time paying to the material too. Especially the part about the laws and the legal stuff, it's not something I'm naturally interested in so it's tough for me to read and learn the material.

SteveLavoie

JasminLandry wrote: »

I'm studying for it too, and I'm having a hard time paying to the material too. Especially the part about the laws and the legal stuff, it's not something I'm naturally interested in so it's tough for me to read and learn the material.

Same for me here.. but CISSP is not a "technical" exam, it is more a management one.

veritas_libertas

Ugh. Finished reading the Sybex Study Guide and now I'm going back through, making notes and doing study questions. The vast amount of data is stunning. Equations, lists, etc.

NetworkNewb

Grats on getting through the reading! Just going through CISSP videos right now and not looking forward to the book part of the studies. Just have to keep thinking how great it will feel when we have the CISSP completed!

veritas_libertas

Yes. That's how I feel as well. There is definitely some good material in here that will help management and planning, but wow. I'm also listening to Shon Harris CISSP MP3 back and forth from work. That helps a lot.

Oztexs

are you also going to do the practice exams by Sybex ? i think this is well worth it as well.

veritas_libertas

Oh yes. I'm going through those as well.

JoJoCal19

Hey veritas, did you ever take the CISSP?

pdoliveira

Hi everyone,

I did SSCP first (last year) to know (ISC)² exam characteristics. It was very useful. I read it at techexams last year.

I saw this suggestion at on this forums a year ago. I studied with Official Study guide (for SSCP) and I'll do the same for CISSP.

After read Official guide for CISSP I'll try some tests and try to complete my study, see link below.

https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119042712/ref=pd_sim_14_3?_encoding=UTF8&pd_rd_i=1119042712&pd_rd_r=6X22Z4GBCAQFSKBBWZ6N&pd_rd_w=3wWSg&pd_rd_wg=Gfv5n&psc=1&refRID=6X22Z4GBCAQFSKBBWZ6N

Anyone used Official Guide? Have any opinion about this book?

veritas_libertas

Finally took the CISSP exam and passed. A few thoughts:

• The exam can be frustrating because the questions at times feel vague. You simply have to choose the best answer.
• Make sure you think like a manager.
• Just because you have hours to take the exam doesn't mean you shouldn't set some kind of pace.
• Don't overthink the questions and trust your gut.

I got done with the exam believing I had failed it. I did a bit of a double-take when I received the results sheet and it said I passed.The exam has been criticized by more than a few Security Professionals as not being technical. I agree it's not technical, but it does set a decent baseline and has helped me think about things more from a risk and business perspective.

ITSec14

Congrats on the pass!! I've heard folks who struggle the most are a) military personnel and/or b) people who are very technical

I'm hoping to conquer this beast in about 2 months. The material doesn't seem that hard and the Sybex book is repetitive through several chapters.

veritas_libertas

Thanks!

I used the Sybex book as well. I would also recommend the practice tests by Sybex. Just reading through the answers turned out to be useful.

redsteel

Congratulations!! Awesome job. This Sybex book is a beast! I should have it finished by the end of the month and then another month probably of just flash cards, studying and scheduling a test time. I hope to test early October. I have no idea what kind of opportunities this will open for me if I can actually pass. I'm hoping to get a better salary out of it. This will actually be my first cert if I do!

veritas_libertas

Just got the official e-mail. It always feels a little better when you get an official e-mail from a certification body.

jhearn

I found the Sybex book to be a breath of fresh air after struggling with the Shon Harris All-In-One! Reading on here that you don't want to think like a techie and then being presented with the structure of a network packet header... Confusing!

Well done for passing, I'm still working my way through the course materials...

M0CAMB0

Congrats on passing! I have my exam planned for Sept 28, my plan is to go through the Sybex + 11th hour and then do all the practice exams, I'm hoping that will be sufficient enough to pass.

laurieH

I got CISSP certified earlier this year - almost all my study was using the Official Study Guide - some of it is very dry but you have to keep the goal in sight - you're (probably) not reading it for fun - it's to get you through the test.... Taking breaks while having a study schedule/goals to keep you going is key I reckon!

M0CAMB0

laurieH wrote: »

I got CISSP certified earlier this year - almost all my study was using the Official Study Guide - some of it is very dry but you have to keep the goal in sight - you're (probably) not reading it for fun - it's to get you through the test.... Taking breaks while having a study schedule/goals to keep you going is key I reckon!

Only the official CBK? Do you have past experience? Thats crazy how you passed only with that book, no practice tests?

redsteel

laurieH wrote: »

I got CISSP certified earlier this year - almost all my study was using the Official Study Guide - some of it is very dry but you have to keep the goal in sight - you're (probably) not reading it for fun - it's to get you through the test.... Taking breaks while having a study schedule/goals to keep you going is key I reckon!

I reckon your from the south laurieH!

Has anyone been able to improve their salary based on this? How about land a better job? Mine is so mundane right now, it is killing me but keeping me studying!

laurieH

M0CAMB0 wrote: »

Only the official CBK? Do you have past experience? Thats crazy how you passed only with that book, no practice tests?

Not sure if my reference to the study guide might have been a big ambiguous - I meant the Sybex Official Study Guide. I pretty much just used that, it comes with some practice tests included which I used. I also made copious amounts of flashcards while I worked through it which served me well. I had some working knowledge of some of the material but the majority was new to me.

Haha - why do you say that redsteel?

redsteel

laurieH wrote: »

Haha - why do you say that redsteel?

Reckon, though common throughout the US, is predominantly used in the south. I don't really know, just taking a stab. Also, you are making me want to abandon reading this thing. I'm 472 (halfway) pgs in and just want to get this over with. Not sure if I should finish or just start the flashcard, question/quiz part of my journey.

Second thought. I wonder if I could make any money correcting all the spelling/grammatical errors I'm finding.

LordQarlyn

Yeah me too, especially since my testing screen didn't tell me specifically that I passed, I assumed I failed. I went into the proctor's office to get my things, and when I entered he said congrats you passed. My first reaction was "yeah, right!". To which he handed me my printed results and said "No, really, sir". And sure enough, it said congratulations I passed.
I knew to think like a manager, and being a supervisor and manager that was easy. What threw me off was the questions were nowhere near like what I practiced on CCcure, nor did Shon Harris's book really prepare me, and neither did Larry Greenblatt's videos, when he still had them for free. It took me about 2.5 hours to complete the test, I started to review my questions then at the 7th question I was so sick of IT security, I just submitted my exam.
In the end, I had to evaluate each question, and choose the best answer using my experience and cognitive abilities, and think like a security manager, not like a technician, engineer, or even auditor. I knew going in, this was not a technical exam, that is why I pursued my CCNA and will pursue an updated MCSA.

veritas_libertas wrote: »

Finally took the CISSP exam and passed. A few thoughts:

• The exam can be frustrating because the questions at times feel vague. You simply have to choose the best answer.
• Make sure you think like a manager.
• Just because you have hours to take the exam doesn't mean you shouldn't set some kind of pace.
• Don't overthink the questions and trust your gut.

I got done with the exam believing I had failed it. I did a bit of a double-take when I received the results sheet and it said I passed.The exam has been criticized by more than a few Security Professionals as not being technical. I agree it's not technical, but it does set a decent baseline and has helped me think about things more from a risk and business perspective.

veritas_libertas

Endorsement done. Now the waiting begins

veritas_libertas

LordQarlyn wrote: »

Yeah me too, especially since my testing screen didn't tell me specifically that I passed, I assumed I failed. I went into the proctor's office to get my things, and when I entered he said congrats you passed. My first reaction was "yeah, right!". To which he handed me my printed results and said "No, really, sir". And sure enough, it said congratulations I passed.

I'm betting everyone has to wait for the printout.

I forgot to mention my strange experience. I was dealing with an unusually unfriendly testing center. It felt like the employees enjoy their position of power. The person who walked me to my cube was bragging about the bounty they receive if they catch someone cheating. It was all kinds of weird.

LordQarlyn

It seems the test centers experiences are as unique individuals.
I took my CISSP at the Society of Engineers building in Dubai, and like everything else in Dubai, it was opulent. The proctors were from Kenya and the Philippines so they were deferential. The proctor office was in a separate room from the testing room, but there were cameras everywhere, and a proctor would make rounds during the exam.
LOL I thought the SoE was a good luck charm so I took my CCNA there - and failed it (took it again a few months later and passed it).
Never heard of proctors getting a bounty for catching cheaters, that's kind of unnerving since they have a financial interest to accuse testers of cheating.

veritas_libertas wrote: »

I'm betting everyone has to wait for the printout.

I forgot to mention my strange experience. I was dealing with an unusually unfriendly testing center. It felt like the employees enjoy their position of power. The person who walked me to my cube was bragging about the bounty they receive if they catch someone cheating. It was all kinds of weird.

JoJoCal19

Congrats veritas!!!!! After the endorsement it usually takes a week to get the official email. That's how long it took the two that I just endorsed. Again, congrats. So what's next for you? Maybe join me in the OSCP?

veritas_libertas

@JoJoCal19: A nap :P

Seriously though, I need to take rest a little while. I've also been doing some company travel which is leaving me a little frayed at both ends. I have a Bachelor degree I would like to finish and yes the OSCP is also on the mind. We'll see what I manage to cram in next year

veritas_libertas

LordQarlyn wrote: »

Never heard of proctors getting a bounty for catching cheaters, that's kind of unnerving since they have a financial interest to accuse testers of cheating.

That was my concern as well. I tend to fidget a lot when I'm taking exams due to being nervous, so that only added to the stress.