Passed (again)
I just passed. Here is the best I can do while complying with the NDA. I have not commented on any specifics, specific topics/content/domains etc... Consider this a story purely on my approach to the exam before taking it.
I previously passed the version of the test just before it changed in 2007. Ten years later it seemed more brutal but that may be partially my fault. I can offer some advice to those on the upper end of the experience scale. I have about ~25 years of overall technology experience and for security specifically somewhere north of 15 years. Some of my ten year old studying effort helped for sure.
I can't say any particular training resource was better than the others. For what I consider the "core" topics, either you know the concept or you don't. The training material will not matter. You'll know you've mastered them when reading/watching additional resources. These topics will seem like second nature. What are the core topics? I can't say but I believe you'll just know after you go through enough sample questions and training materials.
For what I call "trivia" questions where you must know the meaning of a potentially obscure term/acronym/framework or specific detail of a protocol, the official Sybex book probably covers nearly everything. Of course this means you've actually read and retained every fact in that book. That's tough to do and I did not. I believe I read almost every domain before taking the online Sybex domain-level tests that are part of the Q&A book. I did not retain everything.
At the very last minute, the Sari Greene videos helped me get a few questions correct because the 6 hour version brought up some topics/acronyms/frameworks I had not seen before or did not know very well. I am surprised I don't hear more about these in reviews. I tried to get through the 24 hour version of her course on Safari Online but ran out of time. In retrospect, I would have made time to watch all of those over a longer period of time. It was great displaying this on my Apple TV via AirPlay.
I think my total prep time this go around was about 30-40 days with the second half loaded with more study time. The first half was watching Cybrary videos as a primer.
With that said, there were plenty of questions where I felt like they were easy points. This was the reassuring part of the exam experience. Near the end I read them carefully twice and just picked an answer even it only took 30 seconds.
I spent around 3hrs 30 mins mostly because I did not obsess over each question after #150. I had flagged many questions but did not review all of them. Before I initially moved on from a question, I felt I did the best I could do. Did not take a break. Did not use my snacks. I just wanted to get it over with.
I do not feel like I aced it. AFAIK, I passed with a score of 700. Who knows? On the bright side, it clearly can be passed and the prep materials of 2017 are FAR better than what was around in 2007.
I previously passed the version of the test just before it changed in 2007. Ten years later it seemed more brutal but that may be partially my fault. I can offer some advice to those on the upper end of the experience scale. I have about ~25 years of overall technology experience and for security specifically somewhere north of 15 years. Some of my ten year old studying effort helped for sure.
I can't say any particular training resource was better than the others. For what I consider the "core" topics, either you know the concept or you don't. The training material will not matter. You'll know you've mastered them when reading/watching additional resources. These topics will seem like second nature. What are the core topics? I can't say but I believe you'll just know after you go through enough sample questions and training materials.
For what I call "trivia" questions where you must know the meaning of a potentially obscure term/acronym/framework or specific detail of a protocol, the official Sybex book probably covers nearly everything. Of course this means you've actually read and retained every fact in that book. That's tough to do and I did not. I believe I read almost every domain before taking the online Sybex domain-level tests that are part of the Q&A book. I did not retain everything.
At the very last minute, the Sari Greene videos helped me get a few questions correct because the 6 hour version brought up some topics/acronyms/frameworks I had not seen before or did not know very well. I am surprised I don't hear more about these in reviews. I tried to get through the 24 hour version of her course on Safari Online but ran out of time. In retrospect, I would have made time to watch all of those over a longer period of time. It was great displaying this on my Apple TV via AirPlay.
I think my total prep time this go around was about 30-40 days with the second half loaded with more study time. The first half was watching Cybrary videos as a primer.
- I also bought the Conrad full book, the 11th hour, and the latest version of the Shon Harris book updated by someone else since she passed away recently to my surprise. Shon's book was my #1 resource in 2007 and was the hands down best back then. I can't really comment about the current version vs. the current test.
- I read the 11th hour book. There's really no reason not to do this but I don't know that it made a difference.
- I skimmed or read selected chapters of the other books.
- The official Sybex test book / online questions were very good. Although the Sari Green 6-hour course had the only true representation of the non-multiple choice question formats.
- Skillset has real problems with their question pool but I probably learned a thing or two by going through daunting process required to earn 100% completion for the exam re-take insurance.
With that said, there were plenty of questions where I felt like they were easy points. This was the reassuring part of the exam experience. Near the end I read them carefully twice and just picked an answer even it only took 30 seconds.
I spent around 3hrs 30 mins mostly because I did not obsess over each question after #150. I had flagged many questions but did not review all of them. Before I initially moved on from a question, I felt I did the best I could do. Did not take a break. Did not use my snacks. I just wanted to get it over with.
I do not feel like I aced it. AFAIK, I passed with a score of 700. Who knows? On the bright side, it clearly can be passed and the prep materials of 2017 are FAR better than what was around in 2007.
Comments
-
bob9383 Member Posts: 12 ■□□□□□□□□□Just being dumb basically.
I started to feel like earning the credits was setup to support a lot of paid activity (training, conferences, etc...) and it got frustrating. I didn't work at it enough to earn enough of each type. At some point, I recall there was a change from annual reporting to every three years (I think). There was no way to re-certify at the end of a year cycle. IIRC, there was one type of credit where it was impossible for me to go back in time and capture enough evidence.
Plus, my job changed and I thought I would put the security management part of my career behind me. Bad call.
PS - after resting a bit it has become more clear to me that the Sari Greene training videos were probably the best content out of everything I used. I probably could have gotten away with just that plus the Sybex book + Sybex tests. -
bob9383 Member Posts: 12 ■□□□□□□□□□My personal lesson is not to underestimate the effort to keep up with ISC2's recertification system.
-
anthonx Member Posts: 109 ■■■□□□□□□□Congrats on the passed! Quick question for you, the 6 hour Sari Greene video, is that a paid version? If so, can you provide the link? A quick google will show that a 2015 (24 hour version) is available in a public library. Haven't tried if I can access the content yet. Thanks!AnthonX
-
gespenstern Member Posts: 1,243 ■■■■■■■■□□At some point, I recall there was a change from annual reporting to every three years (I think). There was no way to re-certify at the end of a year cycle. IIRC, there was one type of credit where it was impossible for me to go back in time and capture enough evidence.
Yeah, I remember that, there were checkpoints once in 3 years and then they changed it to be every year, CPE points are the same AFAIR, but you have to report them more frequently.
I understand that it's a PITA to keep up with CPEs for many people, but here on TE, I, just like many other members, don't have any issues with that as we tend to knock out at least a few other certs per year so it makes it very easy to keep up with CPEs by reporting other certs. -
CryptoQue Member Posts: 204 ■■■□□□□□□□Congrats!!! Thanks for the insight. I'll make sure to stay on top of the re-certification requirements once my "provisional pass" is confirmed.
-
bob9383 Member Posts: 12 ■□□□□□□□□□This is the quick course. I was expecting an "11th hour" type course that covers a little bit of everything but she really only talks about topics I presumes she thinks are important. Oddly, the topics were not the core topics that most books/content over-rotates on.
https://www.safaribooksonline.com/library/view/cissp-exam-prep/9780134649634/
This is the long course that I thought was good but never finished:
https://www.safaribooksonline.com/library/view/cissp/9780134218151/
I do not know what is public vs paid. My company paid for the Safari $40 per month membership. -
bob9383 Member Posts: 12 ■□□□□□□□□□Yeah, I remember that, there were checkpoints once in 3 years and then they changed it to be every year, CPE points are the same AFAIR, but you have to report them more frequently.
I understand that it's a PITA to keep up with CPEs for many people, but here on TE, I, just like many other members, don't have any issues with that as we tend to knock out at least a few other certs per year so it makes it very easy to keep up with CPEs by reporting other certs.
Sounds right. I had it backwards. I must have been interpreting the rules wrong because I have a bunch of time spent re-certifying other stuff every year to the point it is a PITA. I didn't realize I could get credit for that. You guys have helped me realize I need to pay better attention to the system this time around. -
anthonx Member Posts: 109 ■■■□□□□□□□I was able to watch Sari Greene in Youtube and liked it. The topic was about "Implementing Third Party Security". I am going to watch the rest of the topic available in Youtube before I decide to go this path. Thanks for introducing us to Sari Greene!AnthonX
-
NavyMooseCCNA Member Posts: 544 ■■■■□□□□□□Congrats!
'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil
-
bob9383 Member Posts: 12 ■□□□□□□□□□I was able to watch Sari Greene in Youtube and liked it. The topic was about "Implementing Third Party Security". I am going to watch the rest of the topic available in Youtube before I decide to go this path. Thanks for introducing us to Sari Greene!
No problem. Credit goes to someone on Reddit. He said he passed because of the videos so I had to check it out. -
mritorto2 Member Posts: 61 ■■■□□□□□□□did you not like the skillset exams. I was planning on getting it
-
averageguy72 Member Posts: 323 ■■■■□□□□□□Congrats!CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
-
LordQarlyn Member Posts: 693 ■■■■■■□□□□Congrats on passing!
I passed my exam last September, and got vetted in December. I'm actually finding very easy to maintain the CPEs, with Brighttalk webinars. I've subscribed to three ISC2 channels, and there are at least one 1-hour webinar from each of them, then there are the bimonthly magazine quizzes worth 2 CPEs just for taking them, all of them reported to ISC2 automatically. I'm already at 46 CPEs and I haven't passed my first year yet.