Passed CISSP - First time! (long post)

studytime1studytime1 Registered Users Posts: 1 ■□□□□□□□□□
Hey all,

So I recently passed my CISSP exam (provisionally on day of, and got the official email after), and boy it's been a roller coaster of emotions. Let me first start of by saying thank you to those of you on this forum who have taken the time to post about your pass/fail experiences. I hope those of you that passed are enjoying your time and working towards your career goals, and for those of you that have failed, that you pick yourself off and get back to it and pass. If I can do it, so can you, trust me (you just have to sacrifice your time and soul for some time =] )

I'm going to do my best to give you details as much as possible about my experience, without violating any of the ISC Code of Ethics.

As for a quick summary of my overall experience, it's been a long ride! I took 6 months to study for this. With work (being in I.T, you know it's not just 40 hours a week) and other obligations, it took this much time. I could have sped it up and done it in in about 5 months (which was caused due to note taking earlier on..which i'll explain further below).

I began by usually spending about 2-3 hours on weekdays and maybe about 4-6 hours on weekends. I followed this for about the first 2-3 months, and then started ramping up the hours. Towards the last 2 months, I spent a lot more time (as much as possible but continued to take the necessary breaks to clear my mind..or else it drove me insane). The week of the exam, I was fortunate to have paid time off to just stay at home and study. During this week, I studied at least 8 hours. If there was a tip i could give, make sure you start to relax your mind a few days before the exam, because let me tell you, my mind was overloaded and stressed. It resulted in some consequences on the day of the exam (which I will explain further).
I'd recommend trying to get this exam done in 4-5 months instead of 6. Why? In my opinion, the fact that I spent 6 months studying for it, increased the pressure and the magnitude of the exam, it felt like it was all or nothing, and if I didn't pass, i would have lost 6 months of the year, which would have resulted on not being able to accomplish many of personal goals.

My Background and details about myself:
If you're someone that is bad at memorization (like myself), don't worry (as much), it's about mostly understanding, some memorization and applying the concepts.
I have about 7 years of experience working in IT (Support, SysAdmin, Virtualization, Networking/Security) and a bunch of certs (Microsoft, Cisco etc...) I'd consider myself a pretty technical guy, but obviously still a lot more to learn.


CISSP AOI (Shon Harris 6th edition) - 7/10 - Really detailed, great source of knowledge, but may be considered a little overkill, but, READ IT!
CISSP Sybex 7th edition - 8/10 - Great book, not dry, good amount of detail. Seems like the book that would be considered "just enough"
Cybrary Videos - 8/10 - Great instructor, and FREE source! Kelly truly did some great work here.
Eleventh Hour - 8/10 - Great last minute book to read.

CCCure - 8/10 - Great questions. Weren't too technical, which was good since the exam is more high level
Sybex Book Online Tests (1001 questions) - 8/10 - Good mix of technical and high-level questions.
Sybex Official Practice Tests - 7/10 - Each Domain has 100 questions, and two practice tests. Found this to be pretty technical in one or two domains, even for someone who is fairly technical. It's good to brush up your technical side.

CISSP **** Sheet/Review: YouTube video: (He has a link to his slides)
CISSP Mind Maps: CISSP | – Mind Mapping for Certifications – Cisco CCIE CISSP CEH - Download them all, they were great. They may be old but still relevant
CISSP High-Level notes (Sunflower):

I started off with the Sybex book, since it was recommended to me by some people I know and based on threads I read. Following that, I read the Shon Harris book It was very detailed, and seemed like overkill, but i think it was well worth it. book. I took a month for each of the books (i'm not a fast reader nor do I have the best memory retention). As I went along these books, I highlighted everything I thought that was important. Side note, I wasted quite a bit of time during the first month at least just taking notes (first began by writing notes on a touchscreen laptop..then moved to writing it on paper, and then to typing it). I wish I did none of this, as taking notes to that level at an early stage seemed to be taking up TOO much of my time. I took proper note in the last few weeks leading up to the exam. Once I went through each book once, I went back and re-read them (but mostly the highlighted stuff). This was during my third month, and i spent about a month or a bit more going through these two books in a higher review level. Following that, I went through the Cybrary videos (I believe it's about 13 hours) over a week. I believe around this time I had taken some time off and took this time to go through the videos.

I moved onto the CCCcure practice tests in the 4-5 month mark. When I first started taking the tests, I would probably get between 65-75%. This is the stage I began taking notes, directly

from CCCure, because it explained a lot of concepts, and I was able to identify my areas of weakness (very important step in your learning process). Even though I went through all this, it still felt like I couldn't retain all this knowledge, and I felt this is all about memorization. After this, I went through the CISSP Sybex Book online questions, and again, I hit about 70 -75% during these tests (this showed that I was getting better, and I understood more than I memorized).

During the final two months, I spent most of the time re-reading the books (several times, at a high level and focused on areas of weaknesses), going through practice tests, high-level reviews and so on. I also did a lot of independent research (google, youtube) on things I didn't understand. One of the biggest problems I had was trying to deal with how books would explain a process differently (e.g. BCP process according to Sybex is described in one way, it's described another way according to NIST, another way according to Shon Harris, and another according to Eric Conrad). This was frustrating, so all I can say is, understand the process, and maybe follow the one by NIST or Sybex, may be your best bet. There will be some items you should memorize, you'll know what they are when you keep going through the practice exams. A tip I received was to look at content in the books that were in a box, or graphs.

How to tell if you're ready?
I must have spent hours on going through forums from on different websites to see who talks about how to find out when you're ready. So here's my take on it.
If you're doing the CCCure tests, try to get over 80% (on my last round I was getting lik 85% on 250 questions..this could also be because i knew some of the answers before..but I also knew why they were the answer and that's what's important). I also hit about 75-85% on the Sybex online questions, and i got between 70-80% during different practice tests on the Sybex Offical practice questions (this was on my last week..i was concerned that I didn't hit over 80%, and i'd recommend trying to get over 80%).
Make sure you are doing at least 100 - 250 questions on each practice so you get a better understanding of your current skill level.

Exam day!
Honestly speaking, I was already mentally defeated on the day of the exam. Didn't get proper sleep the last two days before the exam. On the day of, I had a bad headache, felt fatigued, and my brain shut off. I wish I had found a way to not be as stressed, but it was almost impossible. 6 months of the year was dependent on this one day, so the pressure was wayyy too high.

Exam: First hour into the exam, I felt like I failed the exam, even as I hit submit, the feeling stayed the same. It felt like a dream when I read the paper and saw I passed (i even teared up). This exam was no a walk in the park, that's for sure. I think there were about 5-10 questions that were straightforward, the rest weren't. Also felt like an English exam, even for someone whose first language is English. My strategy was..
Do half the questions, break, other half, break, review flagged questions, and do a fully review of all. I ended changing a few of my answers. Also, use the reduction method of eliminating wrong answers. Always think high-level (imagine you're a CIO/CEO, Manager etc.) When you go through all of the questions for the second time, if you really read your answers properly, you'll feel like "there really can't be any other answer". If this is how you feel, go with that gut feeling.
How difficult is the test compared to the practice questions? I would say it's a mix of the tough questions on CCCure and Official Sybex Practice tests.

- TRY not to skip pages or lines in the books you read. I know it can be really boring at times, but push through to read it. Some of those lines can make a big difference in your understanding.
- Workout! I usually workout 5-6 times a week (sometimes twice a day). I did have to cut back the workouts towards the last couple months, but I still needed this and worked out as much as I could when possible. It helped with my mind and keeps you mentally strong. At least id did for m - Select an answer on every question even if you don't know it
- Throughout your study plan, take study breaks as needed (even if it's one whole day of not studying). But, don't forget to keep pushing harder
- Take the necessary breaks during your exam. Especially before you review everything that was flagged or do a full review. Your mind should be clear when you do this
- Eat well on the day of the exam, take good snacks

This is all I can think of for now, but if you have any questions, please ask away. I'll do my best to answer it and will check this forum regularly.



  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
  • shimasenseishimasensei Member Posts: 241 ■■■□□□□□□□
    Congratulations! Thanks for the insight.
    Current: BSc IT + CISSP, CCNP:RS, CCNA:Sec, CCNA:RS, CCENT, Sec+, P+, A+, L+/LPIC-1, CSSS, VCA6-DCV, ITILv3:F, MCSA:Win10
    Future Plans: MSc + PMP, CCIE/NPx, GIAC...
  • useravuserav Member Posts: 56 ■■□□□□□□□□
  • kye.daveykye.davey Member Posts: 27 ■■■□□□□□□□
  • jercxjercx Member Posts: 36 ■■■□□□□□□□
  • techiemanagertechiemanager Registered Users Posts: 3 ■□□□□□□□□□

    Helpful debrief... Will start off my prep today with your advise. Thanks.
  • NavyMooseCCNANavyMooseCCNA Member Posts: 544 ■■■■□□□□□□

    'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil

  • clarkincnetclarkincnet Member Posts: 256 ■■■□□□□□□□
    Give a hacker an exploit, and they will have access for a day, BUT teach them to phish, and they will have access for the rest of their lives!

  • protacticusprotacticus Member Posts: 91 ■■■□□□□□□□
    Great, thank you so much :)
  • sameojsameoj Member Posts: 366 ■■■□□□□□□□
  • CryptoQueCryptoQue Member Posts: 204 ■■■□□□□□□□
Sign In or Register to comment.