Passed CISM 21/9
E Double U
Member Posts: 2,233 ■■■■■■■■■■
in CISM
I read the study guide twice and went through as many questions as possible daily in the QAE. I began studying in May immediately after passing GCIA. Now a small break from certifications to focus on Dutch.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Comments
-
JoJoCal19 Mod Posts: 2,835 ModCongrats on passing!! I'm even more impressed you were able to make it through the guide twice. I got 24 pages in and quit. Never touched it again after that.Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
Currently Working On: Python, OSCP Prep
Next Up: OSCP
Studying: Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework -
mattster79 Member Posts: 135 ■■□□□□□□□□Great stuff! Well done. Hoping to be in your shoes at the end of November!!CISSP
CISM -
E Double U Member Posts: 2,233 ■■■■■■■■■■Thanks guys!
@ JoJo - It was a tough read, but it gave me something to do on my daily commute. My train ride is 50+ minutes. The first time was a solid read and the other was going over the areas I marked for review then skimming the rest.
@ matt - Good luck! I highly recommend the QAE db if you haven't already purchased it.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
mattster79 Member Posts: 135 ■■□□□□□□□□I purchased the Q&E DB yesterday. Seems like a great resource!
The CISM manual format just doesn't grab me. Will be interesting to see what the 'All-In-One' CISM book will be like (even though I hope to certified well before that book is released!).CISSP
CISM -
E Double U Member Posts: 2,233 ■■■■■■■■■■mattster79 wrote: »The CISM manual format just doesn't grab me.
You are not the only one. I just figured I might as well read since I had it.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
mattster79 Member Posts: 135 ■■□□□□□□□□diogoaleixo wrote: »Did you get the hard copy ou online DB?
I bought the online version.CISSP
CISM -
PJ_Sneakers Member Posts: 884 ■■■■■■□□□□Do you all feel that the online DB is sufficient as a primary resource? I was thinking of getting the six month access.
-
diogoaleixo Member Posts: 7 ■□□□□□□□□□There is no 6 months access, only 12 months and it is very expensive! The 6 months access is an extension for the 12 months only...
-
mattster79 Member Posts: 135 ■■□□□□□□□□I personally feel like it’ll be fine as the primary resource.
In addition to the Q&A DB I’ve watched the Cybrary videos, and I’ll be reviewing my CISSP notes too. It certainly helps that there is so much overlap with the CISSP and CISM.CISSP
CISM -
E Double U Member Posts: 2,233 ■■■■■■■■■■I also have the hard copy of the QAE, but I didn't like that the correct answers are shown right under the questions. So I purchased the online version to get the real testing experience.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
SEC-lexy Registered Users Posts: 1 ■□□□□□□□□□Newbie to the site here.
Received my CISM score today - 637 (highest area was 722, lowest 567) overall so I am not too sad.
Much better than my CISA in which I scored 598.
Congrats to all those who have passed and remember to maintain your skills!
/ excuse the following rant
I have never been a big fan of certificates because IMO they don't tell anything about ability to apply book knowledge to actions, thus don't know how to feel about my scores. This goes for both top-level strategic certificates as well as certificates focusing on lower level day-to-day work.
I have led a team in where I once had a person who had CISSP, CISM etc. etc. which kind of made me feel like he should lead me. When it came to actual understanding of security I had to request this person to be moved to a different project because he lacked any knowledge of terminology, how to apply those skills to new topics or initiate actions according to the program. I moved him from technical to managerial role first but received similar complaints about inability to understand actual security topics. That moment I realized certificates are good, but should not be used for judging skills by any means.
/ rant over -
E Double U Member Posts: 2,233 ■■■■■■■■■■That moment I realized certificates are good, but should not be used for judging skills by any means.
If you cannot get the skills, get the cert
@rockafell77 - On the ISACA site: https://www.isaca.org/bookstore/Pages/default.aspx?. The name is CISM Review Questions, Answers & Explanations Database - 12 Month SubscriptionAlphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
ougijoe Member Posts: 37 ■■□□□□□□□□Have you received your score yet? Passed on the 22nd, but nothing yet for me.
-
E Double U Member Posts: 2,233 ■■■■■■■■■■Have you received your score yet? Passed on the 22nd, but nothing yet for me.
Still patiently waiting.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
E Double U Member Posts: 2,233 ■■■■■■■■■■My total scaled score is 536
Information Security Governance: 512
Information Risk Management and Compliance: 621
Information Security Program Development and Management: 481
Information Security Incident Management: 512
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
cbdudek Member Posts: 68 ■■■□□□□□□□Sounds like they take almost the full two weeks before you get your official results and designation. That is good to know. I passed mine last week on 10/29. So I will probably get feedback next week.
-
HawkWinter Registered Users Posts: 2 ■□□□□□□□□□Took my CISM on 9/22 and got my final results today (10/5).
-
Info_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□Congrats on all those who passed the exam!
I've been reading a lot of posts on this forum since last year and I can't help but notice a few guys who already have their CISSP and took the CISM after. I'm not sure if I'm asking the right question here, but which is harder between the two? I plan (and hope) to sit for CISSP next year and thought of taking CISM first to get a feel of where I'm currently at.X year plan: (20XX) OSCP [ ], CCSP [ ] -
cbdudek Member Posts: 68 ■■■□□□□□□□They are both equally difficult, but in their own unique ways. One is not easier than the other.
The CISSP is difficult because of how broad it is. The saying "mile wide and inch deep" is accurate. The CISM is difficult because it dives deeply into the management side of things and is not technical at all. So there is room for subjectivity depending on your experiences. You have to really learn the concepts in order to pass.
What I can tell you is that after you pass one, go for the other. While they are different, they do have some overlap which will help you. -
E Double U Member Posts: 2,233 ■■■■■■■■■■CISSP was more difficult for me because I didn't have the think like a manager mentality at the time of the exam. I had just came from five back-to-back Cisco exams for CCNA/P Security. I failed the CISSP twice. Taking that experience with a non-technical security exam plus 2+ more years of security experience helped when it came time for the CISM. I don't think the content of one is more difficult than the other, but CISSP did have more information to cover in my opinion.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS