Passed CISM 21/9

E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
I read the study guide twice and went through as many questions as possible daily in the QAE. I began studying in May immediately after passing GCIA. Now a small break from certifications to focus on Dutch.

icon_cheers.gif
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS

Comments

  • NetworkNewbNetworkNewb Member Posts: 3,298 ■■■■■■■■■□
  • JoJoCal19JoJoCal19 Mod Posts: 2,835 Mod
    Congrats on passing!! I'm even more impressed you were able to make it through the guide twice. I got 24 pages in and quit. Never touched it again after that.
    Have: CISSP, CISM, CISA, CRISC, eJPT, GCIA, GSEC, CCSP, CCSK, AWS CSAA, AWS CCP, OCI Foundations Associate, ITIL-F, MS Cyber Security - USF, BSBA - UF, MSISA - WGU
    Currently Working On: Python, OSCP Prep
    Next Up:​ OSCP
    Studying:​ Code Academy (Python), Bash Scripting, Virtual Hacking Lab Coursework
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    Great stuff! Well done. Hoping to be in your shoes at the end of November!!
    CISSP
    CISM
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    Thanks guys!

    @ JoJo - It was a tough read, but it gave me something to do on my daily commute. My train ride is 50+ minutes. The first time was a solid read and the other was going over the areas I marked for review then skimming the rest.

    @ matt - Good luck! I highly recommend the QAE db if you haven't already purchased it.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    I purchased the Q&E DB yesterday. Seems like a great resource!

    The CISM manual format just doesn't grab me. Will be interesting to see what the 'All-In-One' CISM book will be like (even though I hope to certified well before that book is released!).
    CISSP
    CISM
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    mattster79 wrote: »
    The CISM manual format just doesn't grab me.

    You are not the only one. I just figured I might as well read since I had it.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • diogoaleixodiogoaleixo Member Posts: 7 ■□□□□□□□□□
    Did you get the hard copy ou online DB?
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    Did you get the hard copy ou online DB?

    I bought the online version.
    CISSP
    CISM
  • PJ_SneakersPJ_Sneakers Member Posts: 884 ■■■■■■□□□□
    Do you all feel that the online DB is sufficient as a primary resource? I was thinking of getting the six month access.
  • diogoaleixodiogoaleixo Member Posts: 7 ■□□□□□□□□□
    There is no 6 months access, only 12 months and it is very expensive! The 6 months access is an extension for the 12 months only...
  • PJ_SneakersPJ_Sneakers Member Posts: 884 ■■■■■■□□□□
    Oh ok, 12 months it is then!
  • mattster79mattster79 Member Posts: 135 ■■□□□□□□□□
    I personally feel like it’ll be fine as the primary resource.

    In addition to the Q&A DB I’ve watched the Cybrary videos, and I’ll be reviewing my CISSP notes too. It certainly helps that there is so much overlap with the CISSP and CISM.
    CISSP
    CISM
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    I also have the hard copy of the QAE, but I didn't like that the correct answers are shown right under the questions. So I purchased the online version to get the real testing experience.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • useravuserav Member Posts: 56 ■■□□□□□□□□
  • SEC-lexySEC-lexy Registered Users Posts: 1 ■□□□□□□□□□
    Newbie to the site here. icon_cheers.gif
    Received my CISM score today - 637 (highest area was 722, lowest 567) overall so I am not too sad.
    Much better than my CISA in which I scored 598.

    Congrats to all those who have passed and remember to maintain your skills! icon_thumright.gif

    / excuse the following rant

    I have never been a big fan of certificates because IMO they don't tell anything about ability to apply book knowledge to actions, thus don't know how to feel about my scores. This goes for both top-level strategic certificates as well as certificates focusing on lower level day-to-day work.

    I have led a team in where I once had a person who had CISSP, CISM etc. etc. which kind of made me feel like he should lead me. When it came to actual understanding of security I had to request this person to be moved to a different project because he lacked any knowledge of terminology, how to apply those skills to new topics or initiate actions according to the program. I moved him from technical to managerial role first but received similar complaints about inability to understand actual security topics. That moment I realized certificates are good, but should not be used for judging skills by any means.
    / rant over
  • rockafell77rockafell77 Registered Users Posts: 2 ■□□□□□□□□□
    where can I get the q/a database?
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    SEC-lexy wrote: »
    That moment I realized certificates are good, but should not be used for judging skills by any means.

    If you cannot get the skills, get the cert icon_lol.gif

    @rockafell77 - On the ISACA site: https://www.isaca.org/bookstore/Pages/default.aspx?. The name is CISM Review Questions, Answers & Explanations Database - 12 Month Subscription
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • ougijoeougijoe Member Posts: 37 ■■□□□□□□□□
    Have you received your score yet? Passed on the 22nd, but nothing yet for me.
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    ougijoe wrote: »
    Have you received your score yet? Passed on the 22nd, but nothing yet for me.

    Still patiently waiting.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    My total scaled score is 536



    Information Security Governance: 512
    Information Risk Management and Compliance: 621
    Information Security Program Development and Management: 481
    Information Security Incident Management: 512

    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • cbdudekcbdudek Member Posts: 68 ■■■□□□□□□□
    Sounds like they take almost the full two weeks before you get your official results and designation. That is good to know. I passed mine last week on 10/29. So I will probably get feedback next week.
  • HawkWinterHawkWinter Registered Users Posts: 2 ■□□□□□□□□□
    Took my CISM on 9/22 and got my final results today (10/5).
  • Info_Sec_WannabeInfo_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□
    Congrats on all those who passed the exam! :D

    I've been reading a lot of posts on this forum since last year and I can't help but notice a few guys who already have their CISSP and took the CISM after. I'm not sure if I'm asking the right question here, but which is harder between the two? I plan (and hope) to sit for CISSP next year and thought of taking CISM first to get a feel of where I'm currently at.
    X year plan: (20XX) OSCP [ ], CCSP [ ]
  • cbdudekcbdudek Member Posts: 68 ■■■□□□□□□□
    They are both equally difficult, but in their own unique ways. One is not easier than the other.

    The CISSP is difficult because of how broad it is. The saying "mile wide and inch deep" is accurate. The CISM is difficult because it dives deeply into the management side of things and is not technical at all. So there is room for subjectivity depending on your experiences. You have to really learn the concepts in order to pass.

    What I can tell you is that after you pass one, go for the other. While they are different, they do have some overlap which will help you.
  • E Double UE Double U Member Posts: 2,233 ■■■■■■■■■■
    CISSP was more difficult for me because I didn't have the think like a manager mentality at the time of the exam. I had just came from five back-to-back Cisco exams for CCNA/P Security. I failed the CISSP twice. Taking that experience with a non-technical security exam plus 2+ more years of security experience helped when it came time for the CISM. I don't think the content of one is more difficult than the other, but CISSP did have more information to cover in my opinion.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
Sign In or Register to comment.