How technical is the CISSP

zlykot

Hey folks,

Newb here, Been in the industry for a while though(10years, dev,architecture,sec) I figured it was time to do my CISSP now that the exam is changing to CAT

Here is my plan of study
~200pages/day read, take notes, lab, exam, compare
Official study app/practice test, flash cards for every domain and take the exam
11th hour book - have not started yet
Sunflower cheetsheet - reviewed after each domain
Mindmaps - reviewed after each domain
Bunch of Youtube to put me to sleep

Any advice on other good resources?
for those that took the updated (8domain) test, what was the percentage of technical questions vs GRC(administrative)?

My big hurdle is trying to figure out what content to focus on, it seems the practice exams vary quite a bit.

Taking the exam on 14th, Any help would be great
Thanks
T

zlykot

Just some further clarification
I understand CISSP is not a technical exam, I am just trying to get some clarity on how much technical "dust" is required.

I have been doing the sybex practice tests (90% avg) tried a few other online with similar results.
Quick question: Is the CISSP multiple choice? it seems most of the practice ones are single choice only

cbkihong

Mostly single choice from multiple options. Occasionally there are special questions that are multiple checks from multiple questions, or you may be asked to do some drag and drop for reordering or marking something on a diagram.

TheFORCE

I'd avoid the 200 pages per day reading. The exam requires that you understand the material and context of it, that doesn't happen with just reading.

You wont be able to absorb enough information if you stress your brain with 200 pages of information a day. You have to sit on it and just ponder what the info means. That's why people spend months on it.

On a book that's 1000 pages if you give yourself 2 months, you could do 15-20 pages a day. Thats more acceptable I rhink.

Good luck.

Info_Sec_Wannabe

zlykot wrote: »

Hey folks,

Newb here, Been in the industry for a while though(10years, dev,architecture,sec) I figured it was time to do my CISSP now that the exam is changing to CAT

Same sentiments here. I'm thinking of sitting for the exam before Dec 17/18 because of the change to CAT. Not that I can say that I'm ready, but rather I feel that the new format will work against me. Although I've read in some posts that it would not matter so long as you know the content, but again, the feeling that you can go back to review your answers allows you to blaze through the items during the first pass.

laurieH

Good luck - my personal advice would be not to rush it but to take a structured, planned approach. Work out what material you're going to study, how long you're going to spend a day studying and allow for a revision period. When you know how long you're likely to take you could set an exam date as something to work towards. Although the exam is changing the advice on my blog (in my signature) is still valid so might help you out.

In terms of technicality - it's not a technical exam. Have a scan through some practice questions to get a rough idea of what's expected. Good luck!

zlykot

Info_Sec_Wannabe wrote: »

Same sentiments here. I'm thinking of sitting for the exam before Dec 17/18 because of the change to CAT. Not that I can say that I'm ready, but rather I feel that the new format will work against me. Although I've read in some posts that it would not matter so long as you know the content, but again, the feeling that you can go back to review your answers allows you to blaze through the items during the first pass.

That's my thought exactly, all of us prepare to the best of our ability but having a system that specifically focuses on your weaknesses isn't exactly a good thing. Combine that with the lack of ability to flag and review answers makes it a harder exam.

Wannabe: if you have not done so yet, I would book your exam ASAP. In my area all the spots are filled.

I agree 200/pages a day isnt ideal and your retention suffers to some extent, however I'm familiar with most of the stuff in the book hence those sections/domains can be gone through faster and others need more time. At this point I'm spending 8-10hours a day going through the material.

I did notice the new outline does have a few domains weighed heavier then others, 16% as opposite to 10/13... but this is for the new April test... Does anybody still have the outline for the current test?

T

zlykot

weird, it seems my post is getting marked as spam.

zlykot

Wannabe: I would book your exam ASAP if you have not done it yet, all my locations(25mile radius) were booked solid; I got the last spot.

Adaptive testing is never the same, people have strengths and weaknesses based on their predisposition and type of work they do, CAT focuses on your weaknesses where in the course of Standard testing your strengths would balance our your weaknesses. In addition the ability to flag and review is a bonus, it gives you the ability to do your own time management.

lauriell, My experience is that the Sybex prep test are all over the place. One question asks about fairly detailed technical questions where others are general policy. What I am wondering is if the exam is the same. i.e. size of registers on a x64 platform as opposite to GRC questions regarding DRP planning.

Any thoughts on the 11th hour book? it seems its fairly compact.

Lets see what happens.

TheFORCE

I don't understand why you think CAT focuses on your weaknesses. That's not how CAT works.

If you are asked a difficult question and you answer it correctly then the next question will be of higher difficulty.

If you answer the question incorrectly then the next question will be of lesser difficulty.

How does this approach focuses on your weaknesses?

zlykot

TheFORCE wrote: »

I don't understand why you think CAT focuses on your weaknesses. That's not how CAT works.

If you are asked a difficult question and you answer it correctly then the next question will be of higher difficulty.

If you answer the question incorrectly then the next question will be of lesser difficulty.

How does this approach focuses on your weaknesses?

Here is my take on it, if there is only half the questions then if you miss one of the harder ones then the exam has to focus on the weaker ones that automatically decreases your score and the value of the follow up questions. Since there is only a limited amount of questions(150) then each one of those matters more, in addition that combined with the lack of ability to review seems like a disadvantage.

The standard test seems to give me the strength of the number of questions, the ability to review and get familiar with the type of like of questioning, Especially given the fact that it seems most folks get surprised by how they are worded.

T

cyberguypr

Not this stuff again! This madness with CAT needs to stop NOW. Microsoft has been using this for 15+ years and you know what, it's all been fine. Exactly the same way it was pre-CAT.

JDMurray

zlykot wrote: »

Here is my take on it, if there is only half the questions then if you miss one of the harder ones then the exam has to focus on the weaker ones that automatically decreases your score and the value of the follow up questions. Since there is only a limited amount of questions(150) then each one of those matters more, in addition that combined with the lack of ability to review seems like a disadvantage.

An adaptive exam pool has many more lightly-weighted exam items than heavily-weighted exam items. When you answer enough items correctly, or it is impossible for you to pass by answering all of the remaining items correctly, then the exam ends. There is no penalty for incorrectly answering easier or more difficult items; only the number of items appearing on your exam is effected.

zlykot

I honestly have not looked that much into the CAT thing, it seems some of my assumptions are wrong. In either case the push to get it done is a good thing.

Thanks for your comments

TheProfezzor

I passed CISSP a few years ago. I wrote the summary the very next day after passing. I hope it will help you too

http://www.techexams.net/forums/isc-sscp-cissp/102074-passed-cissp.html#post863590

wayne_wonder

TheFORCE wrote: »

I'd avoid the 200 pages per day reading. The exam requires that you understand the material and context of it, that doesn't happen with just reading.

You wont be able to absorb enough information if you stress your brain with 200 pages of information a day. You have to sit on it and just ponder what the info means. That's why people spend months on it.

On a book that's 1000 pages if you give yourself 2 months, you could do 15-20 pages a day. Thats more acceptable I rhink.

Good luck.

I was just coming in to wright the same thing 200 pages is overkill i'd get bored and skim read

Info_Sec_Wannabe

zlykot - just checked the availability of all testing sites near my place (and office) and they're all fully booked until Dec 17.

For now, I guess I'll just continue preparing for the exam and wait for feedback / opinion from the TE Community on how ISC2 implements the CAT.

shoey

Straight from (ISC)2: "This more precise evaluation enables us to reduce the maximum exam administration time from 6 hours to 3 hours, and it reduces the items necessary to accurately assess a candidate’s ability from 250 items on a linear, fixed-form exam to as little as 100 items on the CISSP CAT exam."

Do people really want to sit for a 6 hour exam?! I feel like I've waste my day when I'm golfing for four hours; let alone answering 250 CISSP exam questions!

@zlykot if your study plan fits your personal style of studying; go for it. It looks pretty solid. The only tweaks I'd suggest would be to:
1) Take one of the practice exams right off he bat (to determine your weak areas). Then you can focus your studying based on your weak domains.
2) Plan for the day before the exam to be a rest day.

Best of luck!!

breeliz

Take your time, learn the material thoroughly and it will make no difference what the form of the test is. If you rush and try to psyche the test, you seriously put your $700 at risk. The test contains a lot of technical material and some very tricky questions which demand that you understand not only what is true but what's not true and why. 200 pages a day is crazy even if you had all day to do it with no other responsibilities. Do that at your own risk. You are not reading a novel.

Good luck!

zlykot

Well I got her done...

thanks everybody for the tips, it was easier then I thought and easier then the sybex practice tests.

T

McxRisley

shoey wrote: »

Straight from (ISC)2: "This more precise evaluation enables us to reduce the maximum exam administration time from 6 hours to 3 hours, and it reduces the items necessary to accurately assess a candidate’s ability from 250 items on a linear, fixed-form exam to as little as 100 items on the CISSP CAT exam."

Do people really want to sit for a 6 hour exam?! I feel like I've waste my day when I'm golfing for four hours; let alone answering 250 CISSP exam questions!

@zlykot if your study plan fits your personal style of studying; go for it. It looks pretty solid. The only tweaks I'd suggest would be to:
1) Take one of the practice exams right off he bat (to determine your weak areas). Then you can focus your studying based on your weak domains.
2) Plan for the day before the exam to be a rest day.

Best of luck!!

As little as 100 items and half of the previous test time?!?! If I were you guys I would just wait until the new version came out.

Info_Sec_Wannabe

zlykot wrote: »

Well I got her done...

thanks everybody for the tips, it was easier then I thought and easier then the sybex practice tests.

T

Does this mean you passed? If so, that's great news!

zlykot

Yup, it was way easier then I thought it would be. Finished in 3h with a nice tea break.

Info_Sec_Wannabe

A big congratulations to you sir!