Passed on 6/25/2018 (Thanks to the Lord!)
[h=2]Passed on 6/25/2018! (Thanks to the Lord!)[/h]
[FONT="]I have just finished a long journey to pass the CISSP exam yesterday and I would like to share my story to encourage candidates who don't have experience/background in IT/Cybersecurity. This is going to be a long piece of writing so if you are running out of time just see the following facts:
Background:
I have a degree in Finance but currently working in accounting field with Certified Public Accountant(CPA) designation. IT in general has been my area of interest since I started career in accounting field and I was able to finally narrow it down to cybersecurity in the beginning of this year and decided to switch career.
After many hours of researching, I found out that CISSP is the golden certification to have in the field and it did not require experience to sit for the exam; therefore, I decided to take the exam and shared my goal with the people around me as well as online CISSP candidate communities.
I had many negative and discouraging feedbacks from the people but it did not stop me from pursing and only made me wanting to pass it more to prove them wrong. I came up with a strategy to tackle the beast one step at a time. One thing I learned from studying for CPA exam was that nothing is impossible until you give up. As I have stated earlier, I was not an accounting major and I barely had enough accounting credits to sit for the CPA exams (I needed 18 credits in accounting at the time of passing along with 2 years of experience to be licensed). I was able to complete all 4 parts of the exam at first try in one year after putting in just about 700 hours of studying while serving in US Army and it helped me to get the job with one of the biggest accounting firm after leaving the military.
For CISSP, I gave myself 4 and half moths (couldn't give myself more time because my wife is due with the first baby in July and I didn't wan to take a chance) with 300 hours of studying time. I used the stop watch function in my watch to record the studying time very strictly. (for instance, I stopped the watch when I had to use the bathroom while I was studying).
I was lucky to have access to safari books at the client site and almost all the well known study materials were available. Following are the study materials I have used in a chronological order:
Exam Day
As you might have noticed already, English is not my first language but I still applied for the English CAT anyways because all my study material was in English. For the fellow ESLers, English will not be an issue on your test as long as you studied with the English material so feel free to sign up for the English CAT and take advantage of 150 questions!
I got to the testing center about 30 mins prior and I was able to sit for the exam after the registration process. Questions didn't seem much more difficult than practice questions. Some of them were definitely confusing but most of them I was able to eliminate 2 or 3 choices. I took the first break after 100 questions with about 90 mins remaining on the clock. My advice is that make sure you bring a good source of energy (maybe chocolate?) for the exam. I had a very light meal about an hour before the exam and I could tell that I was losing focus after 100 question due to lack of energy and was feeling sort of light headed after 130 questions. Thankfully the exam stopped right at the point where I was going to take another break.
Conclusion
If you have read this far, I apologize for the poor piece of writing as my intention was to provide useful information to the fellow candidates but my limitation in English writing didn't allow me to share to the fullest extent. In my humble opinion, CISSP is definitely a tough exam but difficulty level was not much different from of CPA exams. I firmly believe anyone can pass this exam as long as one stay disciplined and put in right amount of efforts since this is a knowledge based exam. To all the CISSP candidates out there, I would like to finish with my favorite quote "Discipline is the bridge between goals and accomplishments".
Good luck everyone!
[/FONT]
[FONT="]I have just finished a long journey to pass the CISSP exam yesterday and I would like to share my story to encourage candidates who don't have experience/background in IT/Cybersecurity. This is going to be a long piece of writing so if you are running out of time just see the following facts:
- Total IT education/experience: 6 months in IT audit three years ago
- Study time: 310 hours in 4 and half months
- Exam result: Passed in 137 question in 132 minutes with the God's blessing!
Background:
I have a degree in Finance but currently working in accounting field with Certified Public Accountant(CPA) designation. IT in general has been my area of interest since I started career in accounting field and I was able to finally narrow it down to cybersecurity in the beginning of this year and decided to switch career.
After many hours of researching, I found out that CISSP is the golden certification to have in the field and it did not require experience to sit for the exam; therefore, I decided to take the exam and shared my goal with the people around me as well as online CISSP candidate communities.
I had many negative and discouraging feedbacks from the people but it did not stop me from pursing and only made me wanting to pass it more to prove them wrong. I came up with a strategy to tackle the beast one step at a time. One thing I learned from studying for CPA exam was that nothing is impossible until you give up. As I have stated earlier, I was not an accounting major and I barely had enough accounting credits to sit for the CPA exams (I needed 18 credits in accounting at the time of passing along with 2 years of experience to be licensed). I was able to complete all 4 parts of the exam at first try in one year after putting in just about 700 hours of studying while serving in US Army and it helped me to get the job with one of the biggest accounting firm after leaving the military.
For CISSP, I gave myself 4 and half moths (couldn't give myself more time because my wife is due with the first baby in July and I didn't wan to take a chance) with 300 hours of studying time. I used the stop watch function in my watch to record the studying time very strictly. (for instance, I stopped the watch when I had to use the bathroom while I was studying).
Actual study hours from excel
Study Materials:I was lucky to have access to safari books at the client site and almost all the well known study materials were available. Following are the study materials I have used in a chronological order:
- Cybrary: I have listened to Kelly almost every time I was in the car by myself. Time I spent listening to her is not counted for the study hours.
- Shon Harris AIO Exam Guide 7th edition: Needlessly to say this is the best reading material for the exam. Took me about 160 hours to read word by word and gain decent understanding in overall contents. This is definitely one of the better reading material for someone who has no experience and background like me as it had more detail explanation with easy to understand analogy. I think end of chapter questions are way to technical for the exam. Averaged 75% (272 Qs)
- Total tester: this is included in the CD that comes with the book. Issue is that it generates random questions from pool of around 1700 questions and chances are you will see the same questions again which wasn't really helpful. Only went through about 700 questions and averaged low 80's.
- Never had chance to do the 142 questions in Appendix A
- Total tester: this is included in the CD that comes with the book. Issue is that it generates random questions from pool of around 1700 questions and chances are you will see the same questions again which wasn't really helpful. Only went through about 700 questions and averaged low 80's.
- CISSP Official Study Guide 7th edition: Used as a supplement reading material to AIO and mainly used to see the practice questions at the end of each chapter and averaged 72% (420 Qs)
- CISSP Study Guide, 3rd edition (Eric Conrad): used for same reason as above and I think this book is more concise than AIO. Took quiz at the end of each chapter and averaged 84% (120 Qs)
- CISSP Official Practice Test: I think the explanation for the answer was usually not adequate to understand why I got the questions wrong. Averaged 75% for the questions (1300 Qs)
- CISSP Practice Questions Exam Cram, Fourth Edition: I have not seen this book recommended from other posts but I think this is much better than CISSP Official Practice Tests. It provides very detail explanation for the answers and it helped me a lot. Averaged 69% (1037 Qs)
- Larry Greenblatt's review: I bought the review course ($100) and I don't think it was worth it. He is good but each video clip was really long to stay focused and there were way too many distractions (side talks). His free youtube videos were more helpful.
- 11th Hour CISSP: definitely a good refresher before the exam.
- Sunflower note: It as ok resource. I much prefer 11th hour book.
- Boson 2018 edition: I think this was actually the closest to the actual exam and only found out about this testing engine 4 days before the exam. Averaged 76% (750 Qs)
Exam Day
As you might have noticed already, English is not my first language but I still applied for the English CAT anyways because all my study material was in English. For the fellow ESLers, English will not be an issue on your test as long as you studied with the English material so feel free to sign up for the English CAT and take advantage of 150 questions!
I got to the testing center about 30 mins prior and I was able to sit for the exam after the registration process. Questions didn't seem much more difficult than practice questions. Some of them were definitely confusing but most of them I was able to eliminate 2 or 3 choices. I took the first break after 100 questions with about 90 mins remaining on the clock. My advice is that make sure you bring a good source of energy (maybe chocolate?) for the exam. I had a very light meal about an hour before the exam and I could tell that I was losing focus after 100 question due to lack of energy and was feeling sort of light headed after 130 questions. Thankfully the exam stopped right at the point where I was going to take another break.
Conclusion
If you have read this far, I apologize for the poor piece of writing as my intention was to provide useful information to the fellow candidates but my limitation in English writing didn't allow me to share to the fullest extent. In my humble opinion, CISSP is definitely a tough exam but difficulty level was not much different from of CPA exams. I firmly believe anyone can pass this exam as long as one stay disciplined and put in right amount of efforts since this is a knowledge based exam. To all the CISSP candidates out there, I would like to finish with my favorite quote "Discipline is the bridge between goals and accomplishments".
Good luck everyone!
[/FONT]
Comments
-
Dakinggamer87 Member Posts: 4,016 ■■■■■■■■□□Congrats!!
Thanks for sharing your story and journey*Associate's of Applied Sciences degree in Information Technology-Network Systems Administration
*Bachelor's of Science: Information Technology - Security, Master's of Science: Information Technology - Management
Matthew 6:33 - "Seek the Kingdom of God above all else, and live righteously, and he will give you everything you need."
Certs/Business Licenses In Progress: AWS Solutions Architect, Series 6, Series 63 -
LordQarlyn Member Posts: 693 ■■■■■■□□□□Congrats and well done indeed! Even with the two updates to the exam, I've heard Shone Harris's book is still one of the best books on CISSP out there. I used CCCure and Larry Greenblatt's videos, indeed I think Larry was the one who got me the mindset and thought process in gear to pass. I remember the shock when I started the exam and the question topics were like way different than the ones I reviewed but I managed to pass anyway. Good luck and advance congrats on your upcoming bundle of joy!
-
E Double U Member Posts: 2,238 ■■■■■■■■■■Congratulations on the pass!Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
DZA_ Member Posts: 467 ■■■■■■■□□□That's a neat way of tracking your hours, congratulations on passing the exam!
-
MalwareMike Member Posts: 147 ■■■□□□□□□□Wow, thats a lot of studying! Congrats on all your hard work, I hope to start my studies soon.Current: GSEC, GCIH, GCIA, GWAPT, GYPC, RHCSA, WCNA
2019 Goals: CISSP, Splunk certifications (Certified Core, Power User, Admin, and Architect)
Twitter: https://twitter.com/Malware_Mike
Website: https://www.malwaremike.com -
roxer Member Posts: 130 ■■■□□□□□□□Congratulations!! Excellent write up and study regimen! There are other certs you can take that information and apply--maybe more to come?
-
IggI_Supreme Member Posts: 18 ■□□□□□□□□□Congrats, I plan on taking this exam as well and I might just use some of your study techniques to help me get through.
-
Info_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□I can only hope to be as organized as you are.
Congrats on nailing the exam and on the baby!X year plan: (20XX) OSCP [ ], CCSP [ ] -
gchild00 Member Posts: 17 ■■■□□□□□□□Congratulations!!! Which tool you felt prepared you better? Total tester or Boson?
-
ecuison Member Posts: 131 ■■■■□□□□□□Congradulations on the pass! Well deserved!Accomplishments: B.S. - Business (Information Management) | CISSP | CCSP | TOGAF v9.2 Certified | Security + | Network +
-
ashishmathew Registered Users Posts: 2 ■□□□□□□□□□Congratulations ! Your report was very inspiring and for me it has been one of the best blog report I read so far!
Handwork, perseverance and your strong faith in God led you through.
Best of luck and congratulations on your baby as well! -
iota Member Posts: 21 ■□□□□□□□□□Congratulations. Respect how you made up your mind in passing the most recognised exam.
Time tracking and self-discipline are most important. It's quite to stay in complacent life after work -
jt2929 Member Posts: 244 ■■■□□□□□□□only 4-1/2 more years until you can call yourself a CISSP or even mention the credential on your resume (assuming you immediately find a job in the field).
-
Anteloper Member Posts: 9 ■■■□□□□□□□Good feed back. Thanks you, congratulations & good luck!! Just embarking on the CISSP after passing Security+ last week
-
Spread Love Registered Users Posts: 2 ■□□□□□□□□□Jt2929,
Why is it hard for you to congratulate this member for passing CISSP before reminding him or her what and what not to include in their resume; do you think you better by having fully CISSP? When somebody is smart enough to pass the same exam they have the right to say which exam they passed. So please stop bringing your negativity to this forum!!!!! -
lucky0977 Member Posts: 218 ■■■■□□□□□□From my POV, I congratulate this individual for dedicating countless hours of their life that they'll never get back to pursue this endeavor.
With that being said, there is a bit of elitism and I have spoken with many other CISSPs about this issue. Most of the Cyber managers I speak with cringe and feel the certification is becoming watered down because they've interviewed prospective employees (little experience) with the cert in the past and kinda expect them to easily answer the most basic questions related to Cyber Security and the reality is that there are people who have no business getting this cert.
As for my response....Welcome to the clubBachelor of Science: Computer Science | Hawaii Pacific University
CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+ -
jt2929 Member Posts: 244 ■■■□□□□□□□Spread Love wrote: »Jt2929,
Why is it hard for you to congratulate this member for passing CISSP before reminding him or her what and what not to include in their resume; do you think you better by having fully CISSP? When somebody is smart enough to pass the same exam they have the right to say which exam they passed. So please stop bringing your negativity to this forum!!!!!
This is a topic for another thread, but the OP is a perfect example of what is going wrong with this certification and it's emerging reputation. An accountant with little to no security experience passes the exam. Now what? I don't get the point in even taking the exam until you can get the full credential. Yes, great job memorizing the material and passing the exam. The industry is in need of experienced professionals, not paper CISSPs. -
lucky0977 Member Posts: 218 ■■■■□□□□□□This is a topic for another thread, but the OP is a perfect example of what is going wrong with this certification and it's emerging reputation. An accountant with little to no security experience passes the exam. Now what? I don't get the point in even taking the exam until you can get the full credential. Yes, great job memorizing the material and passing the exam. The industry is in need of experienced professionals, not paper CISSPs.
Another topic for another thread but closely related. I recently went through a CISM course provided by ISACA and they were ridiculing the entire CISSP exam and certification process. I chuckled a bit because the CISM contains 50% of what is in the CISSP but they do take their work experience verification seriously. They actually did call my employer and verified my work experience while ISC2 did not.Bachelor of Science: Computer Science | Hawaii Pacific University
CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+ -
Info_Sec_Wannabe Member Posts: 428 ■■■■□□□□□□Another topic for another thread but closely related. I recently went through a CISM course provided by ISACA and they were ridiculing the entire CISSP exam and certification process. I chuckled a bit because the CISM contains 50% of what is in the CISSP but they do take their work experience verification seriously. They actually did call my employer and verified my work experience while ISC2 did not.
While ISACA does experience verification, I've seen cases where an individual passed an ISACA exam and getting certified without having the required experience due to his/her selected verifier.X year plan: (20XX) OSCP [ ], CCSP [ ]