Just passed CISSP ... should I now do CISM whilst it's fresh in my head? - EXAM BOOKED!!!

Was not considering this at all, however I saw someone on another site post something like:
I advise anyone that has passed CISSP to spend 2-3 weeks doing CISM questions and then do that exam too as it will be very very little work.
Would you agree with this?
The same person also recommended doing CCSP too
Thanks
Cybercop
I advise anyone that has passed CISSP to spend 2-3 weeks doing CISM questions and then do that exam too as it will be very very little work.
Would you agree with this?
The same person also recommended doing CCSP too
Thanks
Cybercop
My Aims
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
Comments
Not sure I can afford it yet. I was going to register for 3-4 weeks time to do the exam
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
Cheers
If I do this then I will get the 12 month access to Q&A and that's it . I don't believe I need the manual as well.
I'll make a decision tomorrow but I'm leaning towards doing it as it doesn't seem much extra work for a quality certification
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
Deal?
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
Bit nervous now as I know this exam is more about management and a bit more governance, so more specifically focusing on one area.
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
You'll probably be fine. Watch this video:
Will post more later
Just left exam centre
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
FAILED
As previous post indicated, I failed the exam. The whole thing started badly. The test was supposed to start at 9am, and I got there at 830. The exam person booked me in, checked my ID and showed me to computer. I started the test, and 3 questions in all screens displayed an error message like "LOST CONNECTION" or something.Nearly an hour to fix the issue, and during this time the man running the test centre kept just saying "either wait or reschedule" - really unhelpful and I ended up having an argument with him about it.
Anyway, I eventually got underway about an hour after originally starting and was really struggling to concentrate and focus. I'm not sure why, I think I was just tired and wasn't feeling in the mood.
The exam was MUCH MUCH harder than I expected. Mainly as with the CISSP there is tons of different subjects so if you're weak in one area it moves on quite quickly.
My stupidity in not preparing at all and thinking I could just pass meant that I struggled with many of the concepts. The constant focus on things like Business Impact Assessment, GAP analysis, Benchmarking was just a killer for me as I had no clue on any of that.
Additionally, it is very very accurate to say that one of my biggest issues and failings was not understanding the angle of the questions/answers and what ISACA are looking for.
As an example, many questions were similar to this:
There has been a major issue noticed with the web server. What is your FIRST priority
(A). Report it to the IT manager
(B). Conduct a risk assessment and consider taking it offline immediately
(C). Notify senior management
(D). Notify the business owner
... Not a clue. Almost all of them seemed fairly plausible. I kept thinking:
It went on and on.
My biggest failing was not doing the Q&A Database questions. Had I done that I think I'd have been more aware of what type of answers they need. E.g. I would have noticed that I should be escalating upwards most of the time... or whatever it is.
Conclusion
Feel pretty down now. After passing the CISSP and the relief that I didn't have to pay to re-take, I have stupidly failed the CISM because I didn't prepare and rushed into it. Even more stupid is the fact that I never ever was interested in it, I just saw a post on Reddit a few days ago in which someone recommended doing it soon after.
I am pretty sure I am going to get the database questions and re-take this in 3-4 weeks time, in early January. I feel like I need to pass now as I've started this process and also want to have the certification on my CV.
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
I've done some research and most say to just avoid the manual and focus on the Q&A database. I've paid for that today and so I will start using it tomorrow and next week.
I think that 70% of the reason I failed was because I didn't understand what angle I should have been taking with the question, e.g. often there were 4 "right" answers but there was only one that was correct in the context of a CISM manager. 30% of the reason I failed was just a lack of knowledge.
I'm going to re-sit in a months time. Fingers crossed!
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
The pass mark is 450
I got 437
Very annoyed by that, probably just a 1-2 questions off passing. Arghhh...
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
Thanks DZA, I don't think I'm burned out, rather it was just a case that I didn't prepare at all and stupidly thought I could just pass without studying. Stupid me. Not sure you what you mean about the same exam window?
Thanks Cert_God (cool name btw). I've got the Q&A database and done around 125 questions I think so far. I'm learning a lot from it. Can see where my weak areas are now.
I'm going to continue these questions for the next 1-2 weeks and possibly try the exam again.
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)
1) Easy, the answer is obvious
2) The answer is impossible to locate and when I choose, it's something different for a reason I don't quite agree with
I'm wondering if I'm just wasting my time with this....
2017: OSCP - COMPLETED
2018: CISSP - COMPLETED
2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting - COMPLETED
GIAC GREM - Reverse Engineering of Malware - COMPLETED
2021: CCSP
2022: OSWE (hopefully)