Just passed CISSP ... should I now do CISM whilst it's fresh in my head? - EXAM BOOKED!!!

2»

Comments

  • lucky0977lucky0977 Member Posts: 218 ■■■■□□□□□□
    @CyberCop123; You already have the OSCP and CISSP, which are already impressive achievements. I assume the reason you want to do this is for your own personal achievement rather than your employer requiring you to do it. If I had to pay out of pocket for this, I wouldn't do it but it's your money.
    Bachelor of Science: Computer Science | Hawaii Pacific University
    CISSP | CISM | CISA | CASP | SSCP | Sec+ | Net+ | A+
  • musimusimusimusi Member Posts: 8 ■■□□□□□□□□
    So did u pass the 2nd attempt
    otw to CISM
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    musimusi said:
    So did u pass the 2nd attempt
    Hey, I didn't actually try again.

    Just after I failed this I managed to get put on two SANS courses which were only two months apart.  

    I did the SANS FOR572 (Network Forensics and Threat Hunting, and SANS FOR610 (Reverse Engineering of Malware)

    I passed both and just haven't had much time to look again at CISM.  I am unlikely to go back to do it to be honest.  I'm more likely to look at doing the OSCE at some point in the next 1-2 years, need a break first!  
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • JDMurrayJDMurray Admin Posts: 13,089 Admin
    edited October 2019
    Why does someone who does so well in the areas covered by the OSCP, GNFA, and GREM cert need the CISM too? Those are completely different InfoSec career paths. Were you looking to give up the technical track and go into InfoSec team management soon?
  • CyberCop123CyberCop123 Member Posts: 338 ■■■■□□□□□□
    JDMurray said:
    Why does someone who does so well in the areas covered by the OSCP, GNFA, and GREM cert need the CISM too? Those are completely different InfoSec career paths. Were you looking to give up the technical track and go into InfoSec team management soon?

    At the time I didn't have the GNFA or GREM.  I only had the OSCP and CISSP - however your point is still very valid.  I didn't need the CISM but I got a bit greedy!

    I love studying for IT certifications and the thought of an easy win with the CISM was too tempting.  It back fired though.  I only failed by 1%.

    I'm not looking to go into Information Security, I much prefer the technical side.  With that in mind I am pretty sure I won't be doing the CISM (unless something changes in the future) 
    My Aims
    2017: OSCP -
    COMPLETED
    2018: CISSP -
    COMPLETED
    2019: GIAC GNFA - Advanced Network Forensics & Threat Hunting -
    COMPLETED
               GIAC GREM - Reverse Engineering of Malware -
    COMPLETED

    2021: CCSP
    2022: OSWE (hopefully)
  • JDMurrayJDMurray Admin Posts: 13,089 Admin
    It was a good attempt even if you were a bit haphazard in your preparation. However, had you passed, your only pay-off would have been knowing that you passed the exam. If you had passed the CISM exam you still would not have been awarded the CISM certification. ISACA, like the (ISC)2, has a professional work experience requirement for their certifications. You wouldn't have received the CISM cert, or been allowed to put "CISM" on your resume until you acquired the requisite years of InfoSec management experience and were vetted. Presently, you are given six years to acquire this experience.
  • balancebalance Member Posts: 244 ■■■■■□□□□□
    No worries . I failed a few months ago and sat again in September... knocked it out.  Get back in the saddle you can get it done.
  • dinhtqdinhtq Member Posts: 24 ■■■□□□□□□□
    it's depend on your money.
  • Grafixx01Grafixx01 Member Posts: 109 ■■■□□□□□□□
    I just want to know if you were paid by the poster on the topic saying that you'll pass with their guarantee? Just kidding

    Sorry about the non-pass, it stinks.
  • imnewbieimnewbie Member Posts: 30 ■■■□□□□□□□
    JDMurray said:
    Why does someone who does so well in the areas covered by the OSCP, GNFA, and GREM cert need the CISM too? Those are completely different InfoSec career paths. Were you looking to give up the technical track and go into InfoSec team management soon?

    At the time I didn't have the GNFA or GREM.  I only had the OSCP and CISSP - however your point is still very valid.  I didn't need the CISM but I got a bit greedy!

    I love studying for IT certifications and the thought of an easy win with the CISM was too tempting.  It back fired though.  I only failed by 1%.

    I'm not looking to go into Information Security, I much prefer the technical side.  With that in mind I am pretty sure I won't be doing the CISM (unless something changes in the future) 
    I want to know what study material did you use for CISSP?
  • bigdogzbigdogz Member Posts: 881 ■■■■■■■■□□
    @CyberCop123
    Most find the CISM exam is easier than the CISSP.  As @kaiju has stated, if you go through the book a 2 (or 3) times, you will get the subject matter.
  • evanyeapevanyeap Member Posts: 2 ■□□□□□□□□□
    I dont think the CISSP is that similar to CISM in fact, I did the certs back to back and after chewing through the practice exam questions, I found that there is a fair bit of correlation with other standards such as SABSA and ITIL. These are completely not in the CISSP exam.
    Current - CISSP | CCSP | CISM | CISA | SABSA SCF | ITIL-F
    2020 aims - CRISC | ISSAP | OSCP | AWS Architect Associate
Sign In or Register to comment.