The Journey Begins - CISSP
ConflagrateCarl Member Posts: 13 ■■■□□□□□□□
Well, like most others in this sub-forum, I've decided to take the leap. More out of boredom than anything else, as I don't need the cert for my job and I'm not sure I'll ever need it. As far as experience, I've been working in IT for about 14 years, and doing security for about 8. I have Sec+, CEH, and CASP.
I started studying about a week ago and plan to take the test in about 6-8 weeks. So here's what I got and what I'm going to do:
1.) Sybex 8th Edition CISSP Study Guide
2.) 11th Hour Study Guide
3.) LinkedIn Learning CISSP Prep Course by Mike Chapple
4.) Android Pocket Prep - CISSP
5.) Sybex 2nd Edition CISSP Practice Tests (Just using the book for the wiley access) (1300 QUESTIONS)
6.) Boson ExSim CISSP Practice Exams (I bought the labs too [as a kit], but am most likely not going to use them) (750 QUESTIONS)
To get an idea of where I was starting out, I did some tests:
1.) I've taken 2 tests with Boson (150 questions each), and got a 72% and 73% respectively.
2.) I took 2 tests from the Sybex / Wiley website exam (150 questions each), and got a 78% and an 81%
I feel like the Boson is a lot harder and feels a bit more "conceptual"/"look inside yourself young padawan" based. That said, Boson has TONS of questions about databases and database security in it. The tests I have taken for Sybex/Wiley didn't have nearly as much focus on that. I would say that's one of my weaker areas, and that's definitely contributing the lower scores on the Boson exams. Guess I know what I need to study! Boson also gives you exam scores by domain, whereas Sybex/Wiley does not. So that's something I really like about Boson.
At this point, I've listened to all the LinkedIn Learning videos once, and am starting on a second run. I often just have it playing in my headphones at work, which means I can probably get through everything 5-6 times before I take the exam. I've also started going through the Sybex 8th Edition front to back, highlighting things I'm not familiar with and making flash cards. I should be done with my first read-through next week. After that I plan to focus on the flash cards and areas I need more work, and then start the 11th Hour Study Guide. When I'm not able to work through the books, I'll use the Android Pocket Prep. I'm going to keep doing this for the next 4-5 weeks, using fresh exams and questions on the weekends here and there (but not enough to just memorize answers). Then, about a week out, I'm going to start burning through all the exam questions I haven't seen to see if there are any that throw curve balls with regards to concepts/scenarios I haven't yet seen or had to think through.
Then I'll come back and say whether I passed or not. It seems like some people just need a sit-through to really grasp how the CISSP is structured, and I might be one of those people. The only thing I'd be out is the cash.
Best of luck to all who are currently studying, and congratulations to those who have passed!!
M.S.(Cyber/IA), CISSP, GCIA, CEH, CASP+, Sec+, Net+, A+, Project+, Linux+
Because I had already gone through most of the above rotation, this time I just crammed as hard as I could for about 9 days, for about 8 hours a day. Long story short, I (provisionally) passed the CISSP yesterday. Let me give a quick overview of the materials and my experience with them.
As for the exam itself...like everyone and their uncle before me have said, it's an English test. They are seriously trying to gauge your understanding of business/legal terminology, as well as concepts to both secure and benefit your organization from a high level. It's that simple...but it's not easy. Hopefully that makes sense. I wish everyone the best with their studies, and I hope that you all can achieve whatever goal you set for yourselves!
Stay safe everyone and take care!