My CISSP test experience (Updated: PASSED)

I had been studying for the CISSP exam for a little over six months, the materials I used are:

The Offical ISC2 Book - read this once
The Shon Harris All in One (3rd edition) book - read this once
CISSP Passport book - read this twice
CISSP for Dummies book- read this once
CBT Nuggets CISSP Video Training- watched this once
Shon Harris 2003 DVD Video Training- watched this once
Shon Harris 2007 DVD Video Training- watched this twice

I also used
http://www.cccure.org and http://www.freepracticetests.org and of course http://www.techexams.net

I work with about a few people that have obtained the CISSP, they warned me not to underestimate the exam, I am glad that I followed their advice.

On March 15th 2008 I went down to Indianapolis Indiana to take the CISSP exam, with two of my coworkers, it was a five hour drive for us, and that was the closest location - be prepaired to travel if you are going to take this exam.

The night before the exam I could not sleep well - I have been under the weather with a cold, and did not care for the hotel room I was staying in...more so I think I was still sickly with a cold then anything else...needless to say i wolk up at 5:30 AM and could not get back to sleep. So I made an attempt to go over my notes one last time.

Obviously there is a non-disclosure agreement so I really can't go over the exam details. But I will say that while the proctor was reading the rules and taking roll-call, there were FBI, CIA, NSA, DOD, and a few other interesting companies in the room. I looked around the room while he took attendance and it became obvious at 33 years old I was the youngest person in the room.

The test was long...it took me three hours to get through it one time. I marked my answers in the test booklet putting a "+" sign next to the correct answer and a "-" sign next to the ones I thought were wrong.

At the three hour mark I took a quick break to eat a snak and gain some focus...the cold medicine I am on was definatly effecting me. So i decided to go over the test sheet two more times before filling in the bubble sheet...which took about 45 minutes to fill in all the answers on the sheet.

Total time in the exam was 5 hours 30 minutes.

When I turned in the exam, I felt confident that I had passed...the more that time passed the more I felt as if I had failed. On the drive back home we all developed "post test syndrom" - that deep feeling that we all just failed the exam. But we will not know the results for a few days / weeks.

Wish us luck.

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

ConstantlyLearning

good luck.

did you study for anything else while studying for this?

dynamik

Well good luck! It seems like you were well prepared though.

How would you rate those resources you used? Did the dummies and passport books really add anything? I have the official ISC2 and Shon Harris books. I see a lot of people recommend this as well: http://www.amazon.com/Information-Security-Management-Handbook-Sixth/dp/0849374952/ref=pd_bbs_sr_1?ie=UTF8&s=books&qid=1205886510&sr=1-1

3280 pages. Did you have any experience with that tome?

As far as the locations go, it seems like they rotate them around. I noticed they were in MN a little while ago. Maybe you can just be patient if you don't feel like traveling. They seem to hit most areas.

That sounds like a somber right back. How long do you have to wait for the results?

JDMurray

Wow! I had no idea you were so close to sitting the exam. You should get your results in 1-2 weeks via email. Make sure you check your Junk email folder often. I have a friend whose notification was flagged as spam and she didn't notice it in her spam folder until five weeks after she sat the exam.

How do you think the questions at www.freepracticetests.org compare with those on the exam?

Schluep

I took the exam on September 17th, 2007 and got my results on September 25th, 2007. There were a lot of people taking the exam with me since it was right before the experience requirement and endorsement changes made October 1st, so hopefully yours will be about as fast.

You completed the initial part of the exam quickly even though you were not feeling well and certainly put a lot of time into preparing (larger resource list than mine for sure). It sounds to me like you were well prepared for the exam and will most likely be getting that pass notification soon. Good Luck and let us know the good results.

I travelled for my exam as well, but that was only because I didn't want to wait three months for it to be in Pittsburgh again after I had missed it by a month.

bcairns

Thanks guys..

It is hard to rate the material I studied, each item was a very good resource and only after combining them did I really begin to see the big picture. I ranked them in order of how I felt they related to my test experience.

Shon Harris 2007 DVD Video Training- 90% material covered
The Shon Harris All in One (3rd edition) book - 90% material covered
The Offical ISC2 Book - 85% material covered
Shon Harris 2003 DVD Video Training - 80% material covered
CISSP Passport book - 65% material covered
CISSP for Dummies book - 60% material covered
CBT Nuggets CISSP Video Training - 40% - I felt this was lacking in a few areas

Sorry I never heard of the book: "Information Security Management Handbook, Sixth Edition" I just went to CCCURE.org and purchased everything the people in those forums used to pass. Cost a ton of money, but I feel it was well worth it.

There is a Shon Harris AIO CISSP 4th edition, but I decided not to buy it as the DVD set covers all the same material.

As fas a practice tests:

The Offical book comes with transenders, the EXACT same practice tests you can buy from ISC2 online for $99 a test. Buy the offical book for the information and the tests. It even said in the online documentation the questions are retired from previous versions of the exam.

Everyone that is going after a CISSP - MUST - visit http://www.cccure.org and http://www.freepracticetests.org! The forums there are very good for gaining information about the 10 domains, the practice tests I would rate as about the closest thing to the actual exam. They definatly put some work into it. Granted nothing will ever simulate the exam, but the questions on freepracticetests.org definatly helped me pick out my weak areas.

My advice for anyone going after this certification, take your time. Learn the material. The test seems to focus more on your understanding of the 10 domains rather then just memorizing details and facts.

I have a soild 10+ years as a programmer, and another 8+ as a domain admin, but after six months of studying for the test I found it was impossible to be completely ready for the exam - no one person can know every thing that the exam is going to ask you. But if you understand the domains and the reasons WHY, then you can come to logical conclusions on the questions that stump you.

Personally I found that switching back and forth from books to the DVDs really helped to keep my attention. Some of the material can get quite boring, but you need to know it. If you just skip over it or not focus on it, then it will become obvious during the actual exam. My weak area was BCP and DRP, not the concepts but the plan of actions - the actual steps. I got hit pretty hard with a brain-bender question that really had me wishing I had spent more time in that domain. In short, the test will find your weak areas fast.

The test itself is a mental and physical marathon. I used to think that 6 hours was way too much time, until I actually took the exam, the first three hours went by faster then I could have imagined. I found myself constantly looking at my watch to make sure I would not run out of time. Above all pace yourself and plan on taking a few breaks.

The post-test syndrom is nuts... I have never felt this way after a test. Maybe it is because of how draining the entire experience is, maybe it is because you do not get instant results (still waiting on mine). But in any case be ready to feel kinda crappy about it.

And last but not least - don't under estimate the amount of information in this exam. It has been called a inch deep and a mile wide - but that is one long mile. One of my co-workers (smart guy) has failed the exam four times. He knows the material, but has a hard time with the actual test part.

coffeeking

Good luck man!

Thanks for sharing your exam experience. I plan to go down the same road in coming years, CISSP is my most desired certification, but I am a few years away from meeting the experience requirement, since I am just about to start my career.

I would like to you ask you a couple of thinks if its OK!

How much do you think your security+ was helpful in your CISSP preparation?

Do you think it is a good idea to obtain SSCP since it a fewer experience requirement?

Hope to hear the good new dude!

bcairns

coffeeking wrote:

Good luck man!

Thanks for sharing your exam experience. I plan to go down the same road in coming years, CISSP is my most desired certification, but I am a few years away from meeting the experience requirement, since I am just about to start my career.

I would like to you ask you a couple of thinks if its OK!

How much do you think your security+ was helpful in your CISSP preparation?

Do you think it is a good idea to obtain SSCP since it a fewer experience requirement?

Hope to hear the good new dude!

If you are going to work for the goverment then Security+ is required by the DOD mandate. And yes it will give you a good intro the to world of security.

The SSCP is a matter of personal taste, I did not get it as I wanted a broader base of knowlege to pull from, instead get a lot of experience - maybe MCSE, CCNA, those types of certifications. But my understanding is a SSCP is still very good and put you in the right direction for a CISSP.

coffeeking

Thanks man, that gives me a good idea. My new job actually might require me to go CISCO way, so I will have to get CCNA and a few others under my belt. CISSP few years down the road.

bcairns

Just got the email this morning - i PASSED !!!

Megadeth4168

Congrats! That is very cool!

dynamik

Awesome. Congratulations!

Schluep

Congratulations!

Less than two weeks for the results including Easter is pretty good in terms of response time with the results. I'm sure that takes a load off thinking about it all the time as well.

Do you already have someone lined up for the endorsement?

techster79

Congrats, Is the SSCP a subset of the CISSP?

dynamik

Some of the material overlaps between the two, but it's an entirely different certification. It's not like the MCSA and the MCSE.

snadam

Congrats!

Mishra

Cool! Good job.

I'm so dark with the security certifications I don't even know what this means for you. ^_^

sprkymrk

bcairns wrote:

Just got the email this morning - i PASSED !!!

Congrats!

shednik

Congrats!!!

JDMurray

Congratulations!

techster79 wrote:

Congrats, Is the SSCP a subset of the CISSP?

Not exactly, but getting the SSCP is a good way to prepare for the CISSP exam.

bcairns

Thanks guys - now I just have to ask one of the CISSPs at work to endorce me.

As a side note both of my co-workers also passed

lopezco

My congratulations again

Awesome preparation

Awesome Post

lopezco

bcairns wrote:

Just got the email this morning - i PASSED !!!

What is your next goal now?

bcairns

lopezco wrote:

bcairns wrote:

Just got the email this morning - i PASSED !!!

What is your next goal now?

Well it is not over yet, I faxed in my resume / endorsement and got a notice that I am being audited lol.

I am probably going to take some time, research what sort of Salary range I should be at with CISSP and my other certs combined with experience, then ask for a raise...if the company won't grant me a raise then I guess I will start doing job interviews

Other then that I will probably upgrade my MCSE to an MCITP:E and focus more on programming (I really miss programming).

Slowhand

Congratulations, good to hear that you passed. Good luck with the audit, we'll all be looking forward to seeing the CISSP in your profile, sooner than later.

bcairns

Got the offical email today - I passed the audit and am now offically a CISSP

I have to say the audit was a lot less painful then I had thought it would be.

Slowhand

bcairns wrote:

Got the offical email today - I passed the audit and am now offically a CISSP

Congratulations!

bcairns wrote:

I have to say the audit was a lot less painful then I had thought it would be.

Does that mean it'll only take a week for you to walk straight again, as opposed to a month?

cdupuis

Good day to all,

This is Clement the maintainer of the www.cccure.org web site.

I just wanted to let you know that I have just uploaded some new tutorials on the site. They are very complete tutorials with hours of learning on each of the domains.

See the link on the main page.

Best of luck in your studies

Clement
http://www.cccure.org

JDMurray

cdupuis wrote:

Good day to all,

This is Clement the maintainer of the www.cccure.org web site.

Hey Clement, good to have you on TechExams.net!!

I hope to see you posting here more often.

I've already enlightened our masses with a posting about the Veridion CISSP tutorials here.