Physical Security Domain

techndumdum

I was wondering if any CISSP's can tell me why I bombed so badly (came 10th) in Physical Security? This is not exactly the most taxing domain and I did study it. Is something going on here that I'm not getting? I recall many scenario questions for this domain, "if I built a data center..."

Any words of wisdom to cure me of my paranoia would be appreciated.

LarryDaMan

techndumdum wrote:

I was wondering if any CISSP's can tell me why I bombed so badly (came 10th) in Physical Security? This is not exactly the most taxing domain and I did study it. Is something going on here that I'm not getting? I recall many scenario questions for this domain, "if I built a data center..."

Any words of wisdom to cure me of my paranoia would be appreciated.

No words of wisdom, but I have heard of people failing 3 times and then passing. Study your weak domains, and keep at it. Now you know what to expect! Good luck. I am taking the exam on 10/19.

dynamik

You're going to have to provide significantly more information about your background, study materials, etc. in order for anyone to give you a useful answer.

Slowhand

dynamik wrote:

You're going to have to provide significantly more information about your background, study materials, etc. in order for anyone to give you a useful answer.

Now you're just talking crazy. It's obvious, he was distracted by swamp gas reflecting off a weather balloon. Happens all the time.

JDMurray

I'm studying for the CISSP now, and I must admit there's a great temptation to study lightly on what appear to be "common sense" topics in the CBK and spend more time on the more difficult topics. However, as you know, many of the exam questions are word not to test if you know the subject material, but if you understand how to use the subject material.

I've noticed a few physical security questions at cccure.org and freepracticetests.org that seem to have no single correct answer, and the explanation of the correct answer is puzzling to me. There's overlap in the types of physical controls (such as corrective vs. recovery and preventative vs. deterrent) that can be confusing. And the information in exam questions may be old, so you can't necessarily rely on information from current events to give you insight into possible answers. I won't say the questions are deliberately deceitful, but few of them are straight-forward.

What study aides did you use and which ones did/didn't help you with the exam?

LarryDaMan

JDMurray wrote:

I'm studying for the CISSP now, and I must admit there's a great temptation to study lightly on what appear to be "common sense" topics in the CBK and spend more time on the more difficult topics. However, as you know, many of the exam questions are word not to test if you know the subject material, but if you understand how to use the subject material.

I've noticed a few physical security questions at cccure.org and freepracticetests.org that seem to have no single correct answer, and the explanation of the correct answer is puzzling to me. There's overlap in the types of physical controls (such as corrective vs. recovery and preventative vs. deterrent) that can be confusing. And the information in exam questions may be old, so you can't necessarily rely on information from current events to give you insight into possible answers. I won't say the questions are deliberately deceitful, but few of them are straight-forward.

What study aides did you use and which ones did/didn't help you with the exam?

What is worse is that many CISSPs can make compelling arguments as to why more than one answer might be right. There are many questions that people have had to agree to disagree on. That is the intimidating part of the test to me, the wording and logic behind the questions. The breadth of information you have to study is huge but doable. I have been trying not to study too hard until 8 weeks to go... I fear a buffer overflow. Lots of reading, video watching, and flash card making right now. I am doing a boot camp the week before the test to hopefully put me over the top.

JDMurray

larrydaman wrote:

What is worse is that many CISSPs can make compelling arguments as to why more than one answer might be right. There are many questions that people have had to agree to disagree on. That is the intimidating part of the test to me, the wording and logic behind the questions.

This is one of the aspects of the exam used to separate the experienced professionals from the fact-memorizing wannabes. This is also a reason why a score of 1000/1000 is not required to pass the exam.