JD, where's your CISSP write up??

cashewcashew Member Posts: 122
Congratulations on your recent pass JD. Mine is scheduled for 3/14 and I'm quite anxious. I loved your SSCP write up and hope your CISSP one is at the same level!

How does it feel to not have to study a domain at night?

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    Thanks for the recognition and appreciation. I am working on a very length CISSP blog article right now. And I'm very glad to be studying other things now that don't involve security architectures, CCTV camera, Common Criteria, or ALE calculations. icon_rolleyes.gif
  • mamonomamono Member Posts: 776 ■■□□□□□□□□
    Congrats!!! :D Can't wait to read it also! :)
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,224 Mod
    Yes I was just wondering about that !!!

    waiting.. :)
  • TurgonTurgon Banned Posts: 6,313 ■■■■■■■■■□
    JDMurray wrote: »
    Thanks for the recognition and appreciation. I am working on a very length CISSP blog article right now. And I'm very glad to be studying other things now that don't involve security architectures, CCTV camera, Common Criteria, or ALE calculations. icon_rolleyes.gif

    Well done JD. Feels like you were at this thing almost as long as I have been preparing for CCIE lab (April 2007). Must feel good to get it over with at last. Man I recall someone once saying they cleared this with 60 hours study and very little experience. Mind you they tested back in 2006. Imagine the test is more comprehensive these days. Either way you surely covered a lot of material there so hats off.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    Turgon wrote: »
    Man I recall someone once saying they cleared this with 60 hours study and very little experience.
    It depends on how well you understand the concepts in the CISSP CBK material (not just memorizing facts) and can accurately interpret what the exam items themselves are asking. And pure luck is also an undeniable factor too.
  • TurgonTurgon Banned Posts: 6,313 ■■■■■■■■■□
    JDMurray wrote: »
    It depends on how well you understand the concepts in the CISSP CBK material (not just memorizing facts) and can accurately interpret what the exam items themselves are asking. And pure luck is also an undeniable factor too.

    I think it was 'Freak' who cleared it that way. If I recall he bemoaned the ambiguity of the questions and that depending on interpretation any number of answers could be chosen. He was far from confident that he had passed because of that. He was also unhappy that there were questions in there that didn't count towards the test result. Although he passed I think he was overall unhappy about the whole experience. Felt like the test takers were doing QA for the test writers which he felt was unacceptable.
  • RTmarcRTmarc Member Posts: 1,082 ■■■□□□□□□□
    Turgon wrote: »
    I think it was 'Freak' who cleared it that way. If I recall he bemoaned the ambiguity of the questions and that depending on interpretation any number of answers could be chosen. He was far from confident that he had passed because of that. He was also unhappy that there were questions in there that didn't count towards the test result. Although he passed I think he was overall unhappy about the whole experience. Felt like the test takers were doing QA for the test writers which he felt was unacceptable.

    There is some truth to his arguments but I'm fairly sure they are being addressed.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    Turgon wrote: »
    If I recall he bemoaned the ambiguity of the questions and that depending on interpretation any number of answers could be chosen.
    The answers will only seem ambiguous if you don't know the material well and don't have enough InfoSec process experience.
    Turgon wrote: »
    Felt like the test takers were doing QA for the test writers which he felt was unacceptable.
    This opinion is caused by a lack of self-confidence in one's ability to take the exam. If you know the material it doesn't matter how many research questions there are, you will pass the exam. Whining about non-scored questions is a sign that the candidate is relying more on luck and trying to game the system rather than using knowledge and skill to pass the exam.
  • cisco_troopercisco_trooper Too many Member Posts: 1,443 ■■■■□□□□□□
    JDMurray wrote: »
    This opinion is caused by a lack of self-confidence in one's ability to take the exam. If you know the material it doesn't matter how many research questions there are, you will pass the exam. Whining about non-scored questions is a sign that the candidate is relying more on luck and trying to game the system rather than using knowledge and skill to pass the exam.


    +1

    The unscored questions are the questions they don't remember being in their "Study Guides"....
  • TurgonTurgon Banned Posts: 6,313 ■■■■■■■■■□
    JDMurray wrote: »
    The answers will only seem ambiguous if you don't know the material well and don't have enough InfoSec process experience.


    This opinion is caused by a lack of self-confidence in one's ability to take the exam. If you know the material it doesn't matter how many research questions there are, you will pass the exam. Whining about non-scored questions is a sign that the candidate is relying more on luck and trying to game the system rather than using knowledge and skill to pass the exam.

    Perhaps. I guess he would have to answer that for himself really. He had been working a security role for a little while but relatively speaking not all that long in terms of taking the CISSP. He was formally an MCT. From what I remember he found the questions open ended and poorly worded. He grumbled about the test itself more than the quality of the books he used. I think the Harris guide was one of his resources. I don't know if he was trying to game the system. His position was that he didn't like the fact that research questions were there at all. Then again, he may just have been bugged to have put 60 hours in on preparation only to find he was underprepared. He wrote a couple of articles about his feelings but his site got taken over by cyberquatters so they are no longer available. An ironic security breach in itself.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    Turgon wrote: »
    His position was that he didn't like the fact that research questions were there at all. Then again, he may just have been bugged to have put 60 hours in on preparation only to find he was underprepared.
    It could be a case of shifting the blame to something/someone else. But research questions are a pretty standard in professional exams, and many exam vendors won't even tell you they are there. Keeping such details secret is all part of preserving the exam's integrity.
    Turgon wrote: »
    He wrote a couple of articles about his feelings but his site got taken over by cyberquatters so they are no longer available. An ironic security breach in itself.
    It sounds like he just forgot to renew his DNS registration. That would be a good security problem to use in a CISSP exam item.
  • AhriakinAhriakin SupremeNetworkOverlord Member Posts: 1,800 ■■■■■■■■□□
    Great work Mr.Murray. Sorry I haven't been following this but did you (or when do you) get your result? I know you have been working hard on this so best if you didn't get the results yet.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    I did received my passing email and made the announcement in this thread: http://www.techexams.net/forums/isc-sscp-cissp/34782-cissp-exam-nov-2008-attempt-3.html#post282826

    Now I'm waiting to get the results of my endorsement; I expect that to take around two weeks.
  • AhriakinAhriakin SupremeNetworkOverlord Member Posts: 1,800 ■■■■■■■■□□
    Brilliant, well done and well deserved icon_cheers.gif
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
  • mamonomamono Member Posts: 776 ■■□□□□□□□□
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,224 Mod
    I really liked your review, and waiting for part 2. I'm really interested to see how SSCP helped you and how difficult you found the CISSP material.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    I swear I posted a response already, but I guess it didn't take...

    That looks great JD (I'm still reading it). What's part two going to be about? That looks fairly comprehensive at first glance.
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    dynamik wrote: »
    What's part two going to be about? That looks fairly comprehensive at first glance.
    Part Deux is my study plan and recommendations for passing the CISSP exam. People aren't so much interested in the cert experience as they are in finding "the trick" to passing. I really don't have any uncommon wisdom to impart other than, "study everything and make sure you really understand what you think you know." All the rest of the stuff is just details.
    UnixGuy wrote:
    I'm really interested to see how SSCP helped you and how difficult you found the CISSP material.
    The SSCP was helpful in that it's a more technical and smaller subset of information than the CISSP, the exam is basically an easier format, and passing the SSCP can also give you more confidence when going for the CISSP. I thought it was very helpful to me.
  • snadamsnadam Member Posts: 2,234 ■■■■□□□□□□
    congrats JD on the pass. Personally knowing a few relatives that have completed this, I know that it wasn't 'easy' to attain. So my hats off and respect to you!!! Now go indulge yourself in a victory beer :)
    **** ARE FOR CHUMPS! Don't be a chump! Validate your material with certguard.com search engine

    :study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
  • gwamakagwamaka Member Posts: 32 ■■□□□□□□□□
    I think this is the BEST and MOST COMPREHENSIVE review I have ever read regarding the CISSP exam. More power to you man and thanks for taking a time to do this write up ! Its definitely very helpful for people like us who are heading the SSCP and CISSP route soon.


    JDMurray wrote: »
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,224 Mod
    Thank you very much JD, you have really motivated me ! This is very helpful

    I posted a comment asking you about how much SSCP and Security+ helped you and if you, in general, recommend Security+ --> SSCP --> CISSP path or not :)
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,890 Admin
    gwamaka wrote:
    I think this is the BEST and MOST COMPREHENSIVE review I have ever read regarding the CISSP exam.
    icon_redface.gif
    UnixGuy wrote: »
    Thank you very much JD, you have really motivated me ! This is very helpful
    That's pretty much what I'm here for! :D

    UnixGuy wrote: »
    I posted a comment asking you about how much SSCP and Security+ helped you and if you, in general, recommend Security+ --> SSCP --> CISSP path or not :)
    That was the path that I followed, although there was a long time between my Security+ and SSCP. If you are not immediately qualified for the CISSP, I do recommend going that way.
  • UnixGuyUnixGuy Are we having fun yet? Mod Posts: 4,224 Mod
    yes I'm not qualified for CISSP at all, so I'm with Security+ now..I will work on my technical background in general, then I will go to security.


    Good luck with your job hunt, I'm you sure you won't have a problem getting a job in InfoSec, because you invested in the right direction :)
Sign In or Register to comment.