CISSP Down
I took the CISSP on 4/17 in Phoenix. AZJag was also there for his SSCP, and I was staying with Snadam, so needless to say, massive drunkenness occurred after we finished our exams. I would also publicly like to thank Snadam's lovely, patient wife for providing safe transportation (the rest of the weekend wasn't much better).
I got my results in 18 days, which is a pretty awesome turn-around, all things considered. I finished in 2.5 hours. Like a moron, I just ticked the bubble as I was going through the sheet then filled them all in at the end. That last half hour was entirely spent filling in bubbles, and my hand was cramping up. I'm pretty sure I should have been disqualified for being an idiot at that point. I didn't review. I never do since I tend to second-guess myself more than anything. I think I was the first CISSP to finish, and I beat some of the SSCPers as well. I was planning on using my "first place finish" to console myself later on since I wasn't too optimistic about passing
I have, at one point another, read at least an entire book on each of the domains. For my CISSP-centric studies, I used primarily the 4th Edition of the AIO. I spent a few hours skimming the official guide, but really just noted a few things that seemed new. I used skimmed the Prep Logic guide since I got it for only a few dollars, but there really wasn't much new there. For quick review sheets, the aide-mémoire was the best resource. I did go through Transcender a couple of times as well, which I suppose did help beat the trivia into my head. It wasn't anything like the exam though. I also only had time to review a couple hundred of the cccure.org practice questions. I wish I would have had more time to do those. I only had about eight days of dedicated study since I did GSEC and GPEN the Thursday the week before, so the week leading up to the exam was pretty intense.
I really felt like all those materials helped with maybe 20% of the exam. When you're studying things like all the fire types, power problems, etc., you're expecting to see a lot more trivia on the actual exam. I rarely encountered anything like that. It's really an exam on how to think like a manager. I believe GAngel gave me that advice, so that's how I rolled through the exam. When I saw a question like:
You're on fire. What do you do?
a)Scream for help
b)Stop, drop, and roll
c)Look for a fire extinguisher
d)Get management approval to dial 911
You can guess what I picked.
It wasn't that transparent, but it certainly made things difficult. There were often multiple correct solutions and you were instructed to pick "the best". It's a small wonder that people leave the exam room in complete uncertainty. Having 25 ungraded evaluation questions doesn't help either. You can bomb all those (which may be very obscure), and think you did a lot worse than you did. I actually felt OK leaving the room, but that actually made me uneasy since the trend is to usually feel like you failed and then end up passing.
My exam was really heavy on software development, which hurt because I felt like that was my weakest domain. It felt like physical security, access control, and network security made up a disproportionally small part of my exam. It seems like this varies quite a bit. I've had others say theirs was heavy on BCP. I guess you'll just have to study everything
Experience is really necessary for this exam. I don't think I could have passed using only CISSP resources.
Anyway, that's a huge relief. No offense to the organization, but I really wish I was done with those exams. I'll probably do the SSCP and ISSAP specialization at some point.
Next up is CISA since you can only take that in June and December. Then I need to do some clean-up and wrap up CCNA:S, OSCP, and OSWP. Those have been "in progress" for the better part of a year...
I got my results in 18 days, which is a pretty awesome turn-around, all things considered. I finished in 2.5 hours. Like a moron, I just ticked the bubble as I was going through the sheet then filled them all in at the end. That last half hour was entirely spent filling in bubbles, and my hand was cramping up. I'm pretty sure I should have been disqualified for being an idiot at that point. I didn't review. I never do since I tend to second-guess myself more than anything. I think I was the first CISSP to finish, and I beat some of the SSCPers as well. I was planning on using my "first place finish" to console myself later on since I wasn't too optimistic about passing

I have, at one point another, read at least an entire book on each of the domains. For my CISSP-centric studies, I used primarily the 4th Edition of the AIO. I spent a few hours skimming the official guide, but really just noted a few things that seemed new. I used skimmed the Prep Logic guide since I got it for only a few dollars, but there really wasn't much new there. For quick review sheets, the aide-mémoire was the best resource. I did go through Transcender a couple of times as well, which I suppose did help beat the trivia into my head. It wasn't anything like the exam though. I also only had time to review a couple hundred of the cccure.org practice questions. I wish I would have had more time to do those. I only had about eight days of dedicated study since I did GSEC and GPEN the Thursday the week before, so the week leading up to the exam was pretty intense.
I really felt like all those materials helped with maybe 20% of the exam. When you're studying things like all the fire types, power problems, etc., you're expecting to see a lot more trivia on the actual exam. I rarely encountered anything like that. It's really an exam on how to think like a manager. I believe GAngel gave me that advice, so that's how I rolled through the exam. When I saw a question like:
You're on fire. What do you do?
a)Scream for help
b)Stop, drop, and roll
c)Look for a fire extinguisher
d)Get management approval to dial 911
You can guess what I picked.
It wasn't that transparent, but it certainly made things difficult. There were often multiple correct solutions and you were instructed to pick "the best". It's a small wonder that people leave the exam room in complete uncertainty. Having 25 ungraded evaluation questions doesn't help either. You can bomb all those (which may be very obscure), and think you did a lot worse than you did. I actually felt OK leaving the room, but that actually made me uneasy since the trend is to usually feel like you failed and then end up passing.
My exam was really heavy on software development, which hurt because I felt like that was my weakest domain. It felt like physical security, access control, and network security made up a disproportionally small part of my exam. It seems like this varies quite a bit. I've had others say theirs was heavy on BCP. I guess you'll just have to study everything

Experience is really necessary for this exam. I don't think I could have passed using only CISSP resources.
Anyway, that's a huge relief. No offense to the organization, but I really wish I was done with those exams. I'll probably do the SSCP and ISSAP specialization at some point.
Next up is CISA since you can only take that in June and December. Then I need to do some clean-up and wrap up CCNA:S, OSCP, and OSWP. Those have been "in progress" for the better part of a year...

Comments
I have no idea what you are talking about. It's all a blur really.
Congrats Man. I too got my results this morning, Pass.
Time for me to pick up the book and take the CISSP. Maybe early next year.
VMware Certified Advanced Professional 5 – Data Center Administration (VCAP5-DCA) (Passed)
VMware Certified Advanced Professional 5 – Data Center Design (VCAP5-DCD)
That's still a ways out. Need to go through the endorsement process and all that. It's just nice to get the exam out of the way. I guess I'm still an "associate" at the very least though...
Okay, I am still a little confused on that area. If you get the CISSP and don't have the experience to get the full CISSP, does that make you an Associate?
Correct. You are an associate upon passing the exam and remain so until you meet the eligibility requirements and are endorsed.
Note: you will have to retake the exam if you do not get that done within six years.
http://www.isc2.org/how-to-become-an-associate.aspx
haha
+1
hehehehe you might be more right than you think.
CCNA Security | GSEC |GCFW | GCIH | GCIA
[email protected]
http://twitter.com/paul_bosworth
Blog: http://www.infosiege.net/
Cheers,
Working on VCP4
It is your personal IPS to stop the attack.
You may learn something!
My official congrats! I had a great time. Good food, friends, and booze. PLUS, I didn't have to take a test
Also, thanks to AZJag for the pub recommendation. Good Times!
:study: Current 2015 Goals: JNCIP-SEC JNCIS-ENT CCNA-Security
Thanks dude. I remember you having issues with (ISC)2. That's an unfortunate predicament to be in seeing as how that cert carries so much weight.
I'll be doing the CISA in June. GCIH, GCIA, and ultimately the GSE (~fall 2011) are the ones I'm looking forward too. I'll probably add in some more resume padding from (ISC)2 and ISACA as well.
Dude, we finished half of it drinking long islands. I'm pretty sure we consumed more than that much alcohol overall.
Even if he is a pool shark...