UK CISSP experience from 27/03/11

jimmingtonjimmington Posts: 4Registered Users ■□□□□□□□□□
Evening Chaps

I have been reading this site with great interest in the wait for my results to come through and have found it to be an informative and supportive environment, so thank you for that!

However, I was in 2 minds whether to post or not, as i am not sure if people would approve of my route to the exam, but i feel it is worth sharing all experiences.

To give some background, i have been working in IT for just under 15 years now, of which 12 have been in what i would class as a "secure" environment. The bulk of my experience had been network security from a technical standpoint, but that has shifted recently into a more procedural orientated role - which initially i found quite hard to enjoy, but i am now settling into it quite nicely.

To get back in the swing of things i took the Security+ in November which i found fairly straightforward if i am honest. I then decided to investigate the CISSP - there was lots of talk from my peers about it, but not a lot of action. I had purchased a CISSP book the size of a house the same time as i bought a Security+ book, but as it turned out, in the end, neither got read.

So instead i decided to take the CBK review seminar which lasted a week.
Well... what can i say. To sum it up in one word, intense!
On the introductions they went round the class, and i kept hearing how everyone had read "Shon Harris" - that is when i started sweating, pretty much most of the class had read that, and there was me with no prior reading or prep work. Naivity at its best. In fact it was only on my return to the car that i realised that the massive book i had bought and not read, was in fact the (in)famous Shon book itself. I can hear the groans already from round the room, but like a lot of you out there, my wife and children have a sensor that alerts them to when i pick up, open, or attempt to read a book so studying at home is a no no.

So that is why i booked the course - a week dedicated to learning, and nothing else; there was just no way with my current lifestyle would i be able to structure a learning program at home.
So there are the excuses out of the way - but let me tell you about the course.
Considering it was a bloke talking non-stop from 9am to 6/7pm i did not once get the nodding dog thing going on, did not glaze over, it was very well presented. The instructor was very good and knew his stuff, and i feel quite lucky to have been on his course.

The domains were split into 2 a day, with the more policy focused ones at the start of the week tailing off to the techincal ones at the end of the week. This worked very well for me as it meant i had more time on my weaker domains. I soon realised that, every second counted, so after wasting the Monday evening watching Romeo Must Die, the telly did not go on again. Then for the rest of the week, 9am-6/7ish was instructor lead training, an hour or so of group activity, bouncing ideas off each other, then i was doing 3 more hours reading after dinner.
In between times i nabbed the questions from and found them very useful. There were some other interesting bits out there, notably the "Overly" notes which i found useful for a recap on the Saturday.
So that was it - nigh on 9-midnight for the week ready for the exam on the Sunday morning, 26th of March.

I guess everyone has their own exam technique so i won't bore you with mine - i did feel i misjudged the exam; i had meant to do "blocks" of questions, but it didn't end up like that for me, i ended up doing 2 complete cycles of the paper before getting the hump and wanting to leave. I was about the 5th to leave from 40, and that was at just under 5 hours.
But here is the killer bit i (and this is my own view of course) found... all of the questions i had in the exam, were all covered in the official (ISC)2 student handbook. In fact, there were a few re-sitters that day who also noticed the same thing previously - bemoaning the fact they had read far more detailed books than they needed.

All in all, it was a very positive experience - i took a lot of info away from the course and was very pleased with it. There were some key points that i have been able to implement in another project so it has paid for itself already.

But, then there is the results wait. Oh my how tortuous. Truly barbaric in this day and age, especially with the hilarious heartstoppers they send in terms of offers on books and courses. Then out of the blue, on the 18th of April, casually i opened the email, and there was the one word i wanted to see. Congratulations.
One wild fist pumping celebration later, 1 startled wife and 2 perplexed children and life was good.

So there you have it, a really enjoyable course, a pretty intense exam, and a horrendous wait, but with some quality study time, it is crackable.



  • Psyco32Psyco32 Posts: 104Member ■■■□□□□□□□
    2014 GOALS
    > GMOB [MAR_2014] OSCP [MAY_2014] GREM [OCT_2014]
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,440Admin Admin
    Congratulations on passing the CISSP exam! icon_cheers.gif
    jimmington wrote: »
    all of the questions i had in the exam, were all covered in the official (ISC)2 student handbook. In fact, there were a few re-sitters that day who also noticed the same thing previously - bemoaning the fact they had read far more detailed books than they needed.
    This reflects that the (ISC)2 people who craft the (ISC)2 exam items are using their own books as research material for the questions, and not so much from the books by non-(ISC)2 authors (e.g., Shon Harris). One would expect the exam item's content to come from the entire reading list in the CISSP Candidate Information Bulletin, but possibly not so much these days.
  • Chivalry1Chivalry1 Posts: 569Member
    Sometimes I marvel at CISSP experiences and accounts such as these. Congrats on your pass!!! I cant say that I have heard many people who champion the official guide. Although I read the official guide a couple of times ... I found the content to be extremely painful to read.... Like slamming your finger in the car door of your fathers old Buick.
    "The recipe for perpetual ignorance is: be satisfied with your opinions and
    content with your knowledge. " Elbert Hubbard (1856 - 1915)
  • [Deleted User][Deleted User] Posts: 0 ■■■□□□□□□□
    The user and all related content has been deleted.
  • JDMurrayJDMurray Certification Invigilator Surf City, USAPosts: 11,440Admin Admin
    Anyone who finds the subjects of those book boring should probably consider a career in something other than InfoSec. icon_wink.gif
Sign In or Register to comment.