Starting to study again... CISSP - Nov 13th

7 VII 77 VII 7 Member Posts: 26 ■□□□□□□□□□
So this will be the 3rd time I take the CISSP, last time I failed by 40pts.

I am going to go over my notes from my CISSP Passport and some other resources (Shon Harris 5th Edition, CISSP CRAMSESSION Study Guide) focusing on what items I did not do well in.

Worst to Best
10 Operations Security
9 Access Control
8 Sec Architecure and Design
7 Physical Security
6 Telecommunications and Network Security
5 Legal Regulations
4 IS and Risk Management
3 Cryptography
2 Application Security
1 Business and Disaster Recovery

I have budgeted each week and what I will be studying... any suggestions?


31-Jul----6-Aug.......IS and Risk Management
7-Aug----13-Aug.....Access Control
14-Aug---20-Aug.....Access Control
21-Aug---27-Aug.....Sec Architecure and Design
28-Aug---3-Sep.......Physical Security
4-Sep----10-Sep......Telecommunications and Network Security
11-Sep---17-Sep .....Telecommunications and Network Security
18-Sep---24-Sep......Cryptography
25-Sep---1-Oct........Business and Disaster Recovery
2-Oct----8-Oct........Legal Regulations
9-Oct ----15-Oct......Application Security
16-Oct---22-Oct......Operations Security
23-Oct---29-Oct......Operations Security
30-Oct---5-Nov........REVIEW
6-Nov----12-Nov.......REVIEW

I want to make the most of my time.. I will probably spend 3 to 4 days a week 2 to 3 hours a day on those days.

Anymore information would help.

Thanks!

Comments

  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    The conventional advice is to only study your worst 2-4 domains. Even at -40 points, that should be all you need to get a minimal pass.

    Because you have multiple failures, you really need to find and fix what it is you are not doing correctly. You've seen the exam twice now, so you should have a good idea of what to expect. It may be that you are over-estimating your understanding of the material, or simply not focusing well enough on the questions to understand what they are really asking. You may be always selecting the first answer you believe to be correct, or doubting yourself and changing answers that you correctly marked. You could also be wasting too much time on the first part of the exam and rushing to finish the last part. Or maybe you are just not spending enough time on the exam to do a thorough job.

    How long did it take you to complete each exam?

    Are the lists of best-to-worst domains for each exam nearly the same, or are they very different in order?

    How did you feel when you left each exam?
  • 7 VII 77 VII 7 Member Posts: 26 ■□□□□□□□□□
    Both times I took the exam it took me the full 6 hours.

    I would go through the test and answer the ones I KNEW right of the bat, the long ones that required some math or calculations or multipart questions I would leave alone. I would then go back and hit the ones I did not know at the end.

    After that I would go through ALL the questions again and ensure that I answered them correctly.

    I dont remember the 1st failure issues I had, I can't find that e-mail

    After I left both exams I felt like I did really really well. There were no questions on the exams that I said "Geez, I have no idea what they are talking about"

    I took the last CISSP at the beginning of the year so I just wanted to make sure I covered my bases because I am not sure what I have forgot.

    Any other ideas?
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    Were you rushed to finish the exam, or did you have plenty of time to go back and check your work?

    Did you end up changing a lot of your initial answers?

    A common pattern with items on advanced exams is to have two answer options that are possibly correct, but one is more correct than the other. The information in the question will indicate to a candidate with experience in the item's subject which is most likely the correct answer.

    It is possible you are choosing the first answer that seems correct to you and not considering the others. Always read all four answer options and tell yourself why each option CAN or CANNOT be the correct choice. You should be able to immediately disregard two options and decide between the other two. Not all exam items will follow this patterns, but you must be aware of the ones that do.

    Slow and methodical wins the CISSP exam race. icon_wink.gif
  • 7 VII 77 VII 7 Member Posts: 26 ■□□□□□□□□□
    JDMurray wrote: »
    Were you rushed to finish the exam, or did you have plenty of time to go back and check your work?

    Did you end up changing a lot of your initial answers?

    A common pattern with items on advanced exams is to have two answer options that are possibly correct, but one is more correct than the other. The information in the question will indicate to a candidate with experience in the item's subject which is most likely the correct answer.

    It is possible you are choosing the first answer that seems correct to you and not considering the others. Always read all four answer options and tell yourself why each option CAN or CANNOT be the correct choice. You should be able to immediately disregard two options and decide between the other two. Not all exam items will follow this patterns, but you must be aware of the ones that do.

    Slow and methodical wins the CISSP exam race. icon_wink.gif
    I did not feel rushed, I felt like I had plenty of time to take the exam and took my time when checking my answers and filling out my answers initially.

    I did not end up changing many of my answers.. maybe a handful if that.

    I went with the mentality of the best answer for the question, I also read all the options before choosing my answer. Crossing out the ones I KNEW were wrong.
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    Then I would say that you need to understand the material better so you can pick more correct answers. You also may be unaware of how many items you are actually guessing the answer to rather than making an informed decision.

    I would suggest you need to put more effort in doing a detailed study of your five worst domains. It may be the study techniques you are using are not optimal for your best way of learning this material, so you need to try a different style of studying. How we study changes as we get older, and we have to realize how we change and adapt to it.

    If you have been mostly reading, try audio/visual materials. Try high-lighting facts and making flash cards from them. Make sure you are writing detailed study notes (usually 50-100 pages) to help you memorize. A week before the exam you should be studying only from your notes. And finally, look over the threads in this forum for ways that other members have used for studying for the CISSP.
  • core22core22 Member Posts: 27 ■□□□□□□□□□
    Another suggestion would be to read each answer from the bottom up - rather than going A through D, go D through A - then choose the best answer.
    CISSP | GPEN | GWAPT | GCIH | CEH | CHFI | Security+
    BS - InfoSec, Drexel University - Summa Cum Laude
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    core22 wrote: »
    Another suggestion would be to read each answer from the bottom up - rather than going A through D, go D through A - then choose the best answer.
    I believe that the order of the answer options in each exam item is randomized, so two exams with the same item should have the answer options in different orders.

    Still, there may be some psychological value to doing this. Give it a try and see if you like it.
  • core22core22 Member Posts: 27 ■□□□□□□□□□
    This is more for your brain to see the answers differently. Many times, even with reading all answers, the 1st answer encountered that may be right is usually the one our mind "prefers" subconsciously. I've had 2 different instructors recommend this tip.
    CISSP | GPEN | GWAPT | GCIH | CEH | CHFI | Security+
    BS - InfoSec, Drexel University - Summa Cum Laude
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    core22 wrote: »
    Many times, even with reading all answers, the 1st answer encountered that may be right is usually the one our mind "prefers" subconsciously.
    Yes, this is what the "tell yourself why each answer option is correct or incorrect" tactic is attempting to overcome too. With a randomized answer option listing, I'm not sure how starting at the bottom of the answers is any different from starting at the top.
  • redmondredmond Member Posts: 18 ■□□□□□□□□□
    The answering method i used for both CISA & CISM is not to look at any answer options while or after reading the question. I would try to come up with the answer and then see the options one by one(while covering the others using the scranton sheet). This helped me a lot. I was able to finish both the exams with atleast 45 minutes to spare in each case. I did not make any changes to my answers in those 45 minutes(i just checked the answers i marked on the booklet and the ones on the scranton sheet matched). Hope this method helps someone.
  • badrottiebadrottie Member Posts: 116
    Another method that works well is to cover up the question and read the answers first and see if you can eliminate poor choices. It seems counter-intuitive, but it does work for some people as well, as you do not have the context to make a false assumption on (jumping the gun, as it were).

    Example:

    A) Media Access Control
    B) Mandatory Access Control
    C) Mothers Against Canada
    D) Message Authentication Code

    Quick analysis: what domains?

    A) Telecomm & Network Security
    B) Access Control
    C) South Park
    D) Crypto

    C is eliminated outright, but someone on the (ISC)2 question writing committee has a sense of humour. A,B and D are all good candidates, but you have no context to eliminate any further choices until you read the question.

    Question: "Which access control policy is enforced where system has final control over user access to files, resources or objects?"

    This is an Access Control domain question. You only have one possible correct answer: B

    There are a number of test taking strategies. It is important to not change any answer unless you absolutely know that it is incorrect. (There are a number of studies that show your first choice is usually the correct one.)

    Also do not forget that acronyms are fair game. If you have a question that uses "MAC and DAC are..." you are expected to know what they mean, what they are, and how to apply them.
  • JDMurrayJDMurray MSIT InfoSec CISSP SSCP GSOM GSEC EnCE C|EH Cloud+ CySA+ CASP+ Linux+ PenTest+ Security+ Surf City, USAAdmin Posts: 12,718 Admin
    Two things to consider are:

    1. The (ISC)2 is not suppose to use humor, confusing jargon (technobabble), and other sorts of "trickery" in their exam items.
    2. An exam item might contain information from multiple CBK domains, although the item itself is categorized only under one domain.

    So this exam taking tactic might not be efficient for (ISC)2 exams, but on others types of cert exams it might work very well.
  • badrottiebadrottie Member Posts: 116
    JDMurray wrote: »
    Two things to consider are:

    1. The (ISC)2 is not suppose to use humor, confusing jargon (technobabble), and other sorts of "trickery" in their exam items.
    2. An exam item might contain information from multiple CBK domains, although the item itself is categorized only under one domain.

    So this exam taking tactic might not be efficient for (ISC)2 exams, but on others types of cert exams it might work very well.

    JD is correct. My example question would never make it past review stage with the Mothers Against Canada as a possible answer (A shame, really). They would use something else, such as "Multiple-Access Computing".

    Know your material. It is all fair-game for the exam, after all.
  • 7 VII 77 VII 7 Member Posts: 26 ■□□□□□□□□□
    Just finished my notes for the 10 domains over 11 weeks. Time to study my notes for 3 weeks. Any suggestions before I start?
  • universalfrostuniversalfrost Member Posts: 247
    some good information from others here.

    One thing I would like to add, is that you might want to get alternate study material.

    I am currently studying for the cissp Dec17 test date and over past year i read the shon harris book 4 times cover to cover and did the carnegie mellon videos. I was doing fairly well on several practice tests, but not where I wanted to be. After discussing this with several co-workrers one mentioned the eric conrad book (not his 11th hour book, but the other one) and I gave it a shot. It is a much easier read (and shorter) than the shon harris book and I must say that it is very clear and concise with little filler. It allowed me to drastically increase my practice exam scores and I am feeling more confident going into the exam.

    from the other answers above I agree most with the idea of covering the answers and then formulating the answer in your head. remove the paper and see if it is amongst the options available.

    good luck on the test
    "Quando Omni Flunkus Moritati" (when all else fails play dead) -Red Green
  • 7 VII 77 VII 7 Member Posts: 26 ■□□□□□□□□□
    Just a heads up I took the test on Nov 13th in Reston, VA.

    Two weeks prior to my exams I took notes on the notes I already took of the items I did not know and was not comfortable with. 3 days before the exam I did 400 practice questions from CCCure website 50 per domain (I left out 2 Domains I know I did well on and understood.) Out of the 400 practice questions I scored 70% to 86% on their website. I used Medium difficulty. The ones I did get wrong I noted those items and studied those also.

    I think I did OK on the exam. With all the studying I was able to eliminate at least 2 of the 4 answers and go from there. If I pass I will be happy, if I fail I would not know what to do next since I studied the best way I could have. I believe EVERY question I had was "Select the MOST right answer" "Select the PRIMARY reason for..." "What is the BEST answer for...". I had 4 questions on SLE/ALO items.

    The waiting begins.
Sign In or Register to comment.