GISP Pass & Practice

dover

Just passed the GISP exam last Tuesday (91%) so I thought I'd post my comments and experience to see if it helps. My employer decided to pay for the SANS MGMT 414 OnDemand course for me this year so I decided to take it in preparation for the CISSP exam later this month.

Materials:
SANS Course books
SANS Mp3's
CISSP Study Guide by Conrad, Misenar and Feldman
Shon Harris All-in-one
CCCure.org

I began listening to the course MP3's at the end of July (while still preparing for the GCIA exam) during my 3 hour, round trip, daily commute. I listened to each at least once.

During down time at work and on weekends, I went through the online slides/lecture and used MS OneNote to make a pretty detailed outline/study guide. I wanted to try something new and not index and tab all ten of the SANS course books. My aim was to boil down all ten books into one condensed book that I'd print and take in with me to the exam.

After finishing a domain I would read the CISSP Study Guide chapter on the same domain, then log onto CCCure and take practice questions. Once I went through the ten domains I identified the ones I was the worst in and used the Shon Harris material to supplement. I think the Shon Harris book is a great resource but it is very wordy - particularly when you just want the meat of the subject and not humor. It might be a good idea to start off by reading it, then using other materials.

It took me about over a month to go through the slides and create the outline. After that I would routinely review my notes and continue listening to the lectures on the ride to work.

The exam itself was pretty much what I had been expecting - 250 questions up to five hours to complete. Some of the questions were obscurely worded - probably to simulate the CISSP exam (maybe?). I have to say that I really was tired of taking the exam by about question 200, so the last 50 were stressful. That is where I missed the majority of the questions. To be honest, I never believed all the hype about 'exam fatigue' while taking the CISSP, but I can believe it now.

I took all 10 SANS books and my notes into the exam and I never had to crack open one of the SANS books. My homemade notes came out to just over 110 pages and I was able to find just about everything I needed. Although I wish I had done better than a 91%, I will definitely take it if for no other reason than as a dry-run for the CISSP exam on the 29th.

I have one GISP practice exam available that is good through December 15 if anyone is interested. You must have a SANS portal account for me to be able to transfer it.

JDMurray

Congratulations on passing the GISP exam!

The GIAC GISP isn't a cert we hear a lot about, so your review is very welcome.

And good luck on the CISSP! And yes, CISSP exam fatigue is very real, so you must learn to pace yourself and not try and finish the exam ASAP. You are not given extra points for finishing quickly, so take all the time you are given to give yourself an easier time.

ipchain

Congrats on the pass dover, great job!

I will take the GISP practice exam if it is still available. Good luck on your CISSP!

dover

Just thought I'd come back and post an update on the SANS MGMT 414 training class - post CISSP exam.

I took the exam this past weekend in New Orleans and I have to say that although I found the SANS training extremely well done and useful, I don't think you can pass the exam based solely on the class material - not that anyone necessarily would.

At this point I have no idea how I did on the exam. I alternate between optimism and defeat about every hour or so and I'm sure there will be a long wait until I get the results. I can say that there was, or appeared to be a significant amount of information not touched on in the SANS course. Granted those could all have been 'research' questions not used in calculating the grade but there were still enough to make me glad that I used the other sources I mentioned in my previous posts.

Bottom line, I think SANS and Eric Cole put together a very informative course that is a great foundation for taking and passing the CISSP exam. Add in some NIST 800 series documents, CCCure.org, the ISC2 official books and experience and you should have it made.

dover

I know it is not technically SANS oriented but since I used the SANS 414 class as prep material I thought I'd come back and tell everyone I passed the CISSP exam.

I was not confident coming out of the exam and every passing day waiting for the results made me even less confident. But, I passed - no telling by how much....or how little.

Dr. Cole's course is definitely a good foundation to take on the CISSP. I definitely did not rely solely on that though - too much of my own $$ involved in the exam to put all my eggs in one basket. I would definitely recommend the course either at the start, or end of a CISSP study plan. Honestly, I'd do it at the start AND the end.

Thanks to everyone here for all the support and input.

Dover

colemic

Congrats on the pass!

phatsacks

Dover - I can't PM you, since I guess neither of us have enough posts. If you are thinking about getting rid of your SANS books, then please e-mail me via phatsacks @ gmail.com

docrice

Unfortunately, SANS training materials can't be legally resold without permission from SANS (which effectively means they can't be resold). This is actually stated on the first page of every SANS book.

phatsacks

docrice wrote: »

Unfortunately, SANS training materials can't be legally resold without permission from SANS (which effectively means they can't be resold). This is actually stated on the first page of every SANS book.

Reworded; thanks for keeping things straight

docrice

I think SANS has that covered as well. The exact words from the book:

"...Additionally, user may not sell, rent, lease, trade, or otherwise transfer the courseware in any way, shape, or form without the express written consent of the SANS Institute."

Lawyers are always thinking ahead.

colemic

It always irks me when this comes up because it is a naked grab for more money. If I buy a book, dammit, I can do with it whatever I want, and I can give it/sell/it/donate to whomever I want! (Or should be able to, at least.)

ipchain

dover wrote: »

I know it is not technically SANS oriented but since I used the SANS 414 class as prep material I thought I'd come back and tell everyone I passed the CISSP exam.

I was not confident coming out of the exam and every passing day waiting for the results made me even less confident. But, I passed - no telling by how much....or how little.

Dr. Cole's course is definitely a good foundation to take on the CISSP. I definitely did not rely solely on that though - too much of my own $$ involved in the exam to put all my eggs in one basket. I would definitely recommend the course either at the start, or end of a CISSP study plan. Honestly, I'd do it at the start AND the end.

Thanks to everyone here for all the support and input.

Dover

Thanks for sharing your experience, Dover. I can simply echo what you have clearly stated - MGT414 is not enough for the CISSP, but it certainly provides a good foundation for you to build upon.

Great job!