GISP Pass & Practice
Just passed the GISP exam last Tuesday (91%) so I thought I'd post my comments and experience to see if it helps. My employer decided to pay for the SANS MGMT 414 OnDemand course for me this year so I decided to take it in preparation for the CISSP exam later this month.
Materials:
SANS Course books
SANS Mp3's
CISSP Study Guide by Conrad, Misenar and Feldman
Shon Harris All-in-one
CCCure.org
I began listening to the course MP3's at the end of July (while still preparing for the GCIA exam) during my 3 hour, round trip, daily commute. I listened to each at least once.
During down time at work and on weekends, I went through the online slides/lecture and used MS OneNote to make a pretty detailed outline/study guide. I wanted to try something new and not index and tab all ten of the SANS course books. My aim was to boil down all ten books into one condensed book that I'd print and take in with me to the exam.
After finishing a domain I would read the CISSP Study Guide chapter on the same domain, then log onto CCCure and take practice questions. Once I went through the ten domains I identified the ones I was the worst in and used the Shon Harris material to supplement. I think the Shon Harris book is a great resource but it is very wordy - particularly when you just want the meat of the subject and not humor. It might be a good idea to start off by reading it, then using other materials.
It took me about over a month to go through the slides and create the outline. After that I would routinely review my notes and continue listening to the lectures on the ride to work.
The exam itself was pretty much what I had been expecting - 250 questions up to five hours to complete. Some of the questions were obscurely worded - probably to simulate the CISSP exam (maybe?). I have to say that I really was tired of taking the exam by about question 200, so the last 50 were stressful. That is where I missed the majority of the questions. To be honest, I never believed all the hype about 'exam fatigue' while taking the CISSP, but I can believe it now.
I took all 10 SANS books and my notes into the exam and I never had to crack open one of the SANS books. My homemade notes came out to just over 110 pages and I was able to find just about everything I needed. Although I wish I had done better than a 91%, I will definitely take it if for no other reason than as a dry-run for the CISSP exam on the 29th.
I have one GISP practice exam available that is good through December 15 if anyone is interested. You must have a SANS portal account for me to be able to transfer it.
Materials:
SANS Course books
SANS Mp3's
CISSP Study Guide by Conrad, Misenar and Feldman
Shon Harris All-in-one
CCCure.org
I began listening to the course MP3's at the end of July (while still preparing for the GCIA exam) during my 3 hour, round trip, daily commute. I listened to each at least once.
During down time at work and on weekends, I went through the online slides/lecture and used MS OneNote to make a pretty detailed outline/study guide. I wanted to try something new and not index and tab all ten of the SANS course books. My aim was to boil down all ten books into one condensed book that I'd print and take in with me to the exam.
After finishing a domain I would read the CISSP Study Guide chapter on the same domain, then log onto CCCure and take practice questions. Once I went through the ten domains I identified the ones I was the worst in and used the Shon Harris material to supplement. I think the Shon Harris book is a great resource but it is very wordy - particularly when you just want the meat of the subject and not humor. It might be a good idea to start off by reading it, then using other materials.
It took me about over a month to go through the slides and create the outline. After that I would routinely review my notes and continue listening to the lectures on the ride to work.
The exam itself was pretty much what I had been expecting - 250 questions up to five hours to complete. Some of the questions were obscurely worded - probably to simulate the CISSP exam (maybe?). I have to say that I really was tired of taking the exam by about question 200, so the last 50 were stressful. That is where I missed the majority of the questions. To be honest, I never believed all the hype about 'exam fatigue' while taking the CISSP, but I can believe it now.
I took all 10 SANS books and my notes into the exam and I never had to crack open one of the SANS books. My homemade notes came out to just over 110 pages and I was able to find just about everything I needed. Although I wish I had done better than a 91%, I will definitely take it if for no other reason than as a dry-run for the CISSP exam on the 29th.
I have one GISP practice exam available that is good through December 15 if anyone is interested. You must have a SANS portal account for me to be able to transfer it.
0
Comments
The GIAC GISP isn't a cert we hear a lot about, so your review is very welcome.
And good luck on the CISSP! And yes, CISSP exam fatigue is very real, so you must learn to pace yourself and not try and finish the exam ASAP. You are not given extra points for finishing quickly, so take all the time you are given to give yourself an easier time.
--
LinkedIn: www.linkedin.com/in/jamesdmurray
Twitter: www.twitter.com/jdmurray
I will take the GISP practice exam if it is still available. Good luck on your CISSP!
I took the exam this past weekend in New Orleans and I have to say that although I found the SANS training extremely well done and useful, I don't think you can pass the exam based solely on the class material - not that anyone necessarily would.
At this point I have no idea how I did on the exam. I alternate between optimism and defeat about every hour or so and I'm sure there will be a long wait until I get the results. I can say that there was, or appeared to be a significant amount of information not touched on in the SANS course. Granted those could all have been 'research' questions not used in calculating the grade but there were still enough to make me glad that I used the other sources I mentioned in my previous posts.
Bottom line, I think SANS and Eric Cole put together a very informative course that is a great foundation for taking and passing the CISSP exam. Add in some NIST 800 series documents, CCCure.org, the ISC2 official books and experience and you should have it made.
I was not confident coming out of the exam and every passing day waiting for the results made me even less confident. But, I passed - no telling by how much....or how little.
Dr. Cole's course is definitely a good foundation to take on the CISSP. I definitely did not rely solely on that though - too much of my own $$ involved in the exam to put all my eggs in one basket. I would definitely recommend the course either at the start, or end of a CISSP study plan. Honestly, I'd do it at the start AND the end.
Thanks to everyone here for all the support and input.
Dover
Reworded; thanks for keeping things straight
"...Additionally, user may not sell, rent, lease, trade, or otherwise transfer the courseware in any way, shape, or form without the express written consent of the SANS Institute."
Lawyers are always thinking ahead.
Thanks for sharing your experience, Dover. I can simply echo what you have clearly stated - MGT414 is not enough for the CISSP, but it certainly provides a good foundation for you to build upon.
Great job!