My CISSP Journey

ipchainipchain Member Posts: 297
My CISSP journey began with me taking a semester off from my graduate studies to concentrate on the CISSP exam. Given the horror stories I had heard about the CISSP exam, I decided to give myself (4) full months of preparation. With that said, I thought I had plenty of time for the exam, so I decided to go for the WiFu course (OSWP certification) from Offensive-Security. I thought the WiFu course was short and sweet, so it would help get me fully motivated for the CISSP. Before I knew it, I had successfully completed OWSP challenge, so it was time to get back on the CISSP track.

Without any hesitation, I started reading the ‘CISSP All-in-One Exam Guide, Fifth Edition’ book by Shon Harris. Half-way through the book, I decided to give myself another break as the material was way too dry for my taste. This break consisted of me signing up for the Penetration Testing with BackTrack course (OSCP certification) from Offensive-Security. While I realized I wouldn’t have enough time to complete the OSCP challenge (certification exam), I thought I had plenty of time to play around in the labs and own a few hosts. Sure enough, for the next (30) days I played around and was also able to pivot to other networks, but my lab time ran out before I knew it. By this time, I had less than (2) months to fully prepare for the CISSP exam, so I knew it was time to get serious as I had already had too much fun.

Back to reality, and yes, that meant getting back on track and resuming my CISSP studies. I had to force myself to get through the entire AIO book, but I did it. By the time I was done with it I realized I needed to re-enforce some of the concepts from the previous chapters, so I decided to read the book once more and take notes. It took me a while, but I managed to create my own CISSP study guide, which was a little over 200 pages. Time flew and by the time I finished creating the study guide, the CISSP exam was around the corner. Luckily, I had done my homework and had requested to have the Friday before the exam day off; otherwise, I honestly don’t know if I would have made it. To my good fortune, my wife was able to get me (2) guest certificates for a nearby hotel, so I took off after work on Thursday and started reviewing late that night. If memory does not fail me, I was able to get through (2) chapters on Thursday, so I was in good shape going into Friday. Friday rolled around and I started reviewing the rest of the chapters. I was able to get through all of them except ‘Telecommunications’, which I felt was one of my strongest domains. I had trouble sleeping Friday night, and I ought to confess, I was a bit nervous about the exam.

Saturday morning arrived before I knew it, so I woke up (2) and ½ hours before the exam, got dressed, checked out of the hotel and headed to a nearby restaurant. To my surprise, there was a Dennys close by, so I decided to try it out and I am glad I did. Food was prepared in less than (5) minutes, and I was in and out of Dennys in about (20) minutes, more or less. The fact that I had not reviewed the ‘Telecommunications’ domain was bothering me quite a bit, so I headed to the testing center and sat in my car to review it. I opened the book, skimmed through a few pages and then it finally struck me – I shouldn’t be doing this at this time, so I closed the book went into the hotel.

Registration was over before I knew it, so it was showtime! I believe we had about (3) proctors and (1) supervisor, but I can be mistaken as I really didn’t care much about them. I started going through the first (20) questions and still remember thinking to myself...boy, this isn’t that bad, but little did I know I was about to take on a hell of a beating. To make the story short, I decided to do (50) questions at a time, but I found myself answering 25% of those the first time around and skipping the rest. About (2) and ½ hours had passed by then, so I thought I had plenty of time to go over the rest of the questions. My second pass consisted of me answering those unanswered questions and reviewing some of the previous questions I had placed some comments on. I believe I changed about 1-2 answers and by the time I was done with my second pass about (5) hours had already gone by. I still had gas in my tank, but I thought to myself that I had already tried my best and it was time to go home. I then closed the booklet, turned it in and signed myself out.

Walking out of that room was a unique experience. I felt as if I had taken a hell of a beating and all I had to do was get back up on my feet and start preparing for the next fight. I drove back to Miami and told my wife I had gotten ‘destroyed’, but I noticed in her eyes that deep down inside of her she didn’t believe me. I told my parents the same story so that no one close to me would get their hopes up. Part of me wanted to begin reviewing the material again, but another part of me was already burnt out so I didn’t do it. I told my co-workers at work the exam had been brutal and that I was going to prepare for the next attempt, but that I would also hope for the best at the same time.

Time went on and on and I sincerely lost count how many times I hit that refresh button on my iPhone. There were times I would start replaying questions in my head and I would actually think I didn’t do so bad…but that little bit of confidence was quickly shattered when I thought about some other questions.

In my case the wait ended on 12/22/2011, (33) days after the examination date. To my surprise, I had passed the CISSP exam although part of me refused to believe it - it just didn’t feel right and I felt like I didn’t deserve to have passed. This didn’t stop me from inviting one of my co-workers and my boss (who happens to be a Director) out to lunch. Unfortunately, they were a little busy that day, so we ended up going out on a different occasion.

What else can I possibly say…except this was the best Birthday / Christmas gift ever. I do not recommend the approach I took to anyone as I strongly believe people do need to take their time with this exam. Multiple sources / books must be used and one has GOT to be familiar with all domains. For preparation, I used the AIO, 5th Edition book by Shon Harris and I also had a paid subscription to cccure.org’s CISSP questions, but I didn’t get a chance to go over the majority of the questions.

Now on to the second part…the endorsement process. I already have an endorser in one of my co-workers, but I am also in no hurry to get in as the hardest part is already over with. I plan on getting everything ready by next month, so we’ll see what happens then.

Thanks to everyone who took the exam before me and took time out of their busy schedules to share their experience – it is indeed greatly appreciated. Thanks to TE for continuing to provide the means so we can all learn from one another!
Every day hurts, the last one kills.

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Congrats on the pass and thanks for the review.
  • JDMurrayJDMurray Admin Posts: 13,092 Admin
    Yes, congratulations and well done! icon_sunny.gif
  • TeKniquesTeKniques Member Posts: 1,262 ■■■■□□□□□□
    Congratulations on the pass. Thanks for the excellent review.
  • rogue2shadowrogue2shadow Member Posts: 1,501 ■■■■■■■■□□
    Congrats man! Well earned :)
  • doverdover Member Posts: 184 ■■■■□□□□□□
    ipchain,

    Excellent pass and a story way too close to my own heart! My story is almost identical to yours - after leaving the exam I was already thinking about where I could re-take the test. My endorsement process took exactly 3 weeks and 6 days, but you are right, the hard part is done, so sit back and enjoy the payoff of months of hard work - for a little while at least.

    I don't know how you got through the entire AIO book; you're a better man than I. It really is full of useful information but I just couldn't make it cover to cover with the bad jokes and all. I used it as supplemental material for my worst domains but used the Official ISC2 prep book, and Conrad's CISSP Study Guide mostly.

    Great job, and great story. So whats next?

    Chris
  • skvskv Member Posts: 41 ■■□□□□□□□□
    Congrats ipchain!
  • ipchainipchain Member Posts: 297
    Thanks for the comments guys. I have just submitted the paperwork (endorsement) and have received confirmation from ISC2. Not really too concerned what happens from here on, so I will just focus on the task at hand: OSCP.

    @dover - I am currently resuming my studies for the OSCP course, which I started last year. I'd like to get OSCP with and at least start OSCE this year. If time permits I might even attempt to take GWAPT or the new SANS 660: Advanced Penetration Testing course.
    Every day hurts, the last one kills.
Sign In or Register to comment.