CISSP...is it really as hard as people make it out to be?

reppgoa

I mean, I get that its an advanced test, but I took a practice test using the labsim software. Same amount of questions, same time limit and I got a 96% and finished far before the time limit. I get that practice tests are different, but it cant be THAT different. I will admit that I am a test taker by nature, I have yet to fail a single cert exam and generally get higher than 85%. I am currently waiting for the CBT version to hit the US and plan to take my CISSP then. So let me know, is it really that hard or are some people just not test takers?

dmoore44

The big difference that I noticed between the practice exams and the actual exam were the number of scenario based questions that were asked. There were far more scenarios given on my actual test than I ever encountered on any practice exam.

But, then again, I only used Transcender for my practice tests...

vsecgod

nah it's ez pie. I'd just take it today if I had the option.

reppgoa

vsecgod wrote: »

nah it's ez pie. I'd just take it today if I had the option.

Wow, your argument is so compelling! Anything to back that statement up? What has led you to your conclusion?

vsecgod

lol I was just tr-o-ll - ing. hahaha.

There's a reason that there are threads in this forum about people failing and saying "OMG HARDEST EXAM EVARRR", but then again, since you claim you have never failed a technical exam yet and I see you've passed GSEC (which is pretty hard as well), I'd say you may be one of those people with an IQ over 150 or something and is above most of the regular joe blokes like me that you see floating around on these forums.

Let us know if your confidence pays off if you take it soon, then you can prove your a "special" guy haha.

Edit: the tr-o-l-l word got blocked...wonder why.

reppgoa

vsecgod wrote: »

lol I was just tr-o-ll - ing. hahaha.

There's a reason that there are threads in this forum about people failing and saying "OMG HARDEST EXAM EVARRR", but then again, since you claim you have never failed a technical exam yet and I see you've passed GSEC (which is pretty hard as well), I'd say you may be one of those people with an IQ over 150 or something and is above most of the regular joe blokes like me that you see floating around on these forums.

Let us know if your confidence pays off if you take it soon, then you can prove your a "special" guy haha.

Edit: the tr-o-l-l word got blocked...wonder why.

Please refer to my avatar =D

vsecgod

lol, I would say this though, labsim practice exams are a joke. If you really want a feel of ISC2 exams, I'd buy the official StudISCope packages since JDMurray, he said he proctored the review seminars or whatever and he claimed the test questions were pretty accurate in reflecting the actual exam.

I took labsim practice for CCNA and it came nowhere near the actual test for CCNA.

reppgoa

There we go, good info! Thank you sir

reppgoa

Just purchased the 300 question set. $279 USD, not bad. Thanks for the info sir.

vsecgod

No problem. Here is the thread where I posted questions about the SSCP questions from StudISCope: http://www.techexams.net/forums/isc-sscp-cissp/76985-studiscope-feedback-sscp-particular.html

I can tell you that with those, I got a 60% vs test questions from a another source, which I got a 87%. So with that, you can see the StudISCope is much harder.

I am planning on taking the CISSP so let me know if the same can be said of the CISSP test questions from StudISCope.

kalkan999

vsecgod wrote: »

No problem. Here is the thread where I posted questions about the SSCP questions from StudISCope: http://www.techexams.net/forums/isc-sscp-cissp/76985-studiscope-feedback-sscp-particular.html

I can tell you that with those, I got a 60% vs test questions from a another source, which I got a 87%. So with that, you can see the StudISCope is much harder.

I am planning on taking the CISSP so let me know if the same can be said of the CISSP test questions from StudISCope.

I bought, or my company bought and used the following:

- CCCure.org
- CBTNuggets.com, including the (3), 250 question exam transcenders (paid for by my company)
- InfoSec Week Long bootcamp, again paid for by company. helped me to understand the nature of the questions asked.
- StudyScope
- Shon Harris AIO transcender Fifth
- Carnegie <sp> Mellon University CISSP (circa 200, but still helpful video series, transcender and labs
- Flash Cards
- Years worth of chronic note-taking
- 10 years direct experience in Security (5 years DoD, 5 years Department of State), 15 in IT
- 1 Associates Degree
- 2 Bachelor's degrees (History and English) but I had to eat and make a living so I chose IT
- 1 Master's Degree (History)
- 13 Computer Security Certifications.
- Former Foreign Service (Diplomat) 5 years

And I still failed the CISSP twice. Took it December 2010, made mid 600's, and a second time I made a 695. Third time was the charm, but I had to take it via CBT in Costa Rica, as I DID not want to wait until June. I test well usually on other exams, but NOTHING compared to this test.
Not that it is an excuse, but IS a part of why I failed this test twice: BAD, BAD case of Dyslexia. I comprehend things in a different way than those of you who are not. I cannot accurately explain how I view and perceive the world differently, as trying to do so would be about as fruitful as a Teenage girl trying to convince me about joining TEAM EDWARD. Trust me, It makes taking Standardized Tests TOUGH!
How did the CBT help me? There was only ONE question at a time on the computer screen, and I could flag questions for review before I had my test graded...that's why I passed. I had time to go back and look at questions I flagged, and changed about 20-25 questions.

the_hutch

The course that I purchased allows me to resit the 4 day bootcamp as many times as I need, for just the one-time cost of $3899. So I'll have to keep paying for the test if I fail, but I'll have a solid last-minute review everytime. My first attempt is August 25th.

contentpros

Overall I don't think the test was that bad. Your background will make a big difference to how you perceive the difficulty of the exam. I'm an infosec guy. I deal with risk management, GRC, controls, best practices, etc. all day every day. Prior to taking the CISSP I already held a number of security certifications. That being said I didn't find the test all that difficult.

I also believe that there are 2 things that make this test difficult for most people. The test itself isn't bad but as it has been said many times the material is a mile wide and an inch deep. I think most people get so frustrated trying to remember all the details of obscure things like what is the gauge of wire and space of the mesh in a class 4 fence that the material becomes overwhelming. That old saying of a mile wide and inch deep should be a tip on how you approach studying the material. When you see a topic echoed in multiple domains that should be an easy reminder that this concept is going to be on the test. The second piece that I believe kills most is the testing experience. Most people spend months trying to cram every morsel of information right up to the few moments before the test. By the time the test comes around you are just burnt out. I know many people that will take the day off before the test and cram until the wee hours of the morning. So as a result you mind is going a mile a minute and you sleep like crap the night before the exam. Stop doing this! Pick a cutoff time mid-day and stop studying go get a massage and have a nice dinner. Watch some tv or do something that lets your brain shut off. Next is the registration process once you get to the test site. It's like being in a room full of nervous cattle ready to stampede which doesn't help you relax. Once you are given the start you're off and running people forget that this is a marathon not a sprint so pace yourself! have so munchies and water to keep you from running on empty. Get up and take a break every hour. Walk to the restroom, stretch, put some cold water on your face to refresh you. Your body will thank you later. The test can be physically and mentally exhausting allow yourself time to recover after the test. Most people feel defeated when they leave the testing center.

Once you have finished the test comes the the next of 2 phases of pure suck. Waiting for your results is never fun. (ISC)2 says 6-8 weeks forget about clicking the refresh button on your email, it won't do anything but make you crazy. When the results finally do come hopefully it will be a pleasant surprise and if not big deal you'll study some more and take the test again. When you do get that pass email next comes submitting the rest of your paperwork and endorsements. If you are lucky you will see a congratulations email in a few weeks... but there is always the chance that you might get the "you have been randomly selected for audit" email i.e. 2 more months before you are officially a CISSP. Then the next waiting game is for your certificate to arrive yeah you will be checking the mail every chance you get but at this point the wait is worth it.

A good study plan, testing plan, and testing habits can make this test go from OMFG to that wasn't so bad.

HTH
~CP

kalkan999

Contentpros,

I have daily access to crypto, network, access control, as well as Project Management, and LOADS of documentation and technical writing, so i do very well on those portions of the test (1-2 scores consistently). Unfortunately, many of today's Mid-Senior InfoSec jobs won't even consider you until or unless you already have the CISSP, and the bulk of the test really encompasses the two domains (IS/RG, BCP/DRP) that too-often eludes the rest of us
I agree with you, Contentpros in some regards, not in all. If I had to do it all over again, knowing what I know now, I would delve into ISO 27001-2, ITIL, and get some hands-on experience with the Initiation, Planning phases, and allow myself to be a part of writing and not just Implementing Policies and Procedures.

contentpros

@kalkan999 you are correct. I was sort of implying that when I mentioned the experience with GRC and best practices. I should have done a better job with how I worded that. Yes, I agree having an understanding or familiarity of ISO270001/2, ITIL, NIST 800 series and DR/BCP concepts would be beneficial for any candidate. I have mentioned in other posts but I think the SSI test book http://www.amazon.com/CISSP-Exam-Questions-Answers-Explanations/dp/0982576846/ref=sr_1_1?ie=UTF8&qid=1336082310&sr=8-1 questions were pretty close to what I encountered on the test and others from our review course were of similar opinion. You will find some incorrect answers in their practices tests but when you can pick them out it is a good indicator that you know your stuff. You may also want to check with your local ISSA or ISACA chapter to see if they are running any review courses or study groups.

HTH
~CP

symc

reppgoa wrote: »

I mean, I get that its an advanced test, but I took a practice test using the labsim software. Same amount of questions, same time limit and I got a 96% and finished far before the time limit. I get that practice tests are different, but it cant be THAT different. I will admit that I am a test taker by nature, I have yet to fail a single cert exam and generally get higher than 85%. I am currently waiting for the CBT version to hit the US and plan to take my CISSP then. So let me know, is it really that hard or are some people just not test takers?

Yes, its living hell! I would defo hold off until CBT's come in, the 6 week wait is worse than the exam

laughing_man

symc wrote: »

Yes, its living hell! I would defo hold off until CBT's come in, the 6 week wait is worse than the exam

Will the CBTs also have the 6 week waiting time until you get your score, or is it instantaneous?

Falasi

as far as I know, CBT has instant results..

kalkan999

CBT has instant results. I know, because I flew to San Jose, Costa Rica (where Pearson Vue has offered CISSP CBT's since January 2012) to take the test, and I passed. Make no mistake. The test is not any easier. However, now that I look back on the day I took the CBT, I DID find some comfort at various times during the test in knowing that I would not have to await the results and torture myself...Maybe it was a part of the reason why I passed.