Here's how to pass the CISSP!

Took the CISSP today and need to share my experience.

Background: Ive worked for a large global corporation (over 30000 global employees) for over 10 years as a Window System Admin and IT Security Professional. So - I have plenty of experience in a large enterprise organization... For reference...I took this exam with over a dozen individuals from my company. I was definitely very prepared....

Material for Study:
Harris - AIO 5th edition. Went through 3 times.
ISC OIG v2 - Went through twice
ISC Review Seminar (company paid)
ISC Student Handbook from Seminar - went through twice
4000+ Review Questions from AIO, OIG, cccure.org, and other random sites
a few NIST documents

Got to the point where most of this stuff was committed to memory... Close to 200 hours of study including the seminar. Done all over 2 1/2 months. I'll let you do the math - but it was pretty intense study. Took a practice test of 125 questions the week before in the seminar from retired questions and got 80%. Went through it quick - and thought the results were ok. Spent the entire 6 days before the exam 10 hours a day cramming for this thing...

And the test... was... brutal.

I did the best I could possible to prepare for this thing...and these questions are intense! Anyone who says this is 1" deep is crazy.

Some of the detail of these questions is unbelievable... I received a few questions and terms for things I had never seen. You'd think with the ISC guide and an instructor from ISC - you'd see it before the exam...hopefully just research questions.

Its tough to go in to detail right now of what was covered and what wasn't. I'll go in to more detail if anyone asks... Nothing specific obviously... but at least area wide. A couple of things like Legal - barely there. Cryptography - know the major algorithms and what they are best for...that kind of thing. I received very few - 'definition' questions. A couple of times I got on a roll with 7-10 questions and was super relieved... A couple questions I would stare at for 2-3 minutes trying to determine exactly what was being asked.

Took me 4 hours and 10 minutes...didn't go back through, because I made very sure I rationalized the question and answer the first time through. Was very close to being tricked and tripped up the first time through though on some of the questions. READ ALL THE ANSWERS!!!

Overall - I left feeling good. I will be surprised if I don't pass... but this was extremely brutal and not passing is very possible.

Advice for taking the CISSP.
Either the ISC OIG or AIO v5 will work for you. I preferred Shon Harris AIO... yes its longer and yes the humor is extremely annoying... but it is an easier read and I understood the material better, more examples on applying the material as well. The ISC OIG v2 is good, more to the point... but I would go AIO v5 and get the boxed set - close to 2000 questions...

Advice on Practice Exams
Memorizing some of this stuff is beneficial... you will obviously not get identical questions on the exam...that isn't the point. But you have to know how to apply this stuff and repetitively committing it to memory does help. I paid $40 for cccure questions... about 2000 of them. Not sure if it was worth the money... although I can say it may have gotten me 1 or 2 on the exam. The Shon Harris questions from the boxed set were just as helpful.

Advice on the test itself
I committed a page of material to memory and wrote it down when the test started. OSI/TCP layer and the apps - all the crypto algorithms - the steps for bia, incident handling, cmm, tcsec, common critera, sdlc, private ip's, and ip ranges. It was a lot of material. Like I said, I had all this committed to memory in detail... I needed it once. Got 3 questions on osi/tcp layer I think.

From the 250 questions... I remembered maybe 10 to come home and look up!!!

70% of the exam is thinking from the Mgmt Level - 30% are technical answers. It is tough to think from a high level when you are under pressure, stressed, and are trying to drill down to find a correct answer. Take a deep breath and examine WHAT specifically the question is asking. There could be 2 answers that could work... one answer could reference a solution for availability and another address an integrity answer... If the question asks about data consistency... the integrity answer should be correct. Keep the AIC triad in mind when looking at questions and answers... No way this thing is 1" deep however... I received quite a few detailed questions where you would have to know the technology etc... in depth to be able to rationalize a correct answer.

By far the most intense test I have ever taken...

Any questions - ask. Ill give you as much information as ethically possible.

Find more posts tagged with

Comments

Iristheangel

Your story sounds very similar to mine. I just took mine today as well, scored 80% on the 125 practice exam, and did the bootcamp as well. Did you test in San Francisco as well? Fingers crossed for you

_someguy_

clones2 wrote: »

Took the CISSP today and need to share my experience.

70% of the exam is thinking from the Mgmt Level - 30% are technical answers. It is tough to think from a high level when you are under pressure, stressed, and are trying to drill down to find a correct answer. Take a deep breath and examine WHAT specifically the question is asking. There could be 2 answers that could work... one answer could reference a solution for availability and another address an integrity answer... If the question asks about data consistency... the integrity answer should be correct. Keep the AIC triad in mind when looking at questions and answers... No way this thing is 1" deep however... I received quite a few detailed questions where you would have to know the technology etc... in depth to be able to rationalize a correct answer.
By far the most intense test I have ever taken...
Any questions - ask. Ill give you as much information as ethically possible.

Thanks Clones2. Wishing you the best on your results!
Your story is motivating, inspiring, and making me nervous... I am scheduled to take the test on 5/20.

I've seen a number of people comment on how the exam is more Management oriented and less technical. Could you elaborate? Do you mean the topics seemed to weight toward the more managerial domains, i.e., Risk Management, Governance, Continuity, Operations, etc.? Would you say that the questions are technical in nature but simply phrased with more of a managerial slant? or something else... And with this in mind would you have done anything different to prepare for the managerial type questions?

I've been studying the Shon Harris AIO 5th Edition, CISSP for Dummies 3rd, and Sybex CISSP Study Guide 4th Edition by Stewart, Tittle, Chapple. I took a Global Knowledge prep class 2 weeks ago.
I have worked through over 1000 practice questions so far I'm using (Transcender, Shon Harris AIO DVD questions, Exam Cram Second Edition Practice Questions)..
I feel like I've covered alot of material and have a pretty good grasp of it so far, and I still have some time available for final studying and prep (8 days).
Everytime I read the reports on this message board though, I get worried I may be focusing on the wrong material or wasting cycles going down rat-holes studying minutae of topics that may not even appear on the exam, or worse, that I only know it 1/2 inch deep as opposed to the proverbial 1 inch.

Your original post has a lot of good advice that I will take in to my game-plan, if you have any other general pointers, be glad to hear them.

Thanks so much for any replies. Best of luck on your results!

clones2

"Would you say that the questions are technical in nature but simply phrased with more of a managerial slant?"

I think that is a good way to put it... Also - I personally I say its "managerial" because I think a lot of questions relate to responding to events or are scenario based. I remember getting fairly technical scenarios...and then trying to pick the best managerial or process based answer...but needing to know the technical aspects of the question...

I remember being done with the exam and feeling like there is absolutely nothing else I could have done to learn from the books etc... There will be some straight definition questions which does help.

Here are a couple things I think can help for the exam
1) Expect to get questions about responding to events... could be anything. Could be responding to a disaster, a security breach, a legal issue with an employee... and then know the incident handling steps and you'll have to choose the best answer on how to proceed....
2) Expect to get questions where they give you a lot of extra information that is not needed to answer the question.

After about the 50th question...when I would get a detailed or lengthy question... I started reading the question first. It helped a lot.

The test really does make you APPLY knowledge to answer questions...

kalkan999

Agree with Clone2. Go into the test prepared to answer an RM (BRP/DRP, etc.) question as I did: Are they looking for an executive officer, a senior manager, a CIO, an IT Manager, a Security Manager, a Network Engineer, or a COMSEC custodian to answer this question?' Answering to yourself whether the action to the question (does this fall under Policy, Procedure, Standard or Guideline) will often answer WHO they want you to be when you answer the question.
You hear it often on here from previous test-takers, but not often enough. This is a Scenario Based Test, so you are expected to answer the question based on who they expect you to be within any given scenario. This is the single BIGGEST reason it takes months and months of preparation, and years of experience to take this test. ISC2 likes to take into consideration you should be a master of at least 2 of the domains, so they will paint a picture and tell a story that brings together IS/Risk Governance and Networking into the same question.
Other studying techniques that we all used for other certs does help (excluding brain **** sites. Don't waste your time or money because it won't help for this test). Mnemonics, Acronyms, word/number associations, etc, all come in handy when and if your brain shuts down at some point during the test.
ISC2 is relentless with their scenario based questions.

tpatt100

If I was to take this test now rather than a few years ago I would have knocked it out of the park. I do auditing, policy work now but was mostly technical back when I took it. Back then management related stuff I was like "blah blah zzzzzz" now I understand it way more.

lifecomm

clones2 wrote: »

The test really does make you APPLY knowledge to answer questions...

Excellent advice. I always say: know the material. Here’s an analogy:

The reading goes on and on about what it is like at night. The wind doesn’t usually blow after midnight, it’s quietest at 3 am, it rains generally before midnight, most crime takes place from 1-4 am and it is darkest before dawn.

Question: when should you change the film in your camera? 11 pm, 1 am, 3 am, 5 am or 8 am?

What? Who ever talked about cameras? The exam requires you to take the material and apply it – to questions or situations that you’ve never thought about.

Know the material.

kalkan999

lifecomm wrote: »

Excellent advice. I always say: know the material. Here’s an analogy:

The reading goes on and on about what it is like at night. The wind doesn’t usually blow after midnight, it’s quietest at 3 am, it rains generally before midnight, most crime takes place from 1-4 am and it is darkest before dawn.

Question: when should you change the film in your camera? 11 pm, 1 am, 3 am, 5 am or 8 am?

What? Who ever talked about cameras? The exam requires you to take the material and apply it – to questions or situations that you’ve never thought about.

Know the material.

Possible Answers:

A. 11pm if it's 1992. You'll know if you're there, as marquis at movie theaters are promoting Encino man and Terminator 2
B. None of the above because it's 2012 and you are still using film or tapes, then your company's insurance agent will first laugh at you, and then tell you they don't cover an Exposure Factor (EF) of 100%
C. The time that the film replaced should be relative not so much to the time of day alone, but to the temperature relative to the times when temperature is above 10C and below 40C. So, if you are in Wilhemschavenhochzeitgitsmellerdamenperfumen, Deutschland, on June 30th (the one day of summer) then the answer is 8am
D. All of the above, and then you should be terminated by Arnold Schwarzenegger like it's 1992 all over again.

swild

lifecomm wrote: »

Excellent advice. I always say: know the material. Here’s an analogy:

The reading goes on and on about what it is like at night. The wind doesn’t usually blow after midnight, it’s quietest at 3 am, it rains generally before midnight, most crime takes place from 1-4 am and it is darkest before dawn.

Question: when should you change the film in your camera? 11 pm, 1 am, 3 am, 5 am or 8 am?

What? Who ever talked about cameras? The exam requires you to take the material and apply it – to questions or situations that you’ve never thought about.

Know the material.

This is hilarious. Yes that is exactly what some of the questions are like. 90% of the time, you can skip the scenario and answer the question. I started doing that about halfway through and sometimes after reading the scenario the question was more confusing. But if you take the scenario out, the question is very straightforward.

When I did my practice test, I would always miss the questions when I changed my answer from my first instinctive response. When I took the actual test, I never looked back at questions. When I was finished, I just made sure I had bubbles filled in for all the questions.

I'm interested to hear how you and all of your coworkers do with all of that training.

clones2

kalkan999 wrote: »

Possible Answers:

A. 11pm if it's 1992. You'll know if you're there, as marquis at movie theaters are promoting Encino man and Terminator 2
B. None of the above because it's 2012 and you are still using film or tapes, then your company's insurance agent will first laugh at you, and then tell you they don't cover an Exposure Factor (EF) of 100%
C. The time that the film replaced should be relative not so much to the time of day alone, but to the temperature relative to the times when temperature is above 10C and below 40C. So, if you are in Wilhemschavenhochzeitgitsmellerdamenperfumen, Deutschland, on June 30th (the one day of summer) then the answer is 8am
D. All of the above, and then you should be terminated by Arnold Schwarzenegger like it's 1992 all over again.

Haha!!! That is hilarious.... only because its TRUE!

This question and answer are structured just like the exam. Knowing stuff like this would have helped the most before taking it... Still in suspense waiting for results...

kalkan999

And good luck on your results. Has anyone heard from Spicy Ahi?

Inno99

I took the cissp Exam in New Jersey April 21. There is nothing in this world that will make me believe i will pass this exam but i just got my result today and i passed !

I was about scheduling for another exam when i got the result.

Don't give up !

clones2

Results in on monday - Passed!

nomadically

Congrats to both of you!

Lob

Let me throw my experience into the ring to try to add to this.

My study was a course 18 months before my test (the slides were excellent), Shon Harris' book, a CISSP Exam Prep book and the Boson prep exams.

In the weeks up to the exam, I was doing the tests and realised one BIG thing - that if I read the question PROPERLY, I usually got the answer right. I did have a big issue with skimming the question though and decided to do the following:

Exam: Circle the key wording in the question

For the questions I continued to get wrong, I made PDFs and revised on my train journey.

Acronyms.....at the last minute, I built acronyms for the ISO models and other things. ARO, SLE, ALE - get that clear in your head. Cyphers - block and stream, get those clear, get the strengths right. And do remember that there is more to certain domains in the test than others.

On the night before, I went through every single slide of my course (it was 5 days long, I did it in 4 hours). This got me at least 2 correct answers on top of what I would have got without it.

The Exam: As well as circling the key text in the question, I answered on the question sheet as well as answer sheet and put a percentage of how certain I was as to my answer. Highlighting those to revisit was something I also did.

First pass was complete in 2 hours 50. I went through every question again and then reviewed my flagged questions - another 2 hours. I was the first one out of the exam.

One thing to note is that those taking dictionaries into the test - be careful that the dictionary is not one that will give you a bias. "Learning" dictionaries were taken off people - given I did my test in Monza, Italy, I was one of only two native English speakers and I bet that was hard for the guys who lost their dictionaries.

For what it's worth, I did the exam on 9th June and got my result on 12th July - two days short of 5 weeks.

Good luck!

!nf0s3cure

As I said in a different thred, in a PBT you can circle and scribble and do lot else, but how do you do any such thing on CBT? I am a bit old school as well and still prefer PBT to CBT.

My first pass was 4.5 hours, but I took the time to read every question and the administrators were looking at me, like is this guy talking to someone else? But it paid to read the questions again and again. I would put a large hash sign against the not sure question and that will help me flick back to it.

But read the question again and again should be the suggestion no.1 for this exam. You just cannot afford to not to do that. So do not worry about the time to first pass as long as it is covering the time vs no. of question, then you are on a good standing.

So I concur with a lot of what you have said. Mind you I am preparing to sit again as I do not think I did too well. So I better remember it for next time myself. I should have found this forum and others a year ago at least! But better late than never!

Lob

Heck, I wrote on everything I could - even down to the post-it note with my desk number (that was my final checklist of questions I had to review).

Maybe someone who did the CBT can chime in and state if you get questions on paper or just computer and if there is notepaper given out. I'd assume there is....

!nf0s3cure

Yes, I too am hoping that they will provide some paper for rough work.

Plus I am not sure how they will manage the feedback forms. I used 3 as I just thought I had to mention something about some questions there.

beads

Consider doing your own personal Visio network diagram comparing TCP/IP, OSI and logical and physical devices all on one page, i.e a fifth generation firewall goes here while a switch goes here, etc. I actually found that diagram incredibly helpful with telecom.

- beads

cyberguypr

Those who have taken the CBT may correct me if I'm wrong but AFAIK all you get is two dry-eraser boards along with the eraser and a couple of markers.

beads

Depends on the testing facility but that's pretty standard for any Prometric H.O.S.T. testing center.

- beads