22 Y/O Associate of ISC(2) ;)

Hey All. I started and posted in the "Just tried to Ask (ISC)2 about 5/20 Seattle CISSP Exam Results" thread and just wanted to mention that I passed (first time)!!!!!!

So in the spirit of Celebration and knowledge sharing I wanted to post some helpful information.

-Yes I put age in there because, at 22, obviously I was one of the youngest folks in the room by a wide margin. The test proctor looked specifically at me when he mentioned that "some folks are in here to only remember the test questions" although that might have been since I was so attentive. Anyway, point is, if you're younger don't let the stature of the cert get in your way.

Resources used in order of importance:
-Official (ISC)2 Review Seminar Student Handbook v10 - 100% No Nonsense goodness <- Know these contents and you will probably pass.
-Freepracticetests.org Paid subscription - 55%
-Shon Harris, Career Academy DVD Set - 50%
-Various Community Provided CCCure Community provided Study Guides - 30%
-Eric Conrad , CISSP Study Guide - 25%
-Shon Harris, AIG v5 - 5%

Study Plan:
3 1/2 months with plenty of distraction (Work, School, Getting engaged). First I went through and made a mind map of certain domains using xmind, then I went through and made flash cards YES FLASH CARDS FOR EVERY SINGLE TOPIC, EVERY SINGLE TERM both IN WRITING and using Mental Case for iOS and Mac. I studied daily for about 4 hours then on the weekend for 10 hours each day. I did skip a week or two though.

Tips: For all the techie terms know all the techie stuff. I will save you alot of agony that I had to go though. YES, you will be expected to remember key sizes and port numbers. I.E the difference between ciphers etc.
For the non technical/management parts ok these are extremely tricky. This is why the official review seminar handbook reins supreme in my opinion. I'll take what I wrote in a different thread:

For instance you will get questions where at the surface of the question ALL or 3/4 answers will seem right. You have to be focused and diligent enough to extract that critical detail which will put you on the right path: BEFORE, AFTER, LEAST, MOST, if COST is a factor, if TIME is a factor, BEST given X, BEST given Y, BEST given XY, BEST given XZ but DEFINITELY excluding Y, stuff like this. The smoking gun won't always be readily apparent. A question may have a set of elements that EXCLUDES all but one answer but if it's the last question on the test and you're already at the 5:50 mark, you might not be able to remember which one doesn't exactly fit the mold.

Personal Experience: Working for about 6 years in IT with DoD, 2 public school systems, a large software company (not google or microsoft), and SMB IT, somewhat limited security experience; it was never my primary focus but is interesting (Hence my associate status). Working with technologies such as but not limited to: VPN, Win Server 2003 & 2008 (GP, NPS (radius)), Mac OS X Client/Server, ESX, Desktop virtualization, Zyxel, SQL Server, Oracle DB, M$ Exchange, M$ Forefront, M$ SMS , Cisco WLC + Aironet, Cisco SMB Switches, Cisco ASA, Retrospect, BMC Remedy, Centrify, etc
Actual work experience wrt domains = Choosing and deploying wan + lan technologies, evaluating physical security, security architecture design, evaluating and implementing disaster recovery. Alot of these were a one off projects but I used the information learned to map what was going on in the real world.

Greets/Thanks for providing information/inspiration/motivations/lulz in some way/shape/form: iristheangel, JDMurray, kalkan999 , spicy ahi, Richard Rieben . The stuff that Richard Rieben is pure gold and I had the opportunity to speak with him a few times. READ HIS BLOG.

Find more posts tagged with

Comments

Iristheangel

Congratulations on the pass! I enjoyed the official seminar handbook as well.

emerald_octane

Thank you!
And for those who think they will nonchalantly walk into the test and walk away victorious, I urge you to be prepared; many of these contents came in handy when it came down to the wire:

cissp.jpg

Iristheangel

Hahahahahahahahaaa... That's amazing that they let you keep that much at the test. They wouldn't let me keep my tissue when I was taking the exam and they took away my drink because it wasn't a clear liquid. I ended up having to go to the front of the room every time I had to blow my nose and since I was nursing a head cold when I took the exam, it was a little weird to have 30 people staring at me blowing my nose. (Sorry if that's TMI)

emerald_octane

Oh they didn't

. Everything at the back. They didn't let us have anything except ear plugs (our own or ISC2 provided), ISC2's legendary green and gold pencils, a watch, and after very intense inspection, an eraser . I brought mechanicals but I didn't need them. Some folks were thoroughly upset with the test proctor for this, like it was his fault or something!

YuckTheFankees

Congrats, that's an awesome accomplishment. I have thought about going down the same route but I'm still up on the fence about it.

Iristheangel

Someone actually threw a little fit because she was asked to put her phone and luggage in the front of the room before starting the test. I LOLed.

kalkan999

MAZELTOV, EMERALD! WOW, and 22 no less!

spicy ahi

Congrats Emerald! The Ensure was a good one; I didn't think of bringing that. My little lunch tote had two Diet Dews, a couple of various power bars, and I think there was a sandwich in there as well. The slim jim would have been a celebratory thing for me, if there wasn't a sushi bar right down the street from the test center. I had a whole lotta spicy tunas that afternoon!

CloudKill9

Congratulations!

Just curious..

"Personal Experience: Working for about 6 years in IT with DoD.."

How?

emerald_octane

Thanks for the congrats all.

CloudKill9 wrote: »

How?

Good question. I didn't do IT exclusively with the DoD though I realize now that it could be interpreted that way (My bad). Basically I worked at one of the commissaries on base from 16-17 however my supervisor knew that I was one of those super techy types, so I was called on numerous times by the store manager for a few projects to provide insights on how certain technology projects might impact the end users, assisted with implementation on a couple of projects and provided detailed feedback on the operation of newly implemented hardware. Yes even though this is a grocery store there was alot of stuff going on.
So I was able to shadow efforts for: RFID based price tag deployment, PCI-DSS compliant networking, MAN/WAN troubleshooting, Disaster Recovery and Business Continuity in case of base shutdown/terrorist attack/power outage etc etc.

And had a hand in: -Troubleshooting wireless connectivity between handheld scanners and/or cash registers within the store's warehouse and parking lot areas (NCR, Cisco, symbol).
-Implementing IBM Self Checkout Stations (i.e. training cashiers on using the handheld components, advanced functionality, general performance review and testing performance during unplanned shutdowns)
-Physical security ($$$ handling)
-Inventory Management (boring). etc

I met alot of great folks at that store especially those who were willing to talk while I soaked it up like a sponge or the ones who gave me a chance to work on various projects.