CISSP Pass Rate

the_hutch

So sitting in my ISC2 official CISSP bootcamp. I've heard a lot of discussion about pass rate disclosure for CISSP and it seems like its a large area of dispute. Based on what our ISC2 instructor has told us, they do regulate the test at 70% passage. That is to say that they drop questions from the exam to ensure that that is the consistent pass rate. This is a serious area of concern for me. Because it means that your success on the exam is relative to the success of other ISC2 candidates. With ISC2 being integrated into the DODs 8570 initiative, I think this will seriously compromise the value of this cert. Because you have a bunch of retards (no offense to DOD personnel specifically, just in general...since I work for the DOD) taking the exam that are going to seriously lower the bar. Any thoughts?

Iristheangel

I'm curious who your instructor is because that's word-for-word what my instructor said and I'm curious if they're just given the same material to recite or if you have the same instructor.

I'm not too worried about it. The CISSP is an expensive exam (relatively) that takes a lot of preparation and experience to usually pass. I'm sure there are a few idiots out there that try to take it with 0 experience and 0 study time but due to the other factors (large amount of topics covered, experience requirements, test reputation, cost, etc), I would say that the grand majority that attempt it are well prepared and work very hard before putting their pencil to the paper. In short, no. I'm not worried at all.

swild

I do think that they do this to a degree, on the paper exams. Since you get your score at the end of the CBT, they have implemented a different scheme for that version.

No matter what, there has to be a reasonable standard that is set by the board of directors. All in all, the testing data should be consistent and when odd groups of outliers popup, they will be looked into more closely.

With the CBT, they would just have to continuously review testing data and reword or throw out questions that are deemed too easy or too hard. There is a reason why we all pay $85 a year in maintenance fees: we want our hard earned certifications to keep their value. This continual review is how that happens.

the_hutch

Katherine, I actually have a male instructor and I'm pretty sure you said your was a female instructor (I think his last name is Dow). You make a good point though, I'm unsure how many times the DOD will be willing to pay for a person to retake course and test at the costs that they go for.

the_hutch

swild...I didn't even consider the CBT, but you're right. I think the CBT gives you instant results, which would completely stop this practice. The course I'm taking includes a voucher for the last PBT that they are going to administer here at this location for CISSP

Iristheangel

Good luck at your bootcamp. Your brain is going to hurt by the end of the week but you should be able to nail this exam. Are you taking the test on Saturday or Sunday?

the_hutch

Thanks. Taking it on Saturday. The only area I'm even a little concerned about is system architecture and design. But it seems like that's the area that my instructor has most of his work experience in (he was on the original team that built Secure Solaris for Sun Microsystems and did system certification and accreditation for the NSA)...so I think I'm in pretty good hands here.

Iristheangel

You're going to pass. I have no doubt. I can't wait to hear all about your experience

the_hutch

I think I will too. But I'm not going to get over-stressed about it. If I don't, I'm fully prepared to take it as many times as I need to. It seems like I'm one of the only people in here who falls more on the technical side than the management side. Not to mention, I'm pretty sure I'm about 10 years younger than the next oldest person in here.

bigdogz

hutch,
If you are going to the bootcamp you may want to work with some of your peers and instructor after each day of class. There may be others that could explain the concepts to you. It helped me.

Good Luck!!!

the_hutch

They actually have a two hour optional study time in the evenings. I plan to attend each.

tpatt100

I went to a boot camp and failed the first time I took it. From the people I kept in touch with it seemed the "auditor-manager-Project manager" types passed and techies failed. Of course this is a higher level management exam and I went in there thinking I was super awesome IT guy and they might as well have handed me the test in Latin for some of the questions. That was several years ago and if I was to take the test now I would have a much easier time with it.

TheGuy

Good Luck, Hutch.

I'm scheduled to take the CBT version on Sept. 4th, and I'm starting to feel the nervousness now that it's two weeks away.

Iristheangel

I agree with Tpatt. Being less technical almost helps you. My instructor said something very applicable on the first day: "Check reality at the door. The CISSP isn't about the way you'd necessarily do things in the real world. It's about the best practices and the way that ISC2 wants you to answer the questions." A lot of those questions are from a management perspective, not a technical perspective. The guys in my training class that failed were mostly hard-core techies. I think overthinking the questions or thinking about what you would do in YOUR work situation is an easy pitfall to fall into during the exam. You have to almost remove yourself from your technical expertise and answer the questions from the mindset of ISC2's version of a security management

the_hutch

Good advice. Thanks for the suggestions. I will definitely keep in mind.

Jinuyr

Iristheangel wrote: »

I agree with Tpatt. Being less technical almost helps you. My instructor said something very applicable on the first day: "Check reality at the door. The CISSP isn't about the way you'd necessarily do things in the real world. It's about the best practices and the way that ISC2 wants you to answer the questions." A lot of those questions are from a management perspective, not a technical perspective. The guys in my training class that failed were mostly hard-core techies. I think overthinking the questions or thinking about what you would do in YOUR work situation is an easy pitfall to fall into during the exam. You have to almost remove yourself from your technical expertise and answer the questions from the mindset of ISC2's version of a security management

Uh oh... I'm in trouble then. >_<

emerald_octane

Jinuyr wrote: »

Uh oh... I'm in trouble then. >_<

Not really. Just remember this.

1. Human life is ALWAYS MOST IMPORTANT .

2. Think like a manager

xenodamus

You will narrow almost every question down to 2 VERY plausible answers. Remember that there is always a reason why 1 is better than the other.

Look for that reason in every question. One of those answers is better than the other, you just have to find the ISC2 angle to understand why.

Good luck!

AnthonyF

the_hutch wrote: »

I'm unsure how many times the DOD will be willing to pay for a person to retake course and test at the costs that they go for.

DOD will pay for two attempts of any certification. But you must do remedial training (VTE) if you fail before they pay for the second go round. The test not the course. Also you can only take one test (and get it paid for) per 8570 classification level. So you can take and get CEH for CND. But they won't pay for ISSMP.

PS
Those are the book answers. There is a waiver for everything in DOD.

dead_p00l

emerald_octane wrote: »

2. Think like a manager

Place blame on any and everyone else available?

!nf0s3cure

Just curious what is the lowest score that ISC give out(If there is such a thing). The reason I am asking is because if they say that you got 680 690 ....you are made to think it was so close..and jump at trying to sit the test again. Hence to clarify my conspiracy theory can some one tell me what is the lowest score they have heard. I am guessing we will not see a figure below 600. Of course people go in prepared but then there are some who will have completely misread the format and got it badly wrong.

cgrimaldo

Good luck this Saturday!

emerald_octane

!nf0s3cure wrote: »

Hence to clarify my conspiracy theory can some one tell me what is the lowest score they have heard. I am guessing we will not see a figure below 600.

Hmm..Well, CISSP is very popular on the net and there are many blogs where people talk about their experience. One guy failed twice, first time was in the low 500s, second time was in the 650s. So it does happen. I think someone with a straight up management background might be able to get some of the management questions that aren't BCP/DR (because those are a doozie) while some math wiz may come in and roast the crypto questions but bomb everything else.

Without knowing what people who pass get we will never get averages. In my mind i'd bet its exceedingly difficult to get anything above 900 (and if you do your test probably gets triple checked, and your proctors are investigated, and you have a secret "prodigy" flag put on your account). I really would not be surprised if I passed with a 700 or 701, but that's just because so many of the questions were so tricky; I spent 1 hr on the toughest 3 questions because I know that those darn questions could cost me $550.

the_hutch

!nf0s3cure wrote: »

Just curious what is the lowest score that ISC give out(If there is such a thing). The reason I am asking is because if they say that you got 680 690 ....you are made to think it was so close..and jump at trying to sit the test again. Hence to clarify my conspiracy theory can some one tell me what is the lowest score they have heard. I am guessing we will not see a figure below 600. Of course people go in prepared but then there are some who will have completely misread the format and got it badly wrong.

Somebody just posted a thread on here indicating that they failed with a 698. That's the closest I've heard

!nf0s3cure

Yeah I saw that, and it was a CBT so a re-val would not be very helpful! That is a frustrating situation. I'd be trying to revisit the exam in my mind for months...humm did I get that one wrong ...or that....mind you I am still waiting my result and still do that all the time.....

mog27

I'm also curious to know if anyone has failed the exam more than four times and what happens if you do (are you S.O.L and can never try again)? According to ISC2 you can only take it I believe four times.

TBRAYS

mog27 wrote: »

I'm also curious to know if anyone has failed the exam more than four times and what happens if you do (are you S.O.L and can never try again)? According to ISC2 you can only take it I believe four times.

LMAO, Nooooooo, you can only take it 3 times within a year.

emerald_octane

I don't think ISC2 minds taking your money even if it's 50x over, but after a while they will probably fly you into a boot camp free of charge just so you can stop clogging up the test centers over your multi-year pursuit!

TBRAYS

emerald_octane wrote: »

I don't think ISC2 minds taking your money even if it's 50x over, but after a while they will probably fly you into a boot camp free of charge just so you can stop clogging up the test centers over your multi-year pursuit!

Now thats funny!

dmoore44

Good luck Hutch - I'm sure that, given your background, you'll nail the test. I will say that this was probably one of the hardest exams I've ever taken (the only other one that I can think of that I spent an appreciable amount of time studying for was my Computer Systems Architecture final back in college...)

mog27

TBRAYS wrote: »

LMAO, Nooooooo, you can only take it 3 times within a year.

Maybe I am reading it wrong but the way the ISC2 website makes it sound, it sounds like you only get 3 more attempts to pass it (waiting 180 days). It doesn't say how long you have to wait after that (if you can take it at all again.)

https://www.isc2.org/cbt-faqs.aspx