Passed CISSP!!!

cyberguyprcyberguypr Senior MemberMod Posts: 6,927 Mod
Just passed!

I'm on the train back home fighting a headache but will post my impression later.


Edit: Here's the good stuff:

My background:

Windows Sys Admin. My expertise regarding the CBK revolves around Telecom+Network, BCP/DRP, Access Control. Also a bit of Ops Sec and Physical Sec. See my certs on the left.

I always wanted to take this test but refused to do the paper test. Could never understand why there wasn't a computer test.Higher gods listened and brought the CBT which means I ran out of excuses.

Plan:

Since I finished my BS in May, timing was perfect. I officially started studying for the CISSP in June. Bought the AIO and started banging at it. Found it overly verbose and switched to Eric Conrad's study guide as my primary source. My plan was to start with my familiar areas as specified above. My logic was that If I hit something else unfamiliar first I could get frustrated. I ended up following this order: Telecom > BCP > Access Control > Physical Sec > Op Sec > Gov and Risk Mgmt > Legal > Sec Arch + Design > Crypto > Software Dev Sec. This allowed me to get the easier stuff out of the way and spend more time on my weaker areas. Even though I started my studies in the summer, I did not commit to paying for the test until November. The main reason was some projects at work that could've delayed the test. When the projects were out of the way, I proceeded to pay the test and committed to the December date.

I say the plan worked as I never lost momentum. That was one of my main goals.

Resources:

- CISSP Study Guide, Second Edition by Eric Conrad. This was my main resource.
- 11th Hour CISSP: Study Guide
- Official (ISC)2 Guide to the CISSP CBK. Read close to 80%.
- Shon Harris AIO 5th edition (6th is out now.) Did not read the whole thing as it is overly verbose. Mostly for reference on my weak areas. The included disk with practice questions was very useful.
- Dr. Eric Cole's SANS MP3s. One fo the most useful resources.
- Clement Dupuis bootcamp videos. Just as Dr Cole, he's been doing this for a long time and knows this stuff inside out.
- NIST documents. In particular 800-30, 800-34, 800-100 http://csrc.nist.gov/publications/PubsSPs.html
- Countless CISSP related posts here on TechExams
- Cccure.org - Used the paid questions. Some material is definitely outdated but still a very good resource. I took close to 4,500 questions
- Test questions from Cissp.com
- More practice at McGraw-Hill Education | CISSP Practice Exams
- My CISSP Experience - A Study Plan Memoir
- Mind maps: Index of /resources

The night before:

ZERO review. Always have been a big believer in not studying the day before. I stayed at a hotel in Downtown Chicago close to the testing center to relax.
Ordered room service (deep dish + tiramisu) and watched a couple of movies. Achieved nirvana thanks to the deep dish and by not grabbing review material. Went to bed at 10pm with my mind completely clear.

Test day:

Woke up at 7am. Started with a nice Anaheim Panini and a caramel latte form Corner Bakery a block away from the testing center. Right after, I got to a nice start when I walked into the Pearson Vue center and saw a plethora of great looking girls in line for other exams. I chit chatted with a couple of them for a few minutes. My wife had a blast when I told her this.

Before I started I established checkpoints in my mind (100 questions, 150, 200) were I would evaluate if I needed to stretch, eat, bathroom, etc. I was so pumped that decided t0 keep pushing and ended up not taking a break at all.

General impressions:

- Fair test. Covered the CBK well. Saw a bit of everything.
- I got some questions that I am positive had no valid answer listed
- Lots of semantics games. I remember reading about this here on TE. They will refer to things with other names
- I was surprised to see many questions were one liners, similar to study material. I was expecting way more convoluted scenarios
- By question 41 I started to freak out because I thought I was taking too long answering. Relaxed a bit and didn't let that get to me
- Freaked out a bit again near question 150. Again, calmed myself down. Collapsing the clock and question number helped me a bit
- Answered all questions by the 3 hour mark. Ended up with 100 questions marked for review.
- Did a first pass of items to review. Went through all 100 questions but left 20 for a second pass. Some of them you couldn't even figure out what the heck they were asking. Here is were Eric Cole's advice came in handy. I deconstructed those questions like never before. and applied the four steps: 1. Look for
distractors, 2. look for the most correct answer, 3.look for the most inclusive answer, 4. If everything else fails, GUESS! I only has to guess on a few questions
- After reviewing the last 20, finished test with 37 minutes left on the clock - When I got my score sheet It was like looking at a blank paper. I could not see if I passed or not. Took me a solid 30 seconds to see it - Absolutely hate that you don't know how you did. But again, as Toretto said: "It doesn't matter if you win by an inch or a mile; winning's winning."

Other thoughts:

- There are 3 ways to do things: The right way, the wrong way, and they ISC2 way. Again, Eric Cole stresses this. It doesn't matter what your experience is or what you have done. What ISC2 says is what counts. If they say fences must be painted pink, pink it is. It doesn't matter that many fences are other colors in the practice
- Don't memorize stuff, make sure you understand the concepts. This has been said here many many times. Example: some people try to strictly categorize controls as deterrent, preventive, etc. It doesn't work that way. Many controls change depending on the context of the implementation. Although some are black and white, other aren't. If you understand this you will have no issues
- Be flexible, both with your studies and during the test. You may need to adjust your plan on the fly
- Ask questions! If you don't know or understand something post here. We'll be more than happy to clarify


Finally, thanks to all of you who answered my questions, posted material reviews, exam impressions, etc. Those were extremely valuable.

On to endorsement now and then full sail ahead for GCWN.

Comments

Sign In or Register to comment.