Passed CISSP 8/9/2013!

poguepogue Member Posts: 213
Finished it in about 3 hours, took one 5 minute break at 175 questions completed, drank choco milk and had a few handfuls of yogurt raisins and nuts.. I did not feel a sense of being overly mentally exerted at the end, but then again, I answered the questions in order and did not revisit questions.. Not that I am advising others to do this, but I felt the questions were straight forward enough that there wasn't a lot of use in agonizing over what I felt the right answer was on the first pass.

To be honest, it was a lot more straight forward than I thought it would be... But, that being said... Some of the questions were so badly worded, that I was only about 70% convinced that I had passed at the end. Such is the nature of the CISSP exam.

Highly conceptual questions... Now, I will offer a differing take on the whole "think like a manager" schtick.... I will say the key to the exam IS thinking like a manager... But more important is to "study like a manager" in advance.

By this, I mean... Is your IT manager often a guy who is "deep in the weeds" as far as knowing the specifics of encryption algorithms? No. Is he a guy that knows Business Continuity Planning/Disaster Recovery Planning, and Risk Management? Absolutely. Does he have an overall familiarity with the technical concerns, in order to see how they might fit into his primary knowledge zone? Absolutely.

My experience does come from fairly regimented network systems... About 9 years on military networks and another few years on Federal government networks... I did have exposure to Change Control processes and am very aware of the need to be methodical in one's approach to network security, lest vulnerabilities fall through the cracks.

My study materials were simply Eric Conrad's CISSP study guide, and subscription to Transcender's 900 or so question test engine... No CBTs, no audio... In all reality, a lot of the questions are common sense if one has the requisite IT experience. If I really had to try to give some advice on passing this exam.. I would say this:

Read the Eric Conrad book through completely.. At least 30-40 pages per night.. No breaks. Then.... Spend a week or so doing Transcender question bank, 50-100 questions a day, no break. Make sure to read the explanations of ALL the answers, and why they are wrong and right...

Take a few days off, and then do a complete readthrough of the book a second time.. Making sure to focus on what you think a manager might be most interested in. And after finishing the book a second time.. Start working on the Transcender questions again, alternating 50 question days with 125 question days.... Focus on understanding why the answers are right and wrong. Understanding that some are out in left field.

I was scoring anywhere from 65% to 80% on the Transcender chunks I did in the last few days before the exam... I did not sweat it at all, because some of the questions were so narrow in focus and obviously much deeper than management would be interested in...

I did go through maybe half of the chapter questions in the Eric Conrad book, and I did feel they had value. but I simply felt that the Transcender question bank and explanations was a faster method to soak in the information.

So, to wrap up.. I feel the CISSP is best approached in a "balls-to-the-wall" fashion, all in one chunk.... with limited breaks, simply to let your mind recuperate for a short time, in order to retain more info.. Even with the Eric Conrad book, I felt it was a LOT of information to retain... And I simply chose to focus on what a manager would consider most important. Then again... I preferred such an approach because:

1. I did not enjoy studying for the CISSP. So, it was like bitter medicine.. Just hurry up and swallow it as fast as you can, and get it over with. The industry seems to like it, so because I have lost my job twice in the past few years, I was determined to never again lose my job through lack of an industry desired certification. I am thrilled to be done with this exam so that I can move on to something with more practical value. I would eventually like to do some penetration testing type work.

2. I think there is still so much info to be understood at a high level, that spreading out the study over too long a time period, one can get "hazy" on important topics.

I would recommend no more than a 12-15 month cycle to study for this exam. But be warned, this time period will take SERIOUS dedication. I see the current job market as a warzone, so I am personally dedicated to outperforming all competitors. This might be a healthy attitude to adopt when it comes to knowledge gathering and certifications until the US economy improves. icon_smile.gif

Currently working on: CCNA:Security
Up next: CCNA:Voice


Sign In or Register to comment.