2nd Attempt not clear!!!!! - cissp

2»

Comments

  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    @philz1982;

    Long and drawn out but yes. It was an easy exam for myself as well. Unfortunately, I have heard too many times from fellow CISSP's that it was the "hardest exam I have ever taken..."

    One word: "Sheesh!"

    The exam did not live up to the hype - at least in my experience. Really felt as though I over studied for that exam unless it was much more difficult years ago than today, of which I have my supreme doubts. If you have a well balanced experience in InfoSec it should be fairly obvious how to answer most of the questions on the exam. Others consider it a "management exam" while there is little of any scheduling or conflict resolution related true management on the exam that I ever saw. "I dun get" the whole "management" theory. Nonsense.

    - Beads
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    redz wrote: »
    This is why we concentrate, Beadsy ;)

    What? You of all people, literally folks, Redz can read my name from his cubicle. Adding a 'y' - oh now, that's just low, man. How do I pull that endorsement, post haste? LOL. Full disclosure: We work together and he really can read my name tag from his cube. There's gonna be hell to pay, I tell ya!

    And yes, CISSP's and concentrates tend to be found clustered near one another in whatever, firm, business or organization you work.

    - B eads
  • redzredz Member Posts: 265 ■■■□□□□□□□
    beads wrote: »
    Full disclosure: We work together and he really can read my name tag from his cube
    He's lying. I'm not wearing my glasses.
  • philz1982philz1982 Member Posts: 978
    beads wrote: »
    @philz1982;

    Long and drawn out but yes. It was an easy exam for myself as well. Unfortunately, I have heard too many times from fellow CISSP's that it was the "hardest exam I have ever taken..."

    One word: "Sheesh!"

    The exam did not live up to the hype - at least in my experience. Really felt as though I over studied for that exam unless it was much more difficult years ago than today, of which I have my supreme doubts. If you have a well balanced experience in InfoSec it should be fairly obvious how to answer most of the questions on the exam. Others consider it a "management exam" while there is little of any scheduling or conflict resolution related true management on the exam that I ever saw. "I dun get" the whole "management" theory. Nonsense.

    - Beads

    Well, I will say I am now studying for my CEH and that seems to be much more tactical and interesting. Hopefully it will be a challenging exam. I mean you pay 600 dollars to take the darn thing, so you want it to be... complicated.
  • cmackpmpcmackpmp Registered Users Posts: 2 ■□□□□□□□□□
    I am on my 3rd attempt in November, last take was July and scored 694...so frustrating and I do have a security background. I am having a tough time with crypto and Network areas.

    I just purchased the Boson test simulator for $99, I used it to pass my PMP exam in '08 and I'm finding it equally as helpful on this one in helping me with my weak spots. It lets you take the test and study at the same time then go into full simulation mode. You might give it a try...I have used CCCure but I find the website/format so distracting for me.
  • cmackpmpcmackpmp Registered Users Posts: 2 ■□□□□□□□□□
    I think you are all right in saying that it is a bit concerning when some have such a hard time and others have an easy time. My background is more software development, BCP, DRP, etc and all on the management side so I struggle with all of the areas that you are all really good in because you have your hands in it.

    I think it just depends on where you're coming from, what type of use you have for the information and what you've had the opportunity to get your hands on. It's really annoying when your work requires you to get the cert but you only work in an area where you touch 3 out of the 10/11 areas (I'm forgetting at the moment how many there are now).

    It will be a major victory when I pass and I will never ever second guess the viewpoint of a seasoned technical person when it comes to this stuff. I just want to be able to understand and process the information, issues, recommendations from my tech teams so I can make better management decisions. Nothing worse than a CIO who has no idea what they are funding or not funding... my two cents :)
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    No doubt crypto and networking are the two most difficult sections of the test. Also the two I have the most experience. SDLC I had some familiarity with at a higher level but experience nonetheless. Mind maps certainly help with those types of areas.

    Tip: Know the OSI seven layer cake cold by drawing it out and adding every bit of information related to it (Routers work at layer 3, Presentation handles encryption and all that). Draw that out on paper or Visio until it ALL becomes second nature. What you'll end up with is a very comprehensive chart of related items rather than three or four separate lists of machines, ports and mysteriously vague descriptions like "presentation" and "session" layers and how they work. Its all interrelated. Its that interrelation that leads to "Internet" and "Inter-connectivity", etc. No, I am not talking down but trying to make a lateral point. Its all inter-related. Look at the subject quashed together rather than the separate pieces and it will become easy. Still have to know the pieces as well but quashing the diagram together will make more sense with a big picture of smaller pieces. Trust me.

    Crypto is hard because its literally cryptic but recommend much the same technique. Break everything into columns of symmetric, asymmetric, elliptical, where used and how. Don't worry so much about how the chains work or don't work. Your not likely to have actual hands on experience with the stuff past the possibility of installing an SSL certification. Here is a good example: http://www.mindcert.com/resources/MindCert_CISSP_Cryptography_MindMap.pdf

    Write or draw until you run out of items to update, double check your answers and you will remember everything to the point of ad nauseum for the test. Its hard to remember what you can't put into personal experience - I get that as well. Hence why I harp on mind mapping and 20 minute stints of learning rather than trying to pound data (not information) into one's head.

    Those are my most critical points to any test. Learn the techniques and you can pass any mutiple-choice test. Most of it will become a joke in comparison.

    - B Eads
  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    @cmackpmp

    As I have said before - its an experience test. Not a management test. I can only feel empathy coming from a Systems Administrator then a Manager/Director level background then security. If it helps I learned BCP/DRM the really hard way - in real life. Then I suddenly got MUCH better at the planning stage.But not so much before. icon_lol.gif

    -B Eads
Sign In or Register to comment.