Passed CISSP! CISSP vs GISP vs CCURE vs StudisScope vs Eric Conrad Syngress

LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
Hi All,

I have just passed by CISSP today. I am here posting my experience and feelings in studying and passing for the exam. I hope they can be of help to you.

Material Used

I begin studying for my CISSP 6 months ago around April. The material I used
  • Official CISSP CBK
  • Eric Conrad CISSP Study Guide
Practice Questions I used to aid in studying for the test (In Order)
  • GIAC GISP Offical Exam
  • Eric Conrad Syngress Practice Question
  • FreePracticeTest
  • StudisScope
Here are my reviews of the materials/practice questions

Official CISSP CBK

I found this book not very useful. The style of writing by the author is very hard for me to absorb anything. After finishing it I have no confidence that I had learned anything from the book. I would not recommend this book for studying for the CISSP. I have not used this book for any practice test or exams.

Eric Conrad CISSP Study Guide

Eric Conrad style of writing was very clear and precise, he did not go overboard in covering each of the concepts, which is just nice and good to absorb the CISSP ten domains. You can passed by studying this book alone, however, the exams not only test the concepts, but you would also need to know how to answer the scenario thinking question. You will not pass the exam if you do not how to prioritise the best answer or the best chronological answer to the question.

The Actual CISSP Exam

First, let me write about the actual CISSP exam and then I will proceed to cover each of the practice test, and how close they are to the actual exams.

The exam experience I have is actually very similar to the article written here, but I am going to add additional stuff.

First person: Editor Andrew Briney on how to pass the CISSP exam

Yes, I admit the exam is tough, if you have taken a GIAC exam before, it is somewhat similar but a bit difficult. In the CISSP exam, there are different types of questions. I will go through each types

1) Typical Straight Forward Questions

There are plenty of this type of questions in the exam, I can't reveal how much due to NDA. But if you remember and know your stuff well from the book. You would not have any problem to answer this type of questions.

2) Typical Scenario Base Questions

This are the common type of scenario base question, the answer can sometimes be straight forward or sometimes requires some thinking.

3) Best Answer Questions

Most or All the answers to the questions are valid, but you have to choose the best answer to the questions.


A best friend of yours tells you his personal secret that he is going to murder someone with hatred and anger, and you promise him that you will keep his secret, his mom, was concern about his son, ask you if his son has told you anything. Which of the following is the best ethical choice given the above scenario?

1) Tell the police and the mom about his plan
2) Keep quiet about the secret as you have promise your friend
3) Tell his mom only about his plan as he has not murder anyone yet
4) Do an investigation and confirm that he is going to murder that person before telling his mom

4) Best Chronological Questions

Most or All the answers to the questions are valid, but you have to choose the answer that fit best in the chronological description.

A personal example, you are a female and you are in the toilet for your daily business, which is of the following should you do next?

1) Buy a tissue paper as there may not be toilet paper in the toilet
2) Find the next available cubicle
3) Examine if the toilet seat is clean
4) Check for toilet paper

5) Very Obscure Choices with content material you thought you had know

All the choice doesn't seems to make sense on something you think you know.

Example: Which of the following the most important when going down the staircase?

1) A clouded mind
2) An empty mind
3) A concentrated mind
4) A careful mind

​6) Scenario Based Questions with base on content material you thought you had know with very obscure choices

This are the most frustrating questions in the exam, you can be really disturb and wondering if you would got the correct answer.

My Exam Experience
I don't find the exam extremely tough, although I agree the exam itself filled with tough questions, if you study for the exam well you should not fear of failing . I felt that people think the exam is tough is partially because of the amount of stress that they place on themselves thinking that the fail the exam. If you keep thinking the exam is tough it will contribute to the stress, and stress indirectly contribute to ability to take the exam well. If you study well for the exam, empty your hearts and mind and let them proceed to the exam. Without the stress level from the exam, your perspective of the exam would be much easier to manage and you would perform better in answering the questions.

I woke up in the morning for some really simple subconscious training, I told my mind that I will concentrate for the exam several times before proceeding to set of for the test centre, this will subconsciously train my mind to be able to answer the best of my ability during the exam. On the way to the examination testing centre, I concentrate on my breathing and the emptiness of my heart, so the stress level isn't there, I have previously subconsciously train myself not to think of the exam, so without negative thoughts there isn't any stress level prior before the exam, as this will affect my ability to answer and do the examination well.

130 Pm, as I enter the examination centre, I then empty mind and let my subconscious take over, a concentrated mind which I had work on in the morning. Then proceed on with the exam with a stress free and empty mind. Some of the very obscure wordy questions got me, but I understand very well that 25 out of 250 questions are not graded and probably used for future examinations. If the question is really very obscure wordy, it is probably not graded. Of course there are obscure graded questions mix in with the ungraded one I simply answer all to my best of my ability.

130 Questions in the exam, exam fatigue sets in. Since there are extra time, I took rest whenever my mind is tired. Then proceed on, use the board for some questions then check if I had missed any questions.

One of the CBT examination feature that I would like to warn is that you could actually de-select your answer by accident if you double click on the same answer. When review back my answers I found that I had 3 questions that I had de-select by accident, so be very careful where you click when selecting answers.

After finishing the exam, I do a quick check on all my questions one last time, click submit. Took 3 hours and proceed to the counter, I got the good news. I had passed!

Exam Practice Question I used

One thing I would like to warn about using practice questions is that it could give a false sense of security, if you use the practice test and did not study about the wrong answer. Repeatedly doing the same practice test could result in a false sense of security. As you have seen the question before and you could select the answer without thinking. This is wrong. For every questions you get wrong, I would encourage to study about it, look it up, read it up and then write it down and actually understand it, if not using the practice test defeat the purpose of studying.

GIAC GISP Exam Experience

GIAC GISP is an exam that cover base on CISSP CBK 10 Domains, with the exception it is open book and you are given 5 hours for the exam instead of 6. I found that GIAC GISP scenario base question helps in the critical thinking process. Exposure to the question can help the mind to understand and interpret the scenario base questions exposed in the actual CISSP examination well.

To make the best of GISP Exam for CISSP exam, you can select the answer first in the MCQ before referring to the book to see if you have gotten the correct answer. I found that GIAC GISP exams is the most similar to CISSP examinations in some sense, with the exception that it has less obscure questions.

If your company can cover the examination fee for GISP, I would recommend that you to attend GISP before going for CISSP. I passed with Eric Conrad Books alone with a score of 76%. I didn't study very hard, I simply read through one time and label and proceed to take the exam.

If you cannot afford GISP but have some extra cash and looking for additional practice, buying GISP Practice test can also be a very good examination practice for CISSP.

Eric Conrad Syngress Study Question
Simply but useful, this is important as a test to those important concepts you should remember.


Some of the questions inside here are really overkill of the actual CISSP exam. Although there are plenty of bad questions, there are plenty of good questions as well. Some of the questions that ask about the BEST or BEST CHRONOLOGICAL order that helps me to understand how to select the best answer. Some of the CCCure questions actually helps me to understand better on how to answer the CISSP questions. I don't get to see such questions from GIAC GISP exam. Some questions are very obscure as well, and so it also trains you to answer and select the question correctly.

Although I know some (or a lot) of questions are overkill and probably won't be tested in the exam, think this way, it is always good to be equip with additional knowledge. So no matter what questions that you get wrong, I would encourage you to study up on it. icon_wink.gif

What I like most from the website is that you can actually select the domain you would want to test on, so it can help you to reinforce your weak domain.

My recommendation.

Use the exam mode instead of study mode.

1) Start by doing 50 Questions for each domain daily, study all the wrong answers in each domain.
2) After finishing covering 10 domain, do a 250 Practice
3) Repeat until you get a good score about 85%
4) Do 125 Question each day on 5 domains (that means 250 questions in 10 domains in 2 days)
5) Do a 250 Question Practice when your free to reassess yourself after 4 days
6) Concentrate on your 5 weakest domain everyday (125 question)
7) Review your score, gradually reduce the number of 5 weakest domain
icon_cool.gif On the last 10 days before your exam, concentrate 100 questions per day on your two weakest domain until your satisfied

*Trivial information, I score 69% on my first 250 exam question try and then proceed to study until I got 90% in 10 domains 250 question, and 76% on my two weakest domain, 100 Questions

The Studiscope
There is really a lot of myth about the studiscope on how close they are to the actual exam. The truth is, no, they are not in anyway close to the actual exam. The questions are as bad as cccure questions. All taken from Information Security Management Handbook. I got my SET A answers about 64%, a failed from their benchmark of 65%.

The great news about studiscope is that, they are good alternative for you to benchmark if you can pass the exam. If you can pass the studiscope, that means you are really very good at answer obscure question. (Of course you must have a good knowledge of the CBK)

After going through the CCCure questions, I came back to finish up the SET B and SET C questions. I score 69% and 72% respectively, I did not go back and retry SET B and SET C as I do not have the time. I also find is very difficult to study the wrong answers from Studiscope.

If you are thinking about buying extra questions after CCCure questions, I would recommend that you could try GIAC GISP practice first. Their practice only cost 150 USD for 250 questions as compare to 280 USD studis scope 300 questions. Although GISP practice test can only be used one time, it reflects CISSP exam more accurate than studiscope

  • The StudisScope and CCCure questions are tougher then the exams, because they cover too many concepts that is not required for the real exam.
  • However, the CCCure questions can help to train your mind to decide the BEST or BEST Chronological answer, which is MUST and required for the CISSP Exam.
  • GIAC GISP exam are in way close to the CISSP Exam with their Scenario base question, but the exam have lesser question to train your mind on how to decide the BEST or BEST chronological answer.
  • StudisScope is a good benchmark if you can pass CISSP, if you can passed StudieScope question (above 65%) for the first time after going through GIAC GISP and CCCure, you are probably good to go for CISSP
  • I would not recommend in anyway to purchase the StudisScope for studying, but only for benchmarking purpose on where you stand.

The last additional, but most important help


  • samurai86samurai86 Member Posts: 104 ■■□□□□□□□□
    Congrats on the pass. Now get that endorsement paperwork in. I am still waiting to here back from ISC2 on my endorsement paperwork.
    Bachelor's of Applied Science in Technology Management - Information Security Assurance (St. Petersburg College)
    Masters of Science in Digital Forensics (University of Central Florida)
  • beadsbeads Member Posts: 1,525 ■■■■■■■■■□
    Love number 4 but to be a bit more accurate you should involve details like wearing a "pink sweater and loves dogs, Italian soccer and crochet". Anything that gives you that: "What the heck would that have to do with anything? Feeling. Numerous stupid distractors are common on many of these tests.

    Eric Conrad's books are aimed at more seasoned professionals with a more honed approach while Shon Harris takes a broader you need to know everything from scratch approach.icon_thumright.gif


    - B Eads

    Congrats on the pass.
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    Yes, I recall the numerous distractors from the questions. :D Now have to wait 3 more months till my 4th years experience for endorsement.
  • nk5knk5k Registered Users Posts: 4 ■□□□□□□□□□
    How can I get the GIAC GISP practice exam? can not locate anywhere?
  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    1. Take the class
    2. Find someone who is giving away a practice test
  • TechGuy215TechGuy215 Member Posts: 404 ■■■■□□□□□□
    Excellent synopsis, and great information!!! Thanks for the breakdown and Congrats on the pass!!! icon_cheers.gif
    * Currently pursuing: PhD: Information Security and Information Assurance
    * Certifications: CISSP, CEH, CHFI, CCNA:Sec, CCNA:R&S, CWNA, ITILv3, VCA-DCV, LPIC-1, A+, Network+, Security+, Linux+, Project+, and many more...
    * Degrees: MSc: Cybersecurity and Information Assurance; BSc: Information Technology - Security; AAS: IT Network Systems Administration
  • nk5knk5k Registered Users Posts: 4 ■□□□□□□□□□
    I am planning on taking the ISC class in weeks after failing the exam got 675, but need additional resources.

    Anyone giving away the GIAC GICP practice exam?

Sign In or Register to comment.