PASSED CISSP!!! First Attempt!

mambomambo Registered Users Posts: 3 ■□□□□□□□□□

First of all, let me congratulate you all on the excellent resource this forum has been in determining what material to study for the exam.

I've known I had to have the CISSP since I started working in security in 2007. I have some vendor certifications regarding IAM and SIEM and a few offensive security certifications (OSWP and OSCP) and have been interested in security for more than 15 years.

I quit my job in July with the purpose of taking some time off for myself and to be with my family and started preparing for the CISSP exam.

This started with reading the Shon Harris AIO 6th Edition. As many of you, I didn't get to the end of this book as I eventually got bored to death and saw that I wasn't assimilating the technical concepts because of the sheer volume of information in the book.
About a month and a half ago, I started reading Eric Conrads 2nd Ed and started getting more confident with my preparation, in my opinion if I would have to read one book cover to cover, this would be it. I ended up only reading the 3 last chapters of Shon Harris's book and then bought his 11th Hour book. The 11th hour book really focuses on the important technical aspects of the subjects but as most of you know by now, this is not a technical exam. Nevertheless, complex technical details were explained in such simple terms that it was very useful in learning (not memorizing) the contents of each topic which no doubt helped me address most, if not all, technical questions in the exam.

In the last few days, after reading some posts on this forum, I lost my love for 231$ and bought the Studyscope prep assessments. My initial thoughts were: RIPOFF!!!! However, having taken the exam today, I have to admit the 3 assessments are worded like the actual exam and emphasize on what is most important for the exam: knowing what to do in each situation as a security professional and having a broad knowledge on the exam. Many might agree that common sense, aided by what you've learnt about security by preparing for this exam, will make you pass. Just make sure you think the ISC2 way and not answer based on what your personal opinion of what is right/wrong/first is.
The Studyscope web interface is very bad and there is practically no justification on why the right answer is the right answer and fails to educate you on why the other options are wrong (unlike Shon Harris). The performance tracker is quite good though, you get to see what topics in a certain domain you are weakest in. I still feel it is a ripoff for the amount of money you pay, but all in all, I'd rather pay 231$ for having an insight on what the exam could be like than going in thinking it was a technical exam and have to pay another 520€ for it. None of the questions in the assessments showed up in the exam, which I wasn't expecting anyhow.

Eric Conrads 11th Hour will make sure you get any technical questions on the exam, but the studyscope assessments will show you the weaknesses in your way of thinking. Shon Harris makes you think in the correct way for the exam, but maybe she should make a lighter version of her book as we're not reading to be able to update Wikipedia on every topic from the 10 domains.

I also gave shon harris's mp3s a try and to be honest, you might just listen to them instead of reading the book and then make sure you can answer all of her questions in both the All in One and her practice exams 2nd. Again, I feel that her way of explaining things is a great help towards getting into the right mindset for the exam.

I gave CCCure (free) questions a go and they helped my identify some weak technical spots. I didn't go for the paid version as I had just bought the Studyscope assessments.

If anyone cares, I got 64%, 74% and 73% on the studyscope assessments and then decided to read the Sunflower PDF and Shon Harris's summary of each chapter, because something was clearly missing in my preparation.
Yesterday I did a full 250 practice exam with the Total Tester package that comes with the AIO and scored 83%. I finished my studying right before the exam by going over important (to me at least) concepts from Eric Conrads 11th Hour and the Sunflower PDF. Beware that this PDF isn't updated for the new courseware, even though it is an excellent overview for 90% of the current courseware.
I haven't read a single word from the official ISC2 book so can't really give an opinion on it.

Managed to finish the exam in 4 hours and 45 minutes and came back with a Congratulations paper! Had about 45 questions marked for review and certainly changed more than 25. I tried to do 100 question runs and it is inevitable that your mind will play tricks on you if you are concentrated for such a long time. So for me, changing answers after a break and feeling sharper wasn't uncomfortable. If you haven't taken the exam, do at least 2 250 practice exams before you go into the test center. At home I took breaks at around the 70 question mark and also changed quite a few marked for review when I was reviewing. The 83% on the Shon Harris Exam Prep built up my confidence in this methodology.

Anyway, just thought I could give back to this community. Hope I don't have to go over another 6 hour exam spanning 10 different domains in my life! This was practically a Masters degree in 5 months with all the subjects in a single exam. I feel like I was tortured and just let go out of prison!


  • Options
    warmkittywarmkitty Member Posts: 26 ■■■□□□□□□□
    Congratulation mambo... And thanks for the long description of how you prepared. icon_thumright.gif
  • Options
    ZorodzaiZorodzai Member Posts: 357 ■■■■■■■□□□
    Congrats chief......
  • Options
    mailziyadmailziyad Registered Users Posts: 1 ■■□□□□□□□□
    i was working as network security engineer and now quit job doing cissp. May i know was it worth the job quit. have you got better job after cissp. please do share your views.
  • Options
    sameojsameoj Member Posts: 366 ■■■□□□□□□□
  • Options
    TLeTourneauTLeTourneau Member Posts: 616 ■■■■■■■■□□
    Thanks, Tom

    M.S. - Cybersecurity and Information Assurance
    B.S: IT - Network Design & Management
  • Options
    naclh2onaznaclh2onaz Member Posts: 69 ■■□□□□□□□□
    This thread is from 2013! I started looking for studyscope material to see if I could find more info because im taking the exam on Feb 4th. It doesnt look like studyscope is still around
    2017 Goals:
    CISSP [X]
    2018 Goals:
    CRISC [ ]
  • Options
    DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
Sign In or Register to comment.