Testing on CISSP 14 April 2014
Well the time has finally come. I floated the $599 on my credit card today and scheduled for an 0800 test on 14 Apr. The VA will reimburse me pass or fail so I'm not too worried at the moment...I'm kind of curious to just sit the test at the least to see what it's like.
I went ahead and selected this date since it will give me just enough time to retest once more (if I fail) prior to the date my employer set as the deadline for me to achieve the CISSP, which is May 15. There's some doubt as to if this would actually happen.
Anyways, I've been studying off and on since November (not so much up until recently, seeing as how I was very busy at work). With the 3 weeks left, I figured I'd start off with the domains I'm comfortable with (so as to not discourage or dissuade me from studying right off the bat) and hit the ones I'm less comfortable with closer towards the test.
My study materials include the Sybex CISSP and AIO CISSP and their corresponding practice question engines. I'm going through the domains in the Sybex book and compounding it with the AIO book should I need elaboration or clarification. When it comes down to matters of memorizing tables, similar concepts, etc, I'm simply writing them out on some paper over and over. After covering each domain, I'm going through and doing the practice questions at the end of the chapters as well as some on the test engines provided.
On the domains I'm comfortable with, I'm scoring high 70s and 80s so I'm feeling pretty good at this moment.
I went ahead and ordered the 11th Hour Conrad book since I recall others saying it was a great, concise resource to reference close to your test date.
Does anyone have any other suggestions, areas/methods to study, or helpful insights? I always hear the adage, "Think like a manager on the CISSP." Can anyone share their approach to this way of thinking?
Thanks! Can't wait to get this over with!
~J
I went ahead and selected this date since it will give me just enough time to retest once more (if I fail) prior to the date my employer set as the deadline for me to achieve the CISSP, which is May 15. There's some doubt as to if this would actually happen.
Anyways, I've been studying off and on since November (not so much up until recently, seeing as how I was very busy at work). With the 3 weeks left, I figured I'd start off with the domains I'm comfortable with (so as to not discourage or dissuade me from studying right off the bat) and hit the ones I'm less comfortable with closer towards the test.
My study materials include the Sybex CISSP and AIO CISSP and their corresponding practice question engines. I'm going through the domains in the Sybex book and compounding it with the AIO book should I need elaboration or clarification. When it comes down to matters of memorizing tables, similar concepts, etc, I'm simply writing them out on some paper over and over. After covering each domain, I'm going through and doing the practice questions at the end of the chapters as well as some on the test engines provided.
On the domains I'm comfortable with, I'm scoring high 70s and 80s so I'm feeling pretty good at this moment.
I went ahead and ordered the 11th Hour Conrad book since I recall others saying it was a great, concise resource to reference close to your test date.
Does anyone have any other suggestions, areas/methods to study, or helpful insights? I always hear the adage, "Think like a manager on the CISSP." Can anyone share their approach to this way of thinking?
Thanks! Can't wait to get this over with!
~J
And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
Comments
As of today, my testing average for Access Controls was a 78 and a 74 in Telecommunications and Network Security (!!!). Hoping to make the step up to 80 or above averages here shortly.
I guess I'll keep this topic alive with my study endeavors to hopefully motivate me and keep pressing! Put in a good 6.5 hours over the last two nights. I feel it coming back to me
I felt alright with this domain, seeing as I finally figured out my SLE, ARO, ALE, ACS, and cost/benefit value of safeguard formulas...I wrote them down a few times over and will do so again until the day of the test...I like plugging in various values and simulating the outputs.
I will go through this domain's flashcards and copy and paste anything I had trouble remembering or would like to revisit into my running wordpad file...for some reason the Shon Harris AiO seemed to have way more acronyms and models (ITIL, NIST, etc) than what I found in my Sybex book. Will have to go back for those.
Also have the Shon Harris mp3s burned to CD so I can listen in my car on the way to and from work!
Getting excited!
Sounds like you're on pace to pass this exam! I just started studying not too long ago. Where can I get the Shon Harris mp3s? Are the mp3s updated with the information from his AIO 6th edition book? Please advise.
Thanks,
Andy
Seriously, the software development domain just rubs me the wrong way...Scored a 90%, 65%, and a 52% (wtf!) today...Some of the stuff was easy oversight and just rushing (layer 1 vs 0 for the kernal, etc). And cryptography is the next domain too, weee!
So I think I got a good study routine down...study a single domain for 3-4 hours a day with a few tests at the end, review all 4 domains covered during the work week lightly on Friday after work for an hour or two, and review them all again Saturday with a compilation test of all covered domains...
My confidence sure did take a hit today, but I'm sure I'll regroup...TGIF tomorrow and I'm looking forward to hitting this stuff up again Saturday all day.
Sorry I overlooked this.
You can get the Shon Harris MP3s from the publisher for free here:
http://www.mhprofessional.com/sites/CISSPExams/register.php
Just register and you're good to go! Just a heads up that the zip archives and domains are under (presumably) the older version domain names.
Again, sorry I overlooked this reply.
I am using the great test engine included with the Shon Harris AiO, the end of chapter quizzes from the Sybex CISSP book, the quizzes from the Shon Harris MP3 page above, and the Shon Harris AiO practice question book.
Thinking of it now, I'm going to start taking the practice question book to work and using it to stay fresh on the domain from the day before. Should be good to pass around the office and compare scores!
Thankfully it is not one of the Top 5 domains. (You do know about the Top 5, right?)
Finished studying on 4 domains for the past week...Access Control (very comfortable with), Network and Telecom (the WAN technologies are killing me...), Info Security Governance and Risk Management (feeling ok, just need to brush up on the other models that aren't in the Sybex book [ITIL, etc], and Software Development (I feel ok with this one from a glance...need to hit it hard).
Spent about 20 hours the past week studying...hoping to continue the trend this upcoming week. Cryptography is next! I got a feeling I'm going to be writing out all the encryption standards by hand 100 times!
SN - Had breakfast with my wife's best friend and her husband this morning. He's in school for CE and is taking a certification for that field on the same date, same place, and same time asm ym CISSP! I've never been to that testing center (San Antonio only has two locations for the CBT) so he gave me some heads up info (comfort level, room temperature, processing times, etc). Small world.
Was glad to see how quickly all the standards came back to me from Security+ and CEH, though I'm still going to write out the symmetric, asymmetric, and hashing types each chance I get.
As of now, this domain is my #1 to review once I get through all of them.
I also got my 11th Hour Book today. Was surprised at how concise it is. I'm considering staying with this exclusively right up before the test.
About 13 days left!
I wish I had the memory you have!
I overslept on my nap today after work and didnt wake up until 9pm! I ended up studying for 3 hours tonight (was well rested) on Security Architecture and Design. The domain wasn't too hard and differentiating the security models from one another wasn't as taxing as I thought (there's a key point to each that I stick with to separate them out and recall the details afterwards.)
The part that killed me in my studies were all the "multi-" terms for processing and the kernel layers and the like. I'm not a host guy and it's never been one of my string points. Guess ill just have to write out these terms over and over closer to the test.
I was alright on one practice test with an 85, blew another with a 50, and finished my last with a 74, today's domain average coming out to around a 70...
2 more domains left this week, another 2 next Mon-Tues, and then I can finally go back and hit up on my weak areas and bring those averages up! Can't wait, 12 days left!
Today marked the end of another domain, the 7th for me, that being Operations Security. I did very well and not many of the concepts struck me as foreign or something I think I would have to go back and hit hard again. A lot of the stuff I've either seen in previous studies or in my experiences in the Air Force and as a DoD contractor.
I studied on this domain for 3 hours tonight and took three practice tests (70 questions overall) for an 80% average (I actually averaged 80% on all 3...funny). Right now I'd have to put this near my most comfortable domains (next to access controls) but I'll still be revisiting it with the rest of this weeks domains (cryptography, Security Architecture and Design, and Business Continuity and Disaster Recovery Planning).
Business Continuity and Disaster Recovery Planning is tomorrow, followed by a quick review of all 4 domains Friday after work, and then a 6 hour, in depth review session of all four followed by a practice test covering all of these.
**edit: If you go back and average out my end of domain tests for the 7 I've covered so far, I'm at a 75 at the moment. Some of these can obviously be brought up between now and the date of the test...slowly but surely...
About 11 more days! Argh!
The domain was pretty straightforward and I didn't stumble or get caught up on too many parts. The technical aspects (backups, off sites, etc) came to me once I focused and got down to differentiating them (I used to have a hard time contrasting differential vs incremental...but I got it now!).
The only part I don't feel completely solid on are all the various steps in the BCP and DRP. I'm sure I'll just hand jam them and commit them to memory...it was good to see AV, EF, SLE, ARO, and ALE show up again in this domain. Falling back on my previous studies, I was able to rock the scenario questions regarding these formulas!
For my practice tests, I scored two 80%s and one 62.5%, argh! Like I said before, I didn't miss many technical questions, just the ones corresponding to the processes (which I'm sure is important in regards to this exam). Average is 74 for this domain this time around...
Tomorrow is a quick overview of this week's past 4 domains (I will probably do this after work with my flash cards, chapter summaries, domain objectives, and the 11th Hour Book). Saturday is my 5 hour study session to go over all of the domains completely and again.
Monday and Tuesday are my last domains (Legal and Physical Security) which I'm pretty sure I'll do alright in, but we'll see. Seeing as how I haven't covered anything really technical since Cryptography, I feel confident that so long as I get a grasp of all these various concepts and procedures, I've got a shot.
10 more days...whoa.
I went ahead and made a list of things I want to commit to memory prior to the test (as in spend the last couple of days just writing them out over and over). Most of them were the steps to processes. Most of the formulas and technical pieces are good to go, however, it's all the various procedures, steps, and functions that are killing me, argh!
Took an exam of 75 questions over all 3 domains reviewed today. Some of the questions were on there twice and I happened to miss one, IIRC.
Security Architecture and Design - 72%
Operations Security - 84%
BCP/RCP - 64%
Overall average is a 73%, booo!
The forensics piece isn't too bad, just all the laws and such get me. Going to have to go back and commit those to memory...
Tomorrow is my last domain and then I have the next 5 days to go over everything I'm not comfortable with again.
Less than a week left, lets do this!