CISSP Struggles

Hello Members,

I got up nice and early today as I was wanting to post my first ever post on the forum with the hope of receiving a little help. I have been studying for the CISSP for a few weeks now but only really committed a few weeks back by booking my exam date for the end of June.

I have been working on the access control domain by reading eric conrards chapter and hitting questions from various sources. Last night was extremely discouraging as I was averaging mid 70's but as the night went on I was back into the 50's, i finally threw in the towel at roughly 11pm.

My entire career has been in IT, roughly 10 years, the last 4 directly in InfoSec. I also have achieved my N+ and Security+ certifications.

The one thing that I have been playing in my mind since last night is perhaps I should take a different approach and begin with the lighter domains ie physical security to get the wheels in motion and get some confidence back.

I have all the materials to study listed in all the other posts, that is not the problem I feel like I am not making the most of my study hours and it does have me worried. This exam has me consumed, I am constantly thinking about it day and night. Barely got any sleep last night as I was having study nightmares.

Thank You

Find more posts tagged with

Comments

zxbane

Starting with the domains you are most comfortable/familiar with isn't a bad idea and then concentrating your studies as the exam date gets closer onto the harder domains. It could also be possible that you were getting burnt out as the night went on and that's the reason for the drop in scores. Remember to take breaks and let the information soak in. Also don't let the test scores drive you crazy, they will fluctuate, just make sure you are understanding the information most importantly.

Grafixx01

Hey! I just read the book the way it was printed out. I figure it was much easier than having to worry if I did read that chapter yet or not?

Don't be discouraged on the percentage part man! It is NOT a big deal! When I was taking practice tests and even did the entire number of questions per domain out to the Shon Harris 6th edition book, my average was anywhere from like 50-70 percent consistently.

You may have the same issue that I have and just get anxious / nervous when you know you have to answer the questions. If you can read the book and turn around, either while reading or after, say to yourself, "I know this stuff. This chapter was about XYZ." Then IMHO, you should end up without a problem. I got fed up about 3/4 the way through the test because I thought that I failed, but I didn't.

I even had a guy who teaches the CISSP bootcamps give me a practice test so he can tell me where to better focus my efforts on. He provided me a practice test, I took it, and then he gave me the results. I failed the practice with a 68%, however, my knowledge base is equal across all 10 domains. He said that is not normal, most people are concentrated in two, possibly three areas of knowledge and that there are not too many people who are well rounded across all 10 domains. He told me that he can give me no study guide / plan to help me since I am like the CISSP is anyways, a few inches deep and a mile wide with knowledge.

I say just keep chugging, do the practice tests / questions / etc, and don't worry about your score because that is even more discouraging if it's not passing.

LionelTeo

I don't know how much you spend on reviewing the study materials contents. One very special tip that I would want to share to you is to buy a highlighter; reread your books and start highlighting key points throughout your book again to ensure that everything you had studied had gone in your head. And to be honest, most of the practice question (including the official Studiescope) had many unfair questions and far from the actually CISSP exam questions itself. One good example is the range of question from architecture that forces you to remember stuff while the exam is heavily base on decision making in terms risk management business perspective.

Remember the key points from Eric Conrad study guide is all what you need in terms of memory work. The rest is all on management skills and decision making. My recommendation is to get a really solid practice test out there to test your skill and stop getting set backs because of crappy range of question written by people who took them from the Information Security Management Handbook and specify answer that you had to remember word for word of everything in the book. In terms of practice, CCCure can help your mind in answering some of the obscure wording questions, while GIAC Information Security Profession (practice test), while open book can train your mind towards to scenario base questions. In addition, it also helps to bridge to difficulty from having a practice (or actual exam) in open book before going to the close book CISSP exam.

I took the GISP -> CISSP path and had my company reimburse for both, if your company can't pay for your certs then at minimum get the GIAC Practice Test (129 USD / 250 Question / Use Once) at least once before you took your actual exam. If you can pass the GIAC GISP at first try, chances of you nailing the CISSP first time is much relative higher, the only gap you had to work on after GISP would be memory work and constant CCCure practice.

GeneC

After taking two days off and getting back in the right mind space I have re focused and had some successful tests last night. I made a very detailed study plan and I know exactly what time, what domain, what tester I will be using, no more ad hoc studying.

One of the biggest changes I made was switch my practice test engines. I moved away from CCCure and will come back to it 2 weeks prior to exam date. I have for the past 2 nights used Total Testers (CD included in AIO), McGraw-Hill online test engine and transcender (corporate account).

I feel like I am back in control after 2 days off, some rethinking and re- planning.

LionelTeo, I have hit the book with a highlighter and this has made a huge difference in one domain alone. This allowed me to absorb quite a bit more. Previously I was reading on my kobo either on breaks or before bed and just reading like a novel was not beneficial, time efficient or productive. Having the electronic version does help when I an searching for answer explanations as you can quickly search for key words and topics.

I have very quickly realized that the CISSP is more mind over mater that’s for sure. Its passable for sure as thousands have done it but buckeling down and giving up everything for 3, 6, 9, months etc….That’s the real effort!

Thanks

Gene

GeneC

Good Day,

Over the past few posts I have been reading about how the GIAC GISP certification or practice exam will help and be of value when prepping for CISSP. So I am fully committed to CISSP but had i known the similarites about a year ago I may have taken that route.

So my question here is the practice exam $129usd for 1 full practice exam (250 questions). This sounds like a great resource. Same domains ,look, feel, time limit. Open book and you can see your answers immedietly.

How long do you have access to the same exam? Its not take it once and gone.

Thanks
Gene

broli720

I would focus on learning the material first before investing in practice exams. I didn't do a practice exam until the week before my test. Be honest with yourself and you'll know when you're ready.

NimrodHunter

Hi GeneC, I also have experience across multiple domains and I can only speak from my experience. I just passed the CISSP on 4/25, I also was scoring 50-70 percent on the practice tests and was getting discouraged, but just kept pushing through. From my experience with test is don't get discouraged because what i read and what the practice tests was nothing like what is on the test. Trust in yourself and your experience, don't answer the questions as if you were a tech. Answer the questiona in a managers mindset. Always remember people always come first, business and then the rest (isc2 code of ethics). Should be what you follow. There will be questions that have two really good answers and one would be what I would answer as a tech and the other as a manager. Think what would I do if I were manager for the betterment of people and the org.

Eric Conrad, Shon Harris and any other author do not decide what is or isn't on the test, ISC2 does.

Take a deep breadth and believe in yourself.

Just make sure you understand the concepts.

I read Shin Harris AIO 6th Ed, Eric Conrad Study Guide 2nd Ed and 11th hour, and Michael Gregg Exam Cram.
Each were valuable in their own right, but the test will truly challenge you. I kept saying, these questions weren't addressed in any of the books! So I said what would I do if I were manager.

Good luck to you.

LionelTeo

GeneC wrote: »

Good Day,

Over the past few posts I have been reading about how the GIAC GISP certification or practice exam will help and be of value when prepping for CISSP. So I am fully committed to CISSP but had i known the similarites about a year ago I may have taken that route.

So my question here is the practice exam $129usd for 1 full practice exam (250 questions). This sounds like a great resource. Same domains ,look, feel, time limit. Open book and you can see your answers immedietly.

How long do you have access to the same exam? Its not take it once and gone.

Thanks
Gene

Its a used once exam, you cannot access to it after you had taken it unless you buy another one. That is the downside in regards to the exam, but I did not know of any restrction for copying the question out for personal use and studying, the only exception is that you cannot share the question out to the public for obvious reasons.

From personal experience, I took GISP before taking CCCure to pratice for my CISSP. I got 78% for my GISP real exam and hit 70+% for the two giveaway practice test that comes with the exam. Subsequently, I got my employer to reinburse for the GISP exam. So in a way its a beneficial test if you had an employer that its willing to shoulder the cost of the certification if you can pass it, otherwise from pocket money, 129 USD is a good experience for the quality of 250 question.

After my GISP, I move on to CCCure questions, I was disappointed and was hitting 65% on full test. I was thinking if the CISSP exam format is similar to CCCure, my chances of passing CISSP exam would not be high. I had the same setback as you back then. This makes me sought for alternative, the official Studiscope given prepared by ISC2, I painfully paid for the questions from my own pocket, and the question banks isn't really any better than CCCure themselves, lots of word by word answers from information security handbook. I only scored 64% on my first attempt on the first set.

At that point of time, I thought I would most likely failed the CISSP exams, I did what I can do best and pratice as much CCCure as possible till I got 80%. I went in the exam hall with doubts and worries of the exam format. To my surpise of the exam, its neither anywhere close to CCCure or Studiscope, but rather, a similar format to GISP in terms of scenario base question. In a way, GISP had heavily train my mind well in answering those question, I wasn't so stress out since I had a good preparation in those aspect.

However, GISP do not fully cover the holy grail on CISSP questions, the obscure type where every answer seems wrong or correct, and you had to make the best of it guessing what the question really wants. This is where CCCure helps in a way, at times you will hit a CCCure question where you do not know the answer, if you are good in guessing and eliminating answers, you can use the same technique against those same obscure question/answers format in the CISSP exam.

Another portion of the exam would be memory work, Conrad Book is good enough to help in those. I would also suggest to try the 2 sets of practice questions on corad syngree study website, along with CCCure, you should be able to score as much as possible in those memory work question.

In summary, the types of questions you face in CISSP Exam are compliment by the following
Scenario Base - GISP
Obscure Selections - GISP/CCCure
Memory Work - Conrad/CCCure/HighLightning books while studying.

Also, I would suggest to aim to highlight in a way so you can quickly revise the whole book just by reading the highlighted points.

LionelTeo

In regards to really using the CCCure,

My suggestion to you is to pratice one domain at time for 25 question. Rotating a domain each time. This allows you to really know your weak domain. Let me emphasize that you should not keep practising a single domain, otherwise you will remember the questions/answer pair so quickly that defeat the use of CCCure. Rotate in a way to ensure you will easily forget the question.

Once you rotate through the 10 domains twice, go for a 250 question pratice, then move on to do a 125 question for the 5 weakest domain everyday. Finally on the final countdown the exam, focusing practicing on the 2 weakest domain on daily basis.

For GISP,

even though its open book, try to select the correct answer before even refering to the book, since CISSP it's a close book exam, ideally you would not want to use the book as much as possible. If you do, then make note of it that you would need to rework on your memory work on that section. The exam explains very clearly for all wrong answer; read up and research on them if you are not clear.

At the end of the exam, you will get a score report on each areas, use the score report to focus on your weakest domain as much as possible.

awh

Hi GeneC, just wanted to share my experience with you here. I passed my CISSP examination in the first attempt yesterday. Lot of doubts had crept into me a day before the exam and i was pretty sure i have to come back another time when i entered the exam center

I followed a very simple approach to examination i read the Shon Harris AIO book end to end starting with the way the chapters are organized. Believe me when i say this i read SDLC and Operations chapters a day before exam for first time, however when i read them, i ensured that i tried visualizing all key areas within the chapter based on pointers from a combination of questionnaire from AIO, CCCure as well as Shon Harris's questionnaire set book for CISSP

I kept marks in range of 70% throughout , which i believe are ok kind of scores, but did help me identify where i was weak.
When it came to the real exam here are my tips

1. The exam tests your mind on the best approach to a question. My approach was simple i wrote down key points from each question and accompanying answer on the rough sheet of paper given by the exam center

2. I then started evaluating the answers on the rough sheet and evaluating them on a mental score card as to which would apply best. This did take some time, but this is how started building confidence

3. 3 hours gone, i had only answered 117 questions out of 250. Then i increased my speed to complete exam all questions by 5 hours. I kept flagging all questions where i had doubts throughout this process

4. I utilized last hour again utilizing the rough sheet to compare the answers i had flagged for review. This helped me change up to 30 answers.

I just wanted to share this pointers with you. Best wishes from my side for your preparation and exam.

GeneC

@ NimrodHunter and @AWH, congrats to both of you for achieving your CISSP. What a challenge and what better the success.
Also @LionelTeo, thank you for your thorough responses, such valuable advice. At first I doubted what you mentioned about the GISP practice exam but I think this will serve as a valuable resource for exam day.

I have really pulled up my socks the past 2 weeks and have really gotten organized with a study plan, quizzers, and 3 highlighters (eh LionelTeo!) It has been working as I am retaining info, scoring well and am confident as the days go by.
It’s a huge sacrifice, currently at the library on a nice Sunday afternoon while my kids are playing in the backyard without me. I have booked my only 2 weeks of vacation prior to me exam date for the final drive. Difficult but doable.
Thanks all,
GeneC

PS I don’t think I have broadcasted it but I am scheduled for June 27^th……T minus two months to the day!

emerald_octane

GeneC wrote: »

I have really pulled up my socks the past 2 weeks and have really gotten organized with a study plan, quizzers, and 3 highlighters (eh LionelTeo!) It has been working as I am retaining info, scoring well and am confident as the days go by.
It’s a huge sacrifice, currently at the library on a nice Sunday afternoon while my kids are playing in the backyard without me. I have booked my only 2 weeks of vacation prior to me exam date for the final drive. Difficult but doable.
Thanks all,
GeneC

Just get it done. It may seem impossible but wow, the amount of response I got after getting the CISSP was/is ridiculous.

LionelTeo

GeneC wrote: »

@ NimrodHunter and @AWH, congrats to both of you for achieving your CISSP. What a challenge and what better the success.
Also @LionelTeo, thank you for your thorough responses, such valuable advice. At first I doubted what you mentioned about the GISP practice exam but I think this will serve as a valuable resource for exam day.

I have really pulled up my socks the past 2 weeks and have really gotten organized with a study plan, quizzers, and 3 highlighters (eh LionelTeo!) It has been working as I am retaining info, scoring well and am confident as the days go by.
It’s a huge sacrifice, currently at the library on a nice Sunday afternoon while my kids are playing in the backyard without me. I have booked my only 2 weeks of vacation prior to me exam date for the final drive. Difficult but doable.
Thanks all,
GeneC

PS I don’t think I have broadcasted it but I am scheduled for June 27^th……T minus two months to the day!

Great to hear the highlighter tip is working for you. I would also recommend to have a pen to label each section as R,U,M (Read, Understand, Memorize) Everyone strength is different, example for strong areas like encryption can be "U" for me while networking can be "M" for me; this can be different for a network engineer. Labeling will help when you revise the book in the future, 500 pages can be easily break down to 1/3 of the book that you only require to read the "memorize" section, and for this 1/3 section that you had to memorize, you only require to read the highlighted words. Its a good trick to turn a 500 page book into a quick 30 mins flip over whenever you require it. Especially during the last week of your exam.

I also personally like to take the first letter of every point and string it up to vulgar or dirty words for memorizing, if possible, rearrange them to a word or string you can make sense of. Eric Conrad provide a good example of Please Do Not Throw Away Sausage Pizza. Another way would be like Punitive damages is meant for a "punishment", since my english understanding of punitive isn't good so I had to resort to ways to remember what punitive financial damage is, this eliminate one thing to remember. As long as it can relate to you, it can help a lot. Setting up your own remembering words or phrase also helps, since you apply your creativity to it, the chances of you remember something that belongs to you is much higher.

Don't feel setback because of the practice question by CCCure, they are not accurate to the exam, this exceptionally true with the amount of useless architecture questions that doesn't even apply. But if you at below 65% for GISP practice question, you should really worry about it, CISSP is about thinking like a manager, and you should prepare and train yourself to think. I will still advise to use CCCure, it helps to train in answering question that don't you do now know the answer to, thus training up your skills in eliminating the incorrect answers,which is very important in the CISSP exam.

One last thing to mention is that the 11th hour book is a valuable resource I would highly encourage to pick up given the reviews and feedback on it. Although I did not use it, I will highly you prepare to have the book by your side as it helps for a last minute read through.

jvrlopez

Don't get discouraged by lower than expected test scores. My first time through I bombed all the software development questions with like a 50% and got so mad I tried to rip my book in half (luckily it's thick). Sometimes after a marathon study session, you want to try and rush through the practice questions and sometimes you can't focus as usual. This strung me up on some easy questions sometimes (like what level is the kernal).

You have plenty of time to go over all the material multiple times. It might seem like a challenge now, but believe, it will pay off during the exam.

Go get it!