First Post -- Passed CISSP first time!

AverageJoeAverageJoe CISM, CISSP, SSCP, CYSA+, SEC+, NET+, A+, LINUX+, PROJECT+Member Posts: 269 ■■■■□□□□□□
I've been lurking for a little while, learning from everyone here, so thought I'd share with the group my experience.

First, I'm in the Air Force and have been in Comm or IT for a long time. Early on I was an electronics tech and did some PC help desk support, but then moved to computer programming and database administration, then on to more managerial duties. I've only barely been what I'd consider technical in the last 10 years, but I've worked with or been in charge of a lot of highly technical (brilliant!) folks.

Also, just as a point of reference, I started out in the military right out of high school with no college, but I've taken a lot of night and online classes over the years, having earned a BS in computer stuff and a tech mgt MA. I took my CISM for the first time in December and passed, but I did not have a structured study plan so I wanted to do things differently for the CISSP. I don't have Sec+, but I do have NSTISSI / CNSSI 4011, 4012, 4015 and 4016 certs.

When I decided about 8 weeks ago to schedule the exam I set 24 April as my test date... the day before my birthday. That had to be lucky, right? I'm currently assigned to the Pentagon and live a ways out, and I rely on public transportation for my ride home. So I used my typical "read on the bus ride home and whenever I'm standing in line" strategy (I try to always have something to read with me) and started reading the same day.

3 books in 8 weeks, cover to cover, reading the chapters in the order they're in the book.


- 5 weeks on CISSP All-in-one, 6th ed by Shon Harris -- focused on trying to get the gist of each topic--understanding, but not necessarily deep understanding. I re-read a few sections as I went, but honestly, the book was too big to get in a "I must understand every detail" frame of mind. I wanted to at least be introduced to every topic and know some of the vocab and concepts.


- 2 weeks on CISSP Study Guide, 6th ed by Stewart, Chapple, Gibson -- paid more attentions to things I didn't quite understand from the first book. This was an easier read, maybe because I just finished the other book. It reinforced some of the things I knew or kind of knew and helped me understand a few areas that I hadn't taken the time to wrap my head around in the first book.


- 1 week on 11th Hour CISSP, 2d ed by Conrad, Minenar, Feldman. Nice short chapters! But I didn't time it quite right--it's 10 chapters -- I literally read ch 8 in the parking lot before going in to test and didn't read the last 2 chapters. This book was great, though. It's basically all the things you would have written down if you took notes throughout the other two books.

Okay, both from folks here and folks I know "in real life" I kept hearing that you have to do a lot of practice tests, but I didn't do any. I didn't even do the review questions in the first two books -- just focused on getting the gists of the topics, with a little extra focus on things like the OSI model that I hadn't studied in years (Please Do Not Teach Silly People Acronyms). I did do the end of chapter review questions for the third book (5 questions per ch), but I wasn't so much trying to answer myself as I was trying to see if I understood the answers.


We all have our own system, and mine is that I'm a maniac with a highlighter and post-it flags when I read. I took exactly 1 page of notes and that wasn't until the last book. I reviewed the notes the night before, then as the very last thing before I got out of the car to go test. When you test you get a mini white board so as soon as the test started I scribbled down what I could remember from my notes.

You have 6 hours to do 250 questions on a computer, mostly multiple choice but some drag and drop thingies. You can flag questions to come back to and you can go back to previous questions. Conventional wisdom seems to be to go thru and get the ones you know first, skip those you don't, and go back afterward to answer them. That's not how I test though. I'm more of a "Either I know it or I don't" kind of guy.

I figure I only have so much energy and concentration, so I don't want to waste too much of it on things I don't know. If I don't know it now I'm probably not going to know it after I'm cramped, tired, and depressed by the huge number of questions I couldn't answer. Likewise, if I spend too much time puzzling on ones I don't know, then I'm going to be more tired later and may mess up on questions I do know. So if I don't know the answer I try to quickly narrow it down to two or three more likely answers, make my guess, and move on.

I went thru the whole test only once, answered every question, and didn't look back. Well, one exception: somewhere in the first 20 or so questions there was one that I narrowed the answer down to two, guessed, and moved on, but one of the very last questions made me change my guess so I went back to that one question and changed the answer.

I took one 20-minute break after answering question #125 (half way). You can store food and drinks in a locker (they have keys) but you can't take anything to the computer. So on break I ate a banana, some candy (sugar!), and drank a Diet Coke (caffeine!) as I walked around the waiting room stretching. Then I went back in and finished the test.

Total I took about 3.5 hours (counting the break) and I had no idea if I passed or failed until I got the good word on my way out.

My final thought is that a lot of the test is about being able to think thru problems (but not overthinking them). To me, it seemed like there were often several right answers, so you had to think about which was more right, and I think that's something that often can't be memorized... sometimes you have to reason through it based on the scenario or situation.

That's it! 3 books, 3.5 hours, and a happy birthday!

Best!
Joe

Comments

  • aftereffectoraftereffector Member Posts: 525
    Congratulations Joe!
    CCIE Security - this one might take a while...
  • BlackBeretBlackBeret Member Posts: 684 ■■■■■□□□□□
    Congratulations. It's always good to see people who have the experience and study a bit passing without any problems. It means the material is right where it should be. That's a good sign for me and others.
  • DAVIS NGUYENDAVIS NGUYEN Member Posts: 1,472 ■■■□□□□□□□
    Congratulations icon_thumright.gif
  • TheProfezzorTheProfezzor Member Posts: 204 ■■■□□□□□□□
    Congratulations on the Pass.
    OSCP: Loading . . .
  • cgrimaldocgrimaldo Member Posts: 439 ■■■■□□□□□□
  • impelseimpelse Member Posts: 1,236 ■■■■□□□□□□
    Congrats
    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • cyberguyprcyberguypr Senior Member Mod Posts: 6,882 Mod
    Congrats and welcome!
  • jvrlopezjvrlopez Member Posts: 911 ■■■■□□□□□□
    AverageJoe wrote: »

    You have 6 hours to do 250 questions on a computer, mostly multiple choice but some drag and drop thingies. You can flag questions to come back to and you can go back to previous questions. Conventional wisdom seems to be to go thru and get the ones you know first, skip those you don't, and go back afterward to answer them. That's not how I test though. I'm more of a "Either I know it or I don't" kind of guy.

    I figure I only have so much energy and concentration, so I don't want to waste too much of it on things I don't know. If I don't know it now I'm probably not going to know it after I'm cramped, tired, and depressed by the huge number of questions I couldn't answer. Likewise, if I spend too much time puzzling on ones I don't know, then I'm going to be more tired later and may mess up on questions I do know. So if I don't know the answer I try to quickly narrow it down to two or three more likely answers, make my guess, and move on.

    I went thru the whole test only once, answered every question, and didn't look back. Well, one exception: somewhere in the first 20 or so questions there was one that I narrowed the answer down to two, guessed, and moved on, but one of the very last questions made me change my guess so I went back to that one question and changed the answer.

    This is my testing methodology as well. Either you know it then or you don't. Stressing, recalling back into your memory, and going over the question multiple times will not make the knowledge magically appear.

    Funny you should mention one question helping you on an earlier one. I had the same thing happen to me during my CISSP exam.

    I also used the same study materials (with the exception of actually reading the AIO from cover to cover).

    Congrats on the pass! That should make for a great EPR/OPR bullet.

    Happy belated birthday as well!
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
Sign In or Register to comment.