Supposed to test Dec 26th but worried about the new test

Hey there! I am relatively new to the forum and have been lurking. I am currently an ISSM for a DoD contractor and need to get my CISSP. I have over 10 years experience (total) in IT and Information Assurance. I took the CISSP week long boot camp in October and felt like 2 months would be plenty of time to study but I am starting to rethink that decision. I have been studying the Sybex tests from the text as well as the ACE Sybex tests from the practice test book. I have also been doing Boson. While I feel like I have a lot of knowledge I still feel it's all over the place. I have good days and bad with the testing. And I have been studying for the old way of testing and fear of the unknown with the CAT is freaking me out. My company is paying for me to have 2 tries for the test. I am not sure if I should "take one for the team" and go ahead and test on the 26th even if I don't pass, just to know what to expect, and then study more and test the 2nd time, or if I should just pay the fee to reschedule the test for after I hear more about what the new test like. What a conundrum! Based on some of the stuff others on this site have said they studied I am also second guessing if I had enough study material. Then again, I don't want to overdo it and get overwhelmed, as this is overwhelming enough for me.

What would you guys do in this situation? Just trying to look at all the different angles. Thanks!

Find more posts tagged with

Comments

MIME

I'm also a DOD contractor. I'm hoping folks like you with companies willing to pay for two tries will "take one for the team" and take it on the 26th. If you were paying for it yourself I'd hold off but given your situation would go ahead and go for it! Good luck and do keep us posted on your decision.

shochan

If you are ever worried about an exam, then ALWAYS reschedule. You need to know it LEFT/RIGHT/UP/DOWN and be confident before you schedule an exam, otherwise you are just wasting time and money!

cyberguypr

What in the world is with the ridiculous freaking out over the CAT implementation? This needs to STOP. The CBK did not magically change 180 degrees and made all the "old" stuff obsolete. If you understand the material the test can change weekly and you should not worry about it.

NetworkNewb

cyberguypr wrote: »

What in the world is with the ridiculous freaking out over the CAT implementation? This needs to STOP.

LOL, right its not like it is a completely different test. You either know it or not. I don't know about other people but I'm pretty happy it is a shorter test now!

cyberguypr

I swear that next "OH MY GOD CAT" thread that I read will make me quit TE. Well, maybe take like a 2 hour timeout cause I really like it here. LOL

clconrad1

HEYYYY now! LOL! I know it seems stupid, but I like the crutch of being able to go back and review my answers. it's what I have been taught to do my entire life. Go through the test and go back and review. You never know when you might read something wrong, or have a temporary brain fart. I have actually taken a test and clicked an answer and thought, "wait...that's not it." The beauty was that I was able to correct myself. I 'get' that the test is the same material. I just wish there was a way to get the best of both worlds. And NO one wants to be one of the first people to take the plunge with a major change when money is involved. Granted, my company is paying for 2 tries but still.... I am going to continue studying/reviewing and will decide before Friday what I am going to do.

averageguy72

If you're score well on the Boson practice tests, as in >= 90%, I'd say you know the material well. I doubt the change to adaptive testing will make much of a difference if you're at that point, IMO.

Info_Sec_Wannabe

cyberguypr wrote: »

I swear that next "OH MY GOD CAT" thread that I read will make me quit TE. Well, maybe take like a 2 hour timeout cause I really like it here. LOL

I was one of those previously freaking out due to this change, but thanks to cyberguypr for letting me know that this has been the case for the Microsoft exams for years (although I haven't taken a single one).

Will take my sweet time preparing for the exam since I won't be meeting the experience requirement up until Sept 2018 anyway (due to my mostly audit background).

McxRisley

cyberguypr wrote: »

What in the world is with the ridiculous freaking out over the CAT implementation? This needs to STOP. The CBK did not magically change 180 degrees and made all the "old" stuff obsolete. If you understand the material the test can change weekly and you should not worry about it.

I don't get it either. The test is actually most likely going to be a bit easier, especially since its being made shorter. All of these people clamoring to take the exam are going to be really upset with the "New CISSP format is much better and less stressful" posts that start popping up lol

mollies_ribbons

Please correct me if I am wrong, but I think "Microsoft administering CAT exams" is wrong. I took 3 Microsoft exams within this last year, and

* they had a fixed number of questions
* you could skip to the next question without answering the current one
* you could mark a question, and return for review
* a correct/false answer did not affect the following questions' difficulty

80% of the test is of regular type. The only exception is, the exams also have 2-3 "scenario based question groups" of 4-5 questions each. These groups are like sub-exams, and make up only 20% of the overall exam. You are able to navigate within the sub-exam. Once you complete the sub-exam you are in, you return to the main exam.

My experience with CATs are:

In the 1990s, there were limited certification choices you could take, and for most of decade Novell Netware certification was the craze. As more people began queuing for the exam, Novell claimed that with their amazing CAT formula, they were able to measure one's competency with a 12 (twelve!) question test, within around 15 minutes total (for $125 a try).

Microsoft and CompTIA did try CATs in the early 2000s, but quickly abandoned. CompTIA was to last the abandon it in 2004.
https://www.certforums.com/threads/comptia-abandons-adaptive-testing-for-a.361/
(Note that one can feel the relief that CATs were gone for good in the above link)

I think no one in TECH certification has done CATs since then. Even, even old Novell seems to got rid of it sometime:
Novell CNE certification - Certified Novell Engineer

It would more comforting for me if CAT were a never-tried, brand new innovation. But rather it is an old fad tried by different certification authorities in different times of which all failed.

I suspect the story within ISC2 simply went: "Hey, how about we come with a "concentrated" exam, and cut the exam time in half. Less money for the exam centers! Think all the DoDD 8570 spoils that we will stay in OUR pockets!". But CAT has so serious shortcomings that I will not be surprised if ISC2 silently abandons it eventually.

One should not put unlimited, blind trust on the certification companies' judgements and decisions. To give an example, PMI had raised its passing score for its PMP exam to 81% out of the blue. After 6 months, they lowered it back to 61%. The time inbetween, about everybody that took the exam simply failed.

MIME

If the exam cost less I might agree with you on the test centers making less $$ but since it costs the same my theory is that they want to get people in and out of the test centers faster thus test centers and ISC2 make more $$

Masked_King

shochan wrote: »

If you are ever worried about an exam, then ALWAYS reschedule. You need to know it LEFT/RIGHT/UP/DOWN and be confident before you schedule an exam, otherwise you are just wasting time and money!

Borat is right on this. Check your sources, I mean SAUCES, home skillet.

Diminutive

Good luck from a fellow contractor. I passed last Thurs and the CAT wasn't bad... honestly I wondered why I wanted to do 250Qs because even a 100 started making me jittery. Just remember to read sloow and not blast through like you can do multiple passes.

McxRisley

Diminutive wrote: »

I passed last Thurs and the CAT wasn't bad...

WHAAAATTTT!?!?!? You mean the sky didn't fall and a plane full of n@zis didn't crash into your testing center while you took the new exam, kidnap you and attempt to sell you back to your country for ransom?!?!? That's amazing!

But in all seriousness, people got waaaaaaaaay to bent out of shape over a change that made the exam better. Congrats on the pass and nice profile pic, I hear ISC2 runs on the some business model as the mooninites...

Diminutive

McxRisley wrote: »

Congrats on the pass and nice profile pic, I hear ISC2 runs on the some business model as the mooninites...

Thanks! Yeah $700 for a 1 hour 100Q test seems ... underwhelming to me... won't say its a scam but... well good thing my employer is paying.

McxRisley

Diminutive wrote: »

Thanks! Yeah $700 for a 1 hour 100Q test seems ... underwhelming to me... won't say its a scam but... well good thing my employer is paying.

Well it could have been worse, you could have paid $900 for a 30 minute test like the CEH...

clconrad1

No bueno for me. I took the CAT. It was not as bad as I thought, but...my study focus was kind of skewed. Some of the stuff I thought would be more important was not. Like I got no ARO, SLE questions at all and i focused like crazy on those. It was more of the same with other stuff. I really focused on certain things and it kept me from diving into other stuff. I have 3 domains I need to really brush up on and the rest was ok. I can't imagine taking a 6 hour test. I was dying at the 3 hour one! I am a little bummed that I didn't pass but it's not a total shock either. Now I know how I need to study and what domains I need to focus more on. I plan on rescheduling in a month if I can, maybe 6 weeks. I have to really crack down because this is my final chance (paid for by work anyway). I did not find that it was that similar to the Sybex questions on my exam. I thought the Sybex questions were less in-depth but the test questions made you deep dive, at least on my test.

DZA_

Always establish a game plan if you failed. Keep on focusing on your weak areas until your domain scores on quizzes and exams are higher (Above 80%). What were your weakest areas? Don't forget to maintain the level of consistency with your other domains or else you'll be back on the same boat. Good luck on your re-test.

clconrad1

I was weak on Domain 4 and 7, which I understand. I get confused with the OSI layers and what goes where. I overthink it. My strategy now is to memorize. I always try to read too much into stuff and I get myself confused. For Domain 7, think my issues were with IDS and Pen testing. I don't really have a lot of real world experience with that so it's hard for me to grasp without seeing it, as I learn from doing. And then, I surprisingly was weak in Domain 1 and I felt like I studied that a lot. Plus I do a lot of the Risk Management in my job. However, there were primarily BCP, BIA questions and they tripped me up. I guess I was focusing more on the level of what *I* do and less on what goes on at higher levels. I scored above proficiency in Security Engineering. So weird.

geraldgreen22

clconrad1 wrote: »

I was weak on Domain 4 and 7, which I understand. I get confused with the OSI layers and what goes where. I overthink it. My strategy now is to memorize. I always try to read too much into stuff and I get myself confused. For Domain 7, think my issues were with IDS and Pen testing. I don't really have a lot of real world experience with that so it's hard for me to grasp without seeing it, as I learn from doing. And then, I surprisingly was weak in Domain 1 and I felt like I studied that a lot. Plus I do a lot of the Risk Management in my job. However, there were primarily BCP, BIA questions and they tripped me up. I guess I was focusing more on the level of what *I* do and less on what goes on at higher levels. I scored above proficiency in Security Engineering. So weird.

Which pieces of information do you feel is important to memorize?

clconrad1

What components belong where in the OSI model. I get Data, Session and Network all mixed up but I have Physical,Transport, Presentation and Application down pretty well. I mean the components, not the order of the stuff. I know the Please Do Not Throw Sausage Pizza Away thing. And I choked on which firewalls to use for certain things and know I got some Pen testing stuff wrong.