My 10 years illusive Journey to CISSP is officially over. Passed yesterday on the 2nd attempt at 150
First thanks to this wonderful community. I started my journey
with CISSP back in 2011, when you need to take the exam on paper. Man! I remember
my you know what was glued to the chair for 5.5 hours and that poor thing went NUMB
for a good amount of time once I was done with the exam, and failed with a 600
First, forward to 2021, I planned to take the first 100 questions, slowly without looking at the time. I would say after answering about 30-40 questions I kind of get the hang of how that Damn CAT is throwing out those questions. For one of the questions, I end up taking a 2-3 minutes power nap just to answer the questions. And was thinking who is that MF wrote this horrible Question, had a few of them but that question was way..way off. For some questions, I followed my gut and the17 years of experience helped me to do that. For some questions, I was fairly confident of my answers, for some I was not.
I used the following techniques to answer all the questions:
Ø I’m a consultant, and this is the advice I would give out.
Ø Does this solution(s) is economical and also resolve the issue(s).
Ø if one answer covers all the others, then it’s the right one.
Haha!! Since my journey started back in 2011 and ended yesterday, I could say that I dragged out the preparation longer than I needed. But! Life has always thrown curb balls at me. Scheduled to take the exam in 2018; had to cancel the exam. In 2019 same thing happened and the last straw was in 2020 when I lost Mom to covid, my elder brother was diagnosed with stage 2 cancer, Dad was in the hospital. Between June 2020 to April 2021, I had lost 10 close family members to covid and other diseases. So, you guys could imagine my mental health situation. I don’t know how I did not end up in a mental hospital. I wish my mom was here to see this, when I failed the exam in 2011, she just told me better next time. When I had to cancel the exam back in 2018, 2019 she just put her hand on my head said God has a better plan for you, you will pass the exam. God, I wish she was here to see this achievement.
Ø Sybex OSG 9th Edition (Did not read end to end).
Ø Pete Zergers videos (Inside Cloud and Security) were a great help.
Ø Boson test bank: Too technical but the explanation was a goldmine.
Ø YouTube questions from IT Dojo, Prabh Nair, and Larry Greenblat, and many others.
Ø Most of. Prabh’s ‘coffee shots’ were valuable, and I believe this one helped me to pass the exam
Ø Luke Ahmed’s material: Took the Study Notes and Theory subscription ( I believe I went t through around 10 video tutorials)
Ø Reddit forum learned a lot from there.
Advice to Test Taker:
Don’t lose your nerve during the exam, have faith in yourself. Also, get ready to pound by CAT in your weak areas. CAT figured out my weak areas were:
Ø Security and Risk Management
Ø Asset Security
Ø Identity and Access Management (IAM) (I worked in the IAM domain for around 4 years, that was not enough experience 😉 for CAT)
And boy! Oh Boy! I believe 60% of my question was from these three domains and the rest of the 40% was from the others.And my last thought is CISM+CRISC+CGEIT = CISSP exam. No wonder it is a monster of an exam.
Now off to endorsement 😉
Regarding your technique, I agree with the second two points. What got me over the hump when I passed in 2016 (after failing twice) was advice from my manager who said answer the question like he would. I was an Information Security Analyst that was purely technical and approached the questions as such. When I approached each question like my CISO would, that seemed to do the trick. Plus I studied a lot more between each fail
In a way, it also took me 10 years to get it. I heard about CISSP in 2005 while working as an application developer in a startup and thought it may be useful to my career. At that time, the exam was paper based, was only available twice (?) a year, and the only study guide was Shon Harris's thick AIO book, so I decided not to pursue. I did buy AIO book but did not read it.
From 2009, I transferred to an infra lead role managing the company's SaaS servers. As the company's business expanded, I found myself doing more security related tasks such as fixing VA bugs, securing web servers from hacking and mitigating DDoS attacks.
That got me interested in security as a career and I decided to take CISSP exam in end 2014. By then, CISSP exam was available at Pearson Vue as a 250 questions 6-hour exam. Eric Conrad's CISSP Study Guide was also available; it is an easier read than AIO. And it helps when you have experience in most of the 10 domains covered by the exam, I was able to grasp the concepts fairly quickly.
I studied for about 3 months and passed exam in end March 2015. I passed CSSLP in end 2015, and moved on to a security role. In 2017, I passed CCSP.
Also, thanks for sharing your thoughts on the exam. That type of information is extremely useful.