CISA - December 2010

cabrillo24 · October 2010

Not a very popular topic on here, but figured I'd start a thread. Anyone else takings this? What are you using?

Testing location:
Richmond, VA

Online:
Certifiedinfosec.com CISA Super Review - $500, but I really enjoy the course and this has been my primary study tool.

Books:
CISA All-In-One - Peter Gregory (hard cover and bought the Kindle version)

Flashcards:
ISACA CISA Exam Review 2010

John.Feist · November 2010

cabrillo24 wrote: »

Not a very popular topic on here, but figured I'd start a thread. Anyone else takings this? What are you using?

Testing location:
Richmond, VA

Online:
Certifiedinfosec.com CISA Super Review - $500, but I really enjoy the course and this has been my primary study tool.

Books:
CISA All-In-One - Peter Gregory (hard cover and bought the Kindle version)

Flashcards:
ISACA CISA Exam Review 2010

I am also preparing for the Dec exam. I do like the course content for the most part. It is a good complement to the CISSP.

Just using the ISACA study guide manual, practice questions and supplement. I was thinking of getting the question database but that is $185 more out of my pocket for a suite of possibly the same questions.

I did spring for a 4 day CISA bootcamp/review more $$$ Jury is still out on the value added.

I may review the ITIL framework as well just to nail down the construct. Time dependent.

From what I have read, it is just a matter of knowing the CISA culture and applying it to the questions.

cabrillo24 · November 2010

John.Feist wrote: »

I am also preparing for the Dec exam. I do like the course content for the most part. It is a good complement to the CISSP.

Just using the ISACA study guide manual, practice questions and supplement. I was thinking of getting the question database but that is $185 more out of my pocket for a suite of possibly the same questions.

I did spring for a 4 day CISA bootcamp/review more $$$ Jury is still out on the value added.

I may review the ITIL framework as well just to nail down the construct. Time dependent.

From what I have read, it is just a matter of knowing the CISA culture and applying it to the questions.

I agree, the CISSP is a good compliment to the studying of the certification. I believe it provides a good foundation coming into preparing for this exam, in terms of terminologies and technologies. Obviously there are different scopes, as the CISSP generally seeks best security practices, whereas the CISA material, as you said, is a matter of knowing the CISA culture.

I've gone through the online CBT about 2.5 times. For the last few weeks I will be going over the ISACA questions. I'm averaging 76-93% on the practice exams I'm taking (30 at a time). My weakest domains are Systems Life Cycle and Business Continuity/Disaster Recovery, will definitely put a focus on that the days leading up to the exam.

John.Feist · November 2010

cabrillo24 wrote: »

I agree, the CISSP is a good compliment to the studying of the certification. I believe it provides a good foundation coming into preparing for this exam, in terms of terminologies and technologies. Obviously there are different scopes, as the CISSP generally seeks best security practices, whereas the CISA material, as you said, is a matter of knowing the CISA culture.

I've gone through the online CBT about 2.5 times. For the last few weeks I will be going over the ISACA questions. I'm averaging 76-93% on the practice exams I'm taking (30 at a time). My weakest domains are Systems Life Cycle and Business Continuity/Disaster Recovery, will definitely put a focus on that the days leading up to the exam.

Just picked up the question database for $120. They dropped it down from $185 which is a good deal. I did some testing with one and liked the interface better than the books (same questions).

Doing on a average 80%, mostly due to not taking the time to read the questions or answers fully. That is my main weakness. I have been doing this stuff for so long that I have to put my experience and knowledge aside to apply the CISA material answer even it I know it's wrong. I am getting better at dumbing down lately.

cabrillo24 · November 2010

John.Feist wrote: »

Just picked up the question database for $120. They dropped it down from $185 which is a good deal. I did some testing with one and liked the interface better than the books (same questions).

Doing on a average 80%, mostly due to not taking the time to read the questions or answers fully. That is my main weakness. I have been doing this stuff for so long that I have to put my experience and knowledge aside to apply the CISA material answer even it I know it's wrong. I am getting better at dumbing down lately.

I'm averaging about 90-96% now that I've spent a week on the study questions. I'm understanding why the right answers are the right answers.

Understanding how CISA asks their questions, and keying in on modifiers in their questions has really allowed me to pick up on the BEST answer on these questions, that has helped out tremendously; whereas, the CISSP was based off best practices. The CISA feels like an extension of the CISSP with a more specific job function. I obtained my CISSP in June, and went right into studying for this.

I'm hoping it's enough to pass. I will be reviewing the study questions till Sunday, and next week go through all the domains on my online course, and then finish up the last week with simulated 200 question exams per day to pick up my endurance.

John.Feist · November 2010

John.Feist wrote: »

Just picked up the question database for $120. They dropped it down from $185 which is a good deal. I did some testing with one and liked the interface better than the books (same questions).

Doing on a average 80%, mostly due to not taking the time to read the questions or answers fully. That is my main weakness. I have been doing this stuff for so long that I have to put my experience and knowledge aside to apply the CISA material answer even it I know it's wrong. I am getting better at dumbing down lately.

Correction, The $120 was the CISM db. Called ISACA and they will refund. The correct cost for CISA is still $185. Thought I had a deal there ha ha.

Agreed, it is all about learning the CISA culture. I just picked up the CISSP at the Sept test. 42+ years here with Infosec and procrastinated here for the longest time. Could of Grandfathered in way back at the start and even took a bootcamp 3 years ago and still procrastinated ha.

My course of action is parallel to yours mixed with course reviews and battery of questions. Saving the 200 practice suite for the 3~4th followed by gap filler studies and prayer.

The real test will be applying the knowledge to a real time IS audit.

John.Feist · November 2010

I found this CISA Test thread to be interesting:
CISA Test Done - The Daily Nugget

There is a lot of folks stating that the test is harder and more subjective than the CISSP.

I had also realized that one needs to complete each answer within 1 min to leave a little space for those "difficult" questions. 240min/200=1.2min per question. That is a quick pace to be kept up when one is trying to analyze a subjective suite of answers. Some of which may be all correct.

Should be interesting. I am doing series of 100 database questions but need to make time for the ITIL review. 14 days and ticking...

cabrillo24 · November 2010

John.Feist wrote: »

I found this CISA Test thread to be interesting:
CISA Test Done - The Daily Nugget

There is a lot of folks stating that the test is harder and more subjective than the CISSP.

I had also realized that one needs to complete each answer within 1 min to leave a little space for those "difficult" questions. 240min/200=1.2min per question. That is a quick pace to be kept up when one is trying to analyze a subjective suite of answers. Some of which may be all correct.

Should be interesting. I am doing series of 100 database questions but need to make time for the ITIL review. 14 days and ticking...

Remember, this was in 2003 when the certification didn't have as much as renown as its starting to becoming now. There are more mature training materials and online resources in a much more organized fashioned.

Not trying to say this examination will be a cakewalk by any means, but that we are potentially much better prepared than an examinee from 7 years ago.

I finished the CISSP exam in 4 - 4 1/2 hours (from what I recall), while taking a 5 minute break every 45-60 minutes (so 20 minutes total in breaks).

I don't think time will be an issue if you're prepared. 1+ minute is a long time to answer a question. What I did for the CISSP is that if I couldn't answer a question right away, I'd circle the two most similar answers in the worksheet and move forward. By the time I reached the end of the booklet and returned, I could analyze the answers more granularly. I will probably take the same approach.

I've going through the CISA Super Review Online CBT, doing a domain per day for the week. Then I'll focus on doing more questions from the ISACA CD (which I'm scoring in the low to mid 90's right now). I feel that SDLC and BC/DR is my weaker domains, so I'll give those two domains a last review on the days leading up to the exam.

I already booked my hotel which is a half mile away from the testing site. 3 hour drive to this testing center, so I'm staying close by the night before.

My neighbor is proctoring the exam, how weird is that?

John.Feist · November 2010

cabrillo24 wrote: »

Remember, this was in 2003 when the certification didn't have as much as renown as its starting to becoming now. There are more mature training materials and online resources in a much more organized fashioned.

Not trying to say this examination will be a cakewalk by any means, but that we are potentially much better prepared than an examinee from 7 years ago.

I finished the CISSP exam in 4 - 4 1/2 hours (from what I recall), while taking a 5 minute break every 45-60 minutes (so 20 minutes total in breaks).

I don't think time will be an issue if you're prepared. 1+ minute is a long time to answer a question. What I did for the CISSP is that if I couldn't answer a question right away, I'd circle the two most similar answers in the worksheet and move forward. By the time I reached the end of the booklet and returned, I could analyze the answers more granularly. I will probably take the same approach.

I've going through the CISA Super Review Online CBT, doing a domain per day for the week. Then I'll focus on doing more questions from the ISACA CD (which I'm scoring in the low to mid 90's right now). I feel that SDLC and BC/DR is my weaker domains, so I'll give those two domains a last review on the days leading up to the exam.

I already booked my hotel which is a half mile away from the testing site. 3 hour drive to this testing center, so I'm staying close by the night before.

My neighbor is proctoring the exam, how weird is that?

It is a small world.

I am still in the mid 80's using the question 2010 data base. Still 300 unseen and should knock that off before the weekend. Weak areas are Audit and SDLC for the most part. I am rereading those domains to fill in the gaps. Nothing special. Oh, and am building flash cards for the areas where attention is required. I retain more if I write them. Using the technique from having two kids in college as coaches.

Sounds like you are on track and will get this behind you. Good luck.

colemic · November 2010

Good luck to everyone testing, I think I am going to shoot for the next cycle (June 2011.)

cabrillo24 · December 2010

One week to go! I feel prepared, I feel good. Going to spend my last week going over prep questions and SILC and BCDR domains (quick review)....I'm excited, lol...

rogue2shadow · December 2010

cabrillo24 wrote: »

One week to go! I feel prepared, I feel good. Going to spend my last week going over prep questions and SILC and BCDR domains (quick review)....I'm excited, lol...

Can't wait to see you bring home a victory!

John.Feist · December 2010

Well today is the day, and it is what it is. Pencils sharpened and coffee and exam ticket in hand. Hitting mid 90's on the db practice exams (200 hundred a sitting in about 2 hours) I decided to put the laptop away and just do a complete review of both question review manuals. As with the CISSP there is a mile wide and a foot deep of information. One challenge is that, in some instances, the correct/expected answer is different from the CISSP to the CISA questions. It's time for a good breakfast a prayer for clarity and strength followed by trip downtown. Strength and Honor...

rogue2shadow · December 2010

John.Feist wrote: »

Well today is the day, and it is what it is. Pencils sharpened and coffee and exam ticket in hand. Hitting mid 90's on the db practice exams (200 hundred a sitting in about 2 hours) I decided to put the laptop away and just do a complete review of both question review manuals. As with the CISSP there is a mile wide and a foot deep of information. One challenge is that, in some instances, the correct/expected answer is different from the CISSP to the CISA questions. It's time for a good breakfast a prayer for clarity and strength followed by trip downtown. Strength and Honor...

Good luck man!

cabrillo24 · December 2010

Sat the exam this morning. Finished in about 2 1/2 hours. Was able to go through the entire booklet first time through without going back.

I left feeling more confident than I felt walking out of the CISSP exam; however, you never really know. There were probably 2 or 3 questions where I was absolutely stumped and had no idea to what they were speaking to.

Took the test at Richmond VA, the VCU campus. Had to sit in student desks which were very uncomfortable and extremely small, no way to fit your exam booklet, scan tron and pencils on the entire desk, you have to find a way to make it work. No drinks or snacks allowed in the room, whereas the CISSP they let you have a drink or snack at the table and in the back of the room.

The proctor was reluctant to let people go to the bathroom once they entered the room. I personally believe they were on a power trip. To me registration is to assign seating, and to let them know who is here, not to tell people "once you register, you're not allowed to go to a restroom." People registered as early as 745, the exam instructions weren't going to be read until 830. Also, I couldn't keep a transparent small pencil box at my desk, so I kept on fearing my pencils rolling off those students desks because they were at an angle. All throughout the test you could hear people's spare pencils rolling on the desk hitting the floor.

I'm not sure how other people's testing experiences are, or testing environments, but this was bad, but didn't affect my performance.

ibcritn · December 2010

cabrillo24 wrote: »

Sat the exam this morning. Finished in about 2 1/2 hours. Was able to go through the entire booklet first time through without going back.

I left feeling more confident than I felt walking out of the CISSP exam; however, you never really know. There were probably 2 or 3 questions where I was absolutely stumped and had no idea to what they were speaking to.

Took the test at Richmond VA, the VCU campus. Had to sit in student desks which were very uncomfortable and extremely small, no way to fit your exam booklet, scan tron and pencils on the entire desk, you have to find a way to make it work. No drinks or snacks allowed in the room, whereas the CISSP they let you have a drink or snack at the table and in the back of the room.

The proctor was reluctant to let people go to the bathroom once they entered the room. I personally believe they were on a power trip. To me registration is to assign seating, and to let them know who is here, not to tell people "once you register, you're not allowed to go to a restroom." People registered as early as 745, the exam instructions weren't going to be read until 830. Also, I couldn't keep a transparent small pencil box at my desk, so I kept on fearing my pencils rolling off those students desks because they were at an angle. All throughout the test you could hear people's spare pencils rolling on the desk hitting the floor.

I'm not sure how other people's testing experiences are, or testing environments, but this was bad, but didn't affect my performance.

Yikes, that never helps to have a poor environment. I have had pretty good experiences with my exams, but mine weren't the the type of exam situation as CISA, or CISSP.

I suppose I will see how CISSP goes for me....I really hope they let me use the bathroom.

Hope you passed!

cabrillo24 · December 2010

ibcritn wrote: »

Yikes, that never helps to have a poor environment. I have had pretty good experiences with my exams, but mine weren't the the type of exam situation as CISA, or CISSP.

I suppose I will see how CISSP goes for me....I really hope they let me use the bathroom.

Hope you passed!

Is this your first certification exam utilizing a scantron? Makes you feel like you're in high school again.

Best of luck.

John.Feist · December 2010

Well my experience was a little different. The Ladies who proctored the exam were very diligent and alert. They noticed that my neighbor and myself had holes in the tabletop and gave us a hard surface to put under the answer sheets.
There was no clock in the room. This in itself created a risk for me not knowing where I was in relation to the test, answers and time. They only announce at 1 1/2 and 1/2 hours before the end of the test. If there is a next time, I will wear a watch.
Some people are great tactical test takers. For me, I am my worst enemy and am not a good test taker. I have a habit of getting drawn into the question and answers and analyze each component. Applying years of experience is not necessary a good thing and most often not the desired answer.
So, with that said, I did end up finishing 45 minutes early. During the test I circled some questions that were ambiguous. So, I spent some time to ponder these without the risk of running out of time. With this said, I left with a 50-50% feeling of passing. It was nice to take a long walk back to the car, on a sunny warm day, and clearing the head as much a possible.
There were different methods that our group did during the test. I had learned my lesson a while back to fill in the answer sheet as you go. Some folks did it in blocks of 50 or even 100. I do mark/rank the answers on the test book prior to marking the answer sheet. This proved useful when I skipped a question and the answers were one-off until I realized the mistake and made the corrections synchronizing both book and sheet.
So that was my experience and hopefully of some use. We shall see in 8~10 weeks if there will be a June reschedule for me.

cabrillo24 · December 2010

I answered in blocks of 20. First I'd answer in the booklet, and then transfered them onto the scantron. To the best of my ability and judgement, I would eliminate what I felt were the wrong answers, before deciding on the right answer. I would say "my hunch is the answer is (A) " but why isn't it these? Sometimes I'd get to a 50/50 point, but as I stated there were probably 2-3 questions I was absolutely stumped on, didn't know what direction to go in.

It was a very well written test. I hear complaints very often of how it's worded, but I think the test was very straight forward.

If I do end up failing this examination, I don't know if I'll go after it again right away, especially with the objectives changing for June 2011. I'd probably take it December 2011 or June 2012...but hoping it doesn't come to that point.

CISA - December 2010

Comments