Passed the CISSP on August 25 in Vienna, Virginia - a note of appreciation

Hello. I'm a former long-time mainframe systems developer now working as a general IT consultant. As mainframes are becoming increasingly rare and elusive, I've been working to gain experience and credentials in IT security.

I've been studying for the CISSP exam for the past 3 months, at about 10-15 hours per week. During that time I lurked assiduously (say that fast 5 times) on the TE.net CISSP threads, and learned a great deal of information that I incorporated into my study plan and made use of during the test. I'd like to thank you all for that.

As for my study plan: I used Eric Conrad's CISSP Study Guide as a primary resource, with the associated online audio overviews and sample exams (with 500 questions). I also picked up Conrad's 11th Hour CISSP book to review highlights during the final week. I started to watch the videos provided by ISC2, but lost interest after a couple. Instead, I went through a series of online lectures provided by www.vte.cert.org that cover the 10 domains in 20+ hours. These are geared primarily towards DoD employees, but are quite well done and are available to anyone with a .gov or .mil email. I also signed up for the test question database at ccure.org. These have some wording issues, but do force you to think more deeply about the topic areas. I agree with Clement Dupuis that taking sample tests is the best way to study - when you miss a question on a test, you tend to remember it. For that reason, I picked up an older copy of Shon Harris's book for $5 or so to get the CD with 1,000+ sample questions - another fine suggestion someone made here. I was also fortunate enough to find a copy of the ISC2 Student Handbook on eBay, which has some bits of information ISC2 presumably teaches in their classes that I hadn't seen in other sources.

I had read that the questions on the actual test are unlike any sample questions, but I didn't find them to be all that different from the Conrad or Harris samples. Of course I have no way to know which questions I got right or wrong, but my impression is that the exam does emphasize human safety, general rather than specific answers, and a management rather than a technical perspective.

During the first pass I answered about 80% of the questions, which took a little over four hours. Some of those answers were shaky, but I didn't think they would improve if I kept thinking about them. Then I went back for a second pass, trying first to reduce the number of possibilities from 4 to 2. The 25 unscored questions and the unequal weighting of questions makes it impossible to do precise calculations, but I thought I was probably hitting around 80-85% of the first 80% (if you see what I mean), and something over 60 percent of the rest. There were only about a dozen questions I wasn't comfortable narrowing down to two options. Overall, I used just under 5 hours and 50 minutes. The proctor handed me a folded-up sheet, which I took down to the parking lot, bumping into a few walls along the way. Once in my car, I sloooowly opened the sheet and found the word "Congratulations!" I celebrated with a fist-pump and the traditional shouts of "Woot!"

Thanks again. You guys helped.

Find more posts tagged with

Comments

letstrythis1

A big congrats! Sounds like you had a solid study plan!

Vik210

Congratulation! You really seems to have prepared well!

cyberguypr

Congrats on the pass and thanks for sharing.

Thistleback

Congrats on your pass! Nice to get those results immediately!

JDMurray

Congratulations on the pass and thanks for the review!

I'm glad the information here at TE was a great help to you.

Mainframer

Thanks to all. I should add that there were many questions where the context wasn't clear (ah, what exactly are we talking about here?) Usually an innocent-looking word or two in the question helped dispel the fog.

Also, having (or manufacturing) a positive attitude is a valuable resource. After the first couple of hours, your brain is going to want to think about something else. Anything else, really. After a while, it's like wrestling with a large, slippery animal in a bowl of Jello.

When you're gently guiding your brain back to the next question (see? that looks interesting, doesn't it? nice brain!) -- it doesn't help if you're also battling a spiraling feeling of despair and betrayal. Best to think positive. Fake it if you have to.

tprice5

Ha I hope I can learn of my pass in an equally as cool way at some point.

Congrats!

Mainframer

JDMurray wrote: »

Congratulations on the pass and thanks for the review! I'm glad the information here at TE was a great help to you.

I also read all your blog entries. If you're ever in Northern Virginia, I'll be happy to buy you a beer.

webgeek

How are the lectures? Like skillsoft?

Mainframer

webgeek wrote: »

How are the lectures? Like skillsoft?

The vte lectures? They're aimed at military or DoD personnel who need the cert for compliance purposes, so they're brisk, straightforward and business-like - about what you might expect. The instructors know what they're talking about. I haven't used skillsoft, so I can't offer a comparison.

YuckTheFankees

congrats!

dmoore44

Congrats mainframer! Now, head down to the Dogfish Head Ale House in Fairfax or Falls Church and have a beer!

Iristheangel

Congratulations!

Mainframer

dmoore44 wrote: »

Congrats mainframer! Now, head down to the Dogfish Head Ale House in Fairfax or Falls Church and have a beer!

A fine thought. Another possibility is the Mad Fox Brewing Company in Falls Church.

Paperlantern

Congrats!

I am taking mine on the 10th. I just got CISSP For Dummies (the 4th edition that just came out on like the 17th of August), and i'm planning on flying through that (it will make 3 full books ive gone through on CISSP), then just taking as MANY practice questions as I can get my hands on from whenever it is I finish the CISSP for Dummies, until my test date. I hope to be as successful as you!

_Marauder

Congratulations!

sasho_zl

Hi Mainframer,

Congratulations for passing the CISSP!
I also used to work on Mainframe systems, and have now switched to Security Governance and Compliance job.
It's too bad to see more and more companies migrating off the Mainframe, and moving to the cloud or distributed environments and unfortunately - we - the mainframers need to adapt, and the Security is currently a hot topic and there are a lot of opportunities out there.
Good luck in your future endeavours.

Mainframer

Paperlantern wrote: »

Congrats!

I am taking mine on the 10th. I just got CISSP For Dummies (the 4th edition that just came out on like the 17th of August), and i'm planning on flying through that (it will make 3 full books ive gone through on CISSP), then just taking as MANY practice questions as I can get my hands on from whenever it is I finish the CISSP for Dummies, until my test date. I hope to be as successful as you!

Best of luck. I think the extra practice exams will pay off.

Mainframer

sasho_zl wrote: »

Hi Mainframer,

Congratulations for passing the CISSP!
I also used to work on Mainframe systems, and have now switched to Security Governance and Compliance job.
It's too bad to see more and more companies migrating off the Mainframe, and moving to the cloud or distributed environments and unfortunately - we - the mainframers need to adapt, and the Security is currently a hot topic and there are a lot of opportunities out there.
Good luck in your future endeavours.

True, but everything changes. And I've said just about everything I wanted to say in assembler.

Mainframer

Familiare wrote: »

Hi Mainframer,
I wish my Congrats.

I read your forum in that you refering "question context was not clear but extra practice exams will pay off ..."

Please let us know which practice exam will provide more confident to handling these kind of questions. " I am not asking about how to understand the concept,just to understand question and match the answer according to the question's context"

That's a bit tricky. I don't know of any practice exams that make you examine the wording of the question quite as carefully as the real test. One issue is that most practice tests are organized by domain, which helps more than you might expect. The real exam is of course randomized. Still, the questions at cccure.org, in the online exams available via the main Conrad book, and on the Shon Harris CD provide valuable information and a good test of where you stand - if you consistently score 80% for a given domain, you're probably in good shape. Of the three, I'd give a slight edge to the Conrad sample questions. On the actual exam, make sure to read each question slowly and carefully, and think about the context it suggests. I hope this helps.

JDMurray

Mainframer wrote: »

I don't know of any practice exams that make you examine the wording of the question quite as carefully as the real test.

The retired exam questions packaged and sold by the (ISC)2 as practice exams are pretty good.

Mainframer

Update: I received the official notice from ISC2 yesterday, confirming that I have been certified as a CISSP effective November 1st.

Turnaround time after submitting the endorsement was three weeks and two days.

Paperlantern

You must have submitted yours right after mine then around the 21st or 24th of Sept? I also received my notification yesterday. Well done!

cyberguypr

Familiare wrote: »

HI JD,
i google " retired exam "i could not find, can you provide exact name..!?

https://www.expresscertifications.com/isc2/