CISSP Passed 09-14-2013 ---- My Story (Took it 3 times) -- Long Read

mister704mister704 Member Posts: 41 ■■□□□□□□□□
I firstly want to thank this board for all the help in my passing. I would not of been able to do it without you all. The board gives the necessary motivation, resources, and skills to identify what is required to be successful.

My path of CISSP exams:


  1. Took 1st exam September 2012 (planning wedding, in school getting my MS, and not enough time for CISSP study)
  2. Took second exam January 2013 (Fail...rushed, got baffled with CBT, frustration with time management, and still in school final semester)
  3. Took 3rd exam September 2013 (PASS!!! - studied nothing but CISSP, school was finished and wedding was over
*** Key note not listed = I HATE Standardized tests and have never been good at them. A pretty good part also to my unsuccessful first two attempts****

IF you see my breakdown, this basically says devote REAL time to CISSP. It is hard to have to split focus on many other things while trying to pass this exam.

My path of study for CISSP for the first 2 FAILED attempts:
  1. Read Shon Harris 5th edition. Basically tried to fiddle my way through all of the wording. It is a very good book because like some, I need some of those analogies to help me remember, but in the end, it is just a lot of information overload.
  2. Purchased CCCure exams - studied them but just had a hard time wrapping my brain around them. Seemed like it was a lot more technical and had a lot of older questions. I could be wrong but this is just what I remember from a year ago.
  3. Did A LOT of writing. I basically wrote myself a book. Probably did not help much because it was not focused enough. It was SUPPOSE to be a quick go to guide but I ended up got through like 4 pens of ink and writing a book. I would advise against this.
  4. Used James Stewart CISSP Study Guide 6th edition testing software that I received from my boot camp.
  5. Was in a week long virtual boot camp (cannot remember who it was through. Was not SANS, I know that)

My path of study for CISSP 3rd PASSED attempt:
  1. PURCHASED Eric Conrad CISSP Study Guide 2nd Edition - perfect read and good over depth and not 1000 pages.
  2. Used SafariBooks online - this was a HUGE help for me. It opened the door to many other sources for reading which included Shon Harris 6th edition, Conrad 11th Hour, CISSP Rapid Review, and CISSP Exam Cram, CISSP for Dummies. All good sources if you ask me. Shon Harris...is still 1000 pages but you can jump around and get a different perspective on weak domains(this book is good for that). I took the exam provided in each of these books.
  3. Purchased Transcender CISSP practice ($120) - A rating for me. Its not that the questions are really difficult, but it basically burns in the information and helps to easily identify your weak domains. Also has 4 preset exams which I took all of them and scored roughly between 85-90%. When I first started, I was in the 60% range.
  4. Shon Harris Audio and online tests (McGraw-Hill Education | CISSP Practice Exams) - A+ for me. Downloaded the mp3s and put them on a jumpdrive and listened to them in my car for the months leading up to the exam. Literally..no music in my car for 3 months. And the tests are AWESOME. Perfect confusion as that is what you will see on the exam. By the end of it, I was passing each in the 85% range. Knowing the information is key here but the more you take it, it will become second nature and you will memorize it.
  5. Watch SANS webcast(https://www.sans.org/webcasts/successful-passing-cissp-95594) - good overall knowledge about how to take the exam. As well if you go to the archives(https://www.sans.org/webcasts/archive/2013), Eric Conrad has a couple that are of sample questions and how to figure them out.
  6. ITMasters offered free class that I found on here. Signed up and listened. Also had a lot of resources.
  7. Used PDF found here on the site. Cannot locate it but I will. It has a big Sun on the front with all the domains color coded.

Day before Exam 3
  1. Logged into SafariBooks and read BCP, Networking, Crypto, Access Control chapters of Conrad 11th hour book. Quick read, good for confirming final information.
  2. Still on SafariBooks, I went and took Shon Harris 6th comprehensive exam of 143 questions. This was good because I had not seen any of these questions which would let me gauge my knowledge learned over the past months. Tough questions...good gauge.
  3. Took Transcender Random exam of 250 questions. YOU ABSOLUTELY NEED TO TAKE 250 QUESTION EXAMS...IT HELPS BUILD MENTAL ENDURANCE.
  4. Ate a good dinner and relaxed. Went to sleep around 9:30pm but woke up at 4am and worried myself for the rest of the time.


Day of EXAM
  1. DID NOT eat McDonalds Steak/Egg/Cheese Bagel. I had did this on the first 2 attempts. I would say I was a little superstitious. Instead, got up around 5:45am and fixed me a bacon/egg/cheese biscuit and a coffee. It is important that you eat good.
  2. Left the house around 6:15 and arrived around 6:45 at the test center. Cracked open the PDF study guide and hit the key spots. Again BCP/DRM, Common Criteria, Software Maturity Models, Networking Ports and which got to what.
  3. Walked into exam area at 7:35am and got all the paperwork and palm scanning and such down. Sat down at the desk at exactly 8am. HINT for those who have not taken the CBT. You will get about 5 minutes to read the contract stuff. If you are like me, and already read ahead, you should use this time and maybe try to write down things you remember.
  4. Followed the plan I set in place which was to complete the exam in 4.5 hours. I did it in exactly 4.5 hours. I had about 50-60 questions flagged just because I wanted to review them. I refused to sit and stay stuck on any question. I knew that would do nothing but frustrate me and get me off my game plan. After the 4.5 hours, I walked out, used the restroom, ate a small snack, and STRETCHED. I whole heartily think you should stretch and move to get the blood flowing.
  5. All in all, I don't think it was really that bad. This just goes to show that putting real time and effort to it you could be successful. Like I said I have and never will be a standardized test person. I felt pretty good throughout the entire exam. I never felt like I was off my mark or that I was not going to pass. I never got flustered or got mad at myself. I just stuck to my game plan.

I am not sure if this helps anyone, but I wanted to let people know my progress. It was not an easy road, but it was very rewarding. I don't think I have ever wanted something so bad and put this much effort in for anything. I am happy to be done and I now think I am going to try to learn Spanish. Hopefully this will help someone, because people here helped me.


Basically a picture of me as I walked out the Testing Center!!

Comments

  • chanakyajupudichanakyajupudi Member Posts: 712
    Congratulations on the pass. Hats off to your determination to pass no matter what. I would have bailed the second time !
    Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
    http://adarsh.amazonwebservices.ninja


  • sigsoldiersigsoldier Member Posts: 136 ■■■□□□□□□□
    way to persevere, congrats!
  • ajs1976ajs1976 Member Posts: 1,945 ■■■■□□□□□□
    congrats and thanks for the info.
    Andy

    2020 Goals: 0 of 2 courses complete, 0 of 2 exams complete
  • da_vatoda_vato Member Posts: 445
    Congrats! always great to hear an inspirational story of not giving up and accepting defeat.
  • joedainjoedain Member Posts: 25 ■□□□□□□□□□
    Thanks for the awesome read. I sit for my test in 9 days :0
    I am in Afghanistan and have been studying for about 2 months. I hope its enough.
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    joedain wrote: »
    Thanks for the awesome read. I sit for my test in 9 days :0
    I am in Afghanistan and have been studying for about 2 months. I hope its enough.

    Hey man...if I can do it...you can too. Sit, focus and don't be flustered. I can assure you that if you put the time in that has been stated by the community here, then you will be fine.
  • LarryDaManLarryDaMan Member Posts: 797
    Congrats!!! What is your experience level? That is a lot of studying and study materials.
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    LarryDaMan wrote: »
    Congrats!!! What is your experience level? That is a lot of studying and study materials.

    I have 2 years in Info Sec, and 4 years in Software Development and a MS in Engineering Management. My software development background included all aspects of development including RAD Agile Development, Spirl development, full J2EE from development of front end to the database using Eclipse, SoapUI, SAML tokens, JDBC/ODBL, XML, WSDLS, Views and more.
  • NavyITNavyIT Member Posts: 171
    Good story, and congrats!!
    A.S. - Computer Networking: Cisco
    B.S. - Computer & Network Security
  • cissptstcissptst Member Posts: 23 ■□□□□□□□□□
    Congratss man... very inspiring...

    Do you fulfill the endorsement requirements, as they require 5 years direct full time in 2 or more domains of CBK or 4 years of you hold a a degree?

    mister704 wrote: »
    I have 2 years in Info Sec, and 4 years in Software Development and a MS in Engineering Management. My software development background included all aspects of development including RAD Agile Development, Spirl development, full J2EE from development of front end to the database using Eclipse, SoapUI, SAML tokens, JDBC/ODBL, XML, WSDLS, Views and more.
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    Yes I should. I have 4 years of Software Development, 1 year of Sys Admin, 2 years of Information Assurance(which is my present line of work I plan to stay in).

    That is 3 domains right there. If I had to add in my degrees, I should definitely be clear.
  • cissptstcissptst Member Posts: 23 ■□□□□□□□□□
    Correct me if I'm wrong,

    4 years software development, this meet the requirement of ISC2 for one domain.

    but other two domains, 1 year of sys admin and 2 years of information assurance is total to 3 years right? but shouldn't be this 4 years too to meet ISC2 requirement?


    mister704 wrote: »
    Yes I should. I have 4 years of Software Development, 1 year of Sys Admin, 2 years of Information Assurance(which is my present line of work I plan to stay in).

    That is 3 domains right there. If I had to add in my degrees, I should definitely be clear.
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    Looking at ISC2 endorsement site, you just need to log 60 months(5 yrs) of 2 domains. Not individually, but collectively.

    "Applicants must have a minimum of five years of direct full time security professional work experience in two or more of the ten domains of the (ISC)² CISSP CBK. If you hold a certification on the (ISC)² approved list (visit
    www.isc2.org/credential waiver
    for a complete list), you may receive a one year waiver out of the five year experience requirement. Alternatively, a four year degree leading to a Baccalaureate or regional equivalent can substitute for one year towards the five year requirement. No more than 1 year of experience may be waived."

    And my software development includes actually more domains than just one. It include DRP for our operations baselines, Database management, Access Control and more. It is development but is completely based on security given my line of work.
  • instant000instant000 Member Posts: 1,745
    cissptst wrote: »
    Correct me if I'm wrong,

    4 years software development, this meet the requirement of ISC2 for one domain.

    but other two domains, 1 year of sys admin and 2 years of information assurance is total to 3 years right? but shouldn't be this 4 years too to meet ISC2 requirement?

    At the end of the process, the total number of months denoted as “Valid Experience” must be totaled and
    must equal the number of years required for the specific certification (60 months for the CISSP

    Source: https://www.isc2.org/uploadedFiles/Certification_Programs/endorsement.pdf

    Hope this helps!
    Currently Working: CCIE R&S
    LinkedIn: http://www.linkedin.com/in/lewislampkin (Please connect: Just say you're from TechExams.Net!)
  • ash.murash.mur Member Posts: 32 ■■□□□□□□□□
    Hi

    I have read the SHon Harris 6th Edition compelte, and took the quiz which comes as a complementary with that. After that i purchased the CCure.org questions and have managed to score close to 80% in all domains and have brushing up cream level information now.

    So how do you feel this preparation will lead me to successfully PASS my exam. I have 4 years of Info Sec exp
  • cissptstcissptst Member Posts: 23 ■□□□□□□□□□
    Anyone can confirm this please. if it is individual 5 years in each domain or it can count as collective, like few months or years you worked in different domain and count them if the total of all gets 5 years?




    mister704 wrote: »
    Looking at ISC2 endorsement site, you just need to log 60 months(5 yrs) of 2 domains. Not individually, but collectively.

    "Applicants must have a minimum of five years of direct full time security professional work experience in two or more of the ten domains of the (ISC)² CISSP CBK. If you hold a certification on the (ISC)² approved list (visit
    www.isc2.org/credential waiver
    for a complete list), you may receive a one year waiver out of the five year experience requirement. Alternatively, a four year degree leading to a Baccalaureate or regional equivalent can substitute for one year towards the five year requirement. No more than 1 year of experience may be waived."

    And my software development includes actually more domains than just one. It include DRP for our operations baselines, Database management, Access Control and more. It is development but is completely based on security given my line of work.
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    ash.mur wrote: »
    Hi

    I have read the SHon Harris 6th Edition compelte, and took the quiz which comes as a complementary with that. After that i purchased the CCure.org questions and have managed to score close to 80% in all domains and have brushing up cream level information now.

    So how do you feel this preparation will lead me to successfully PASS my exam. I have 4 years of Info Sec exp

    You know honestly, it all depends on you. No one here can say if they think you are ready. Each and every exam is different. I crazy enough feel like mine was not difficult, but this could be because of all the work I put in. I would say get as many different sets of questions in that you can find. Reason being is each ask a question differently. This will help you to identify answers correctly no matter how the question is presented. I believe that played a key part for me. I took probably 5-10 different tests from all different books to ensure I would be able to handle and decipher the wording. For instance, if you can read these questions here Amazon.com: CISSP Practice: 2,250 Questions, Answers, and Explanations for Passing the Test eBook: S. Rao Vallabhaneni: Kindle Store and choose the correct answers, I would say you have pretty good knowledge. After all the studying I did, these questions still threw me for a loop with the wording. I am not saying go buy it, basically what I am saying is make sure you have the skills stated in the SANS webcast

    1. Find the distractors
    2. Figure out the 50/50
    3. Identify the NOT in the questions (luckily the test now bold the NOT, MUST, BEST, LEAST and so on)
    4. Make an educated guess if you just absolutely dont know.

    ***Another note...READ GLOSSARY and know acronyms***

    A lot of the time, if you just know what the acronym stands for, you know the answer.
  • TechGuy215TechGuy215 Member Posts: 404 ■■■■□□□□□□
    Congrats! icon_thumright.gif
    * Currently pursuing: PhD: Information Security and Information Assurance
    * Certifications: CISSP, CEH, CHFI, CCNA:Sec, CCNA:R&S, CWNA, ITILv3, VCA-DCV, LPIC-1, A+, Network+, Security+, Linux+, Project+, and many more...
    * Degrees: MSc: Cybersecurity and Information Assurance; BSc: Information Technology - Security; AAS: IT Network Systems Administration
  • ccnpninjaccnpninja Member Posts: 1,010 ■■■□□□□□□□
  • almosttherealmostthere Member Posts: 13 ■□□□□□□□□□
    Great to hear you finally beat it! I bet it felt good!
  • theroamingjoetheroamingjoe Member Posts: 24 ■□□□□□□□□□
    Congratulations, passed mine on the same day!

    Now I'm waiting on (ISC)2 to bless me. icon_smile.gif
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    Received my official email today..WOOT WOOT...Hummmmmmmmmmp Dayyyyyy is heeeeeeeerre. CISSP hump officially cleared!!its_hump_day_greeting_cards-r10ee68ce76f24dc9aefa221060b59540_xvuak_8byvr_512.jpg
  • theroamingjoetheroamingjoe Member Posts: 24 ■□□□□□□□□□
    Awesome!!

    When did you send your endorsement paperwork in? I emailed mine on 9/19.
  • mister704mister704 Member Posts: 41 ■■□□□□□□□□
    Sent it in on 9/17
  • theroamingjoetheroamingjoe Member Posts: 24 ■□□□□□□□□□
    Cool so hopefully Friday if they are working the queue in order.
  • rebels92.8rebels92.8 Registered Users Posts: 1 ■□□□□□□□□□
    Did you get endorsed by a CISSP? If I don't know a CISSP, what else could I do to get endorsed? Thanks.
  • vasyvasyvasyvasy Member Posts: 68 ■■■□□□□□□□
    "If you do not know an (ISC)² certified professional in good standing, (ISC)² can act as an endorser for you"

    You can submit the endorsement papers directly to (ISC)2
Sign In or Register to comment.