As promised here’s some more information regarding my exam experience and study methods….. it’s a long post!
In terms of my exam experience, while I can’t say too much for obvious reasons in terms of the content/questions, but I would say that overall it wasn’t as ‘scary’ as I expected.
The key things to think about IMHO are as follows:
Timings – You ‘should’ have plenty of time for the exam – around 1:30 min per question approx, and there will be some you can answer straight away! Some questions will take longer but you should have more than enough time overall provided you have prepared and know the material well enough. I completed my exam in 3 hours – I have heard the average is around 4-4.5 hours…………. the worst part was queuing up to get the printout with my result!
Nerves – You WILL be nervous (it’s a serious exam after all and you want to pass!) so there will be adrenaline going around the system. Control your nerves and focus on what you have in front of you…..
Breaks – You should be able to have time for 2-3 breaks during the 6 hours. You should definitely take them as it’s good to get yourself away from the screen for a few minutes (or a bit longer!) especially if you are struggling with a few questions… Take them after 50-60 questions and again at 130-140 (this will obviously vary depending on how you are doing..if you are on a roll keep going until you get ‘stuck’!). Take some food/drinks/fruit etc with you for when you have a break.
Questions – READ THE QUESTION! READ THE QUESTION! Before you jump to an ‘obvious’ answer read the question again to double check what you are being asked for. Just remember there are the ‘control’ questions in there too so don’t beat yourself up mentally if there are questions you have NO IDEA how to answer!
Changing answers – Quite often (after a bit of thinking) your first answer will probably be the right one – you may need to go with your gut feeling or even guesswork for some questions though smile emoticon
In terms of study, I was relatively relatively comfortable with most of the material having studied the proverbial s**t out of it as much as time allowed over the last few months smile emoticon I think it has helped that I’ve also been studying for an part-time MSc In Information Security (which I should be finishing this year!)which gave me a certain level of knowledge and confidence in most areas and also have previously gained the CompTIA Security+ cert!
From a CISSP study perspective, I used the following resources:
– CISSP ISC2 Certified Information Systems Security Professional Official Study Guide, 7th Edition – my primary CISSP reference. I did the chapter quizzes but left the 4 x practice exams ‘in reserve’ until the two days before the test, as I heard on here that they would be fairly realistic in style to the real thing. This book should be a good reference guide moving forwards now I have passed the exam!
– CISSP for Dummies. Relatively simplified in terms of detail but a good starter/introduction for unknown areas.
– CCCure CISSP CBT – you have to pay for this and in return get over 50 hours of CBT videos. some might say this level of information is overkill, but sometimes its better to know more than you need, given you are not just looking to pass an exam but want to be an InfoSec Practitioner! You also get access to the slidepack and MP3s of the CBT recordings. I watched all 54 hours of this – took a while but was clearly worth it as today showed!
– CCCure https://www.freepracticetests.org – you have to pay for this but there are almost 1900 CISSP questions covering all domains. You also have access to Sec+, old CBK questions and CEH questions if you get bored smile emoticon. I did ALL the questions!
– Larry Greenblatt’s 8 Domains of CISSP – Free vids on YouTube (almost 40 hours I think) & PDF slide download. Good to cover the same material but with a different approach. I think Larry likes Star Trek! I watched all of these videos.
– Mindmaps were provided by Matheus Vasconcelos. An excellent way to visualize the material!
– Cue cards/Post-it notes – great for writing down key points! My living room wall was covered with them!
CISSP – aide memoires (‘old’ domains but still useful!) https://www.cccure.org/…/Eric_Al…/CISSP_aide_memoire20v4.pdf https://cccure.training/…/Cram-Study-Guide-for-the-CISSP-Ex… http://www.kilala.nl/Sysadmin/Images/CISSP_Summary_V1.1.pdf
-Apps – Pocketprep CISSP. Good for getting used to different types of question. Some difficult questions!
Skillset – another good resource for question that I used- I tackled as many of these as time allowed.
Other FREE test resources as follows – I did all of them.
As far as the ISC2 official book is concerned, I did make a start but found the Sybex book far easier to read – it’s still potentially good as the ‘go-to resource’ for checking points in the curriculum. Fortunately I didn’t have to pay for it as I got it free with a 5-day QA course.
On the subject of QA, if you are in the UK, I would NOT personally recommend this course. I got it free (fortunately) as I had complained about one of their courses previously, and I’ll be complaining about this one too as I did’t feel that I learned ANYTHING from the week.
In summary, take as long as you think you need to master the 8 domains but set yourself a semi-fixed timetable or you will drift and drift. Take practice tests for each domain and then take ones for multiple ones.
Do longer tests when comfortable – you NEED to get used to longer tests as the real one WILL take it out of you mentally! Once you have started longer tests keep doing them, you need to get used to it! From my own perspective, I was getting a bit fed up with constant testing and just wanted to get it over with. When YOU feel like this I would say it’s time to take the real test.
In terms of scheduling the real thing, try and arrange the test for a Monday if possible – you get two uninterrupted days of final revision/testing (i.e. the 4 Sybex exams) to make sure you are READY. Disappear to a quiet place for the weekend, turn off the TV, switch your phone off and get in the ‘zone’.
FOCUS FOCUS FOCUS – it worked for me :))
If you want it bad enough you WILL put in the required effort to get it! Fail to prepare and you can prepare to fail………………….
I hope information helps you – Good Luck. Don’t forget to reward yourself WHEN you pass – you will have earned it!