My CISSP story. (Sorry this is long, jump to the end for material I used)
For me this was a long road. I have worked in IT for 20+ years in various roles the last 7ish mainly involving security. I am currently a team leader responsible for infrastructure security.
I have been studying on and off for about a year and a half. I was nearly ready to take my exam last April when the new 2015 version was released. At that time I wasn’t aware it was about to change, this derailed and demotivated my study for quite some time. In November 2015 I decided to start studying again, this evenly led me to finally passing the exam today.
While studying for the CISSP I read about the ISC2 SSCP exam. I decided as I had a technical background and a lot of the study material was the same I would take that exam first. I passed the SSCP in Jan 2016 which really motivated me.
Back to the CISSP, I used various study materials (listed below) but always thought I needed to study just a bit more. I kept seeing people passing in this group. This spurred me on even more, but still though ‘I need to do just a bit more study’.
Eventually, one day I read a post from Ahmed K about his study plan. This was my turning point, I booked the exam.
I had 6 weeks to study. Having that exam booked did the trick I became really focused. I became obsessed with reading, watching videos, doing practice tests, reading every word in the Study Notes and Theory group. For my final week of study I took some time off work (5 days) I spent these days watching all of the Cybrary www.cybrary.it videos for a second time. Reading notes and reading the chapters of the books covering the areas people had mentioned appeared in the exam.
The day of the exam arrived. The test centre is only about 35 miles away from
where I live. However I needed to be at the test centre at 8AM.
This is slap bang in the middle of rush hour traffic. I did not want to take the risk of being late so decided to go up the night before and stay in a hotel.
I was even studying while in the hotel!
I arrived at the test centre at 7:50AM, did all the identification pre-requisites which include palm scans which surprised me. I was led to a numbered desk. I looked up and saw it was number 13. Number 13. In the UK is bad luck. I was beginning to think I had failed before I even started. I put this to the back of my mind. I read the NDA and started. An important note about the NDA, if you don’t accept it within 5 mins it will time out and you will not be able to take the exam. Be careful!!
I read the first question… Wait, what does this even mean? I had to take a guess! 2nd question again what? Am I even in the right exam? Again a guess. 3rd question. Finally, something I knew. My heart stopped racing, I settled down a bit. I got to 120 questions not really having any idea how I was doing. I felt pretty sure I would fail.
I went for a 10 min break before returning to complete the remaining questions. Towards the end I found myself having to read the same question time and time again before it would sink in. I think I should have had a 2nd break really but wanted it over. I got to the end and chose to review the questions I had been flagging all the way through the exam. Some 80 questions! I went through about 30 of these and changed 2 answers. I could not face any more questions so cancelled the review and ended the exam.
Let me tell you the walk to reception for the results felt like a very long way. The lady behind the counter handed over a piece of paper I quickly scanned it for the word Fail. It wasn’t there I was greeted with ‘Congratulation you have passed’ I don’t think I have ever been so relived in my life.
Anyway enough of my rattling on, what did I use to study.
This group. Great help especially the questions and feedback, Some I knew the answers to some I didn’t. The ones I didn’t know I went away and read about.
Books I used were Sybex 7th Edition, Conrad 11th hour (old version), Shon All in one 6th edition, Eric Conrad 3rd edition. Although I had all these books I primarily read the Sybex CISSP study guide 7th edition. I used the other books mainly for reference and to get more details on the stuff i didn’t quite grasp.
The Sybex book was the only book I read from start to finish. I highly recommend this book and it is really the only one you need.
www.cybrary.it videos, I can’t recommend these enough. I watched all of these twice. Someone posted in this group the other day about watching this particular video https://www.cybrary.it/video/part-3-exam/ I highly recommend you watch this at least once. I even watched it again an hour before the exam.
Practice test. I used CCCURE and the questions that came with the Sybex book. I did about 1800 CCURE questions usually getting between 80 and 85%. In the sybex book I did all of the chapter questions and also did 3 full 250 question tests. I scored low 80% in these test.
Although both sets of exam questions I used were not like the real exam I felt they were still really good to get focused on my weak areas. It also really helped me getting use to just doing exams again, you need a certain mind set. I don’t think I could have sat through 250 questions if I had not been practicing answering questions before hand.
As many have already said, don’t waste time learning lists. You probably won’t see any, Learn the concept.
Think of the answer that fixes the problem permanently, and not temporarily.
Pay attention to the MOST, FIRST, verbiage on the questions, and keep a managerial perspective.
Every decision must be based on RISK MANAGEMENT.
Read the question, read the question and then re-read it.
Try and learn what is the best and worst of something and why. EG what is the best Symmetric encryption, what is worse. Why?
Feel free to ask me any question you may have but I won’t be giving away actual questions before you ask.
I would just like to thank everyone in this group especially the regular contributors. You know who you are.