My Journey to CISSP
My background is primarily SDLC/testing and last few years I am working in secure SDLC. My quest for CISSP started in May 2017 where I decided to search online for reviews and found Study and Notes Theory group and decided to join. I think that was one of the turning points for pursuing CISSP. For the first six months I gathered required resources understanding the depth of the exam (I thought I understood until I began my real preparation) and never missed a single review of “How ZZZ cracked CISSP” from SNT group. It gave me lot of motivation which enabled me to push myself to start reading domains. My work and family commitments hardly left me with any time which added to more stress to my routine, unable to cope up with my day to day tasks. In the back of my mind I was certain that I should give a shot before the new CBK syllabus by April 2018.
Months passed by and towards end of Aug last week, I decided things aren’t working the way I am approaching towards CISSP. Hence I made up my mind and booked an exam date towards end of Dec. That was a one of my boldest move. I am believer of saying ”In Stress and Pain you Grow ” At this point of time I haven’t read even a single domain completely (went through 2 chapters in Sybex in past).
Later I realized CISSP is something far beyond just the motivation of money. Oct 2017 After talking to different people I picked up Sybex and read for next 20 days to cover all domains and realized that I haven’t understood anything nor do I remember anything of what seemed easy to understand. Nov 2017 I decided to move on Shon AIO for more understanding and managed to read it for next few weeks. Again the challenge was remembering, and it was voluminous .I started experiencing practically why it’s not right to book a date for a short duration of time. I was heading towards the verge of giving up my preparation, when I heard the CAT format change and unable to cope up with the pressure of studying along with other day to day activates. There was only one though in my mind from the day I booked my exam ”Eat, Breathe, Sleep (I did this, CISSP audios were my bed time stories every day) CISSP” (I picked this up from Luke). Dec 2017 I fortunately picked up Eric Conard (Not the 11 th hour).That was a turning point in my preparation. I started covering domains faster than the other 2 books which boosted my confidence and in turn also left me with a better understanding. Many reviews emphasized on hand written notes. When I tried initially with Sybex it was getting strenuous, so I had to give up. But with Eric I decided to make hand written notes.
One tip I have here is may be when you read for first time it’s not wise to write notes as you might end up writing everything in book but when you are making notes during your second time or even more, you are aware of what is worth putting in your notes which you will help you, when you will pick it up the day before exam. I was getting close to my exam but I knew that I haven’t done enough practice questions. Till this point I had only practiced the questions posted on Telegram(That’s the first thing I did everyday morning after I opened my eyes and checked my mobile-It was a technical check to access myself and provided and emotional support),Questions behind Sybex ,Shon and Eric. One of my friend mentioned about CBK Green Book, I attempted to read Telecommunications domain but it was too overwhelming due to lack of time. As exam date drew closer I was pushing myself harder day by day. Which affected my health and I was down for couple of days that eventually lead to postponing my exam .It was a hard decision but I had moved by 10 days ,from Dec 27 th 2017 to Jan 5 2018.Longer time meant that I could forget things and an opportunity for lethargy. Every decision in the whole journey I made purely was impulsive instinct. Booking exam for 3 months would be craziest thing to do for working women like me with a kid and personal commitments. One needs to take time to gauge the kind of personality and situations they are in to take an approach for anything in life. What worked for one might not work for another and vice versa but nuggets from already who walked the path always makes our life easy. I took off from work for my Christmas vacation and started revising Sybex,Watched Kelly Videos and joined as SNT paid member. Watched few Luke videos and few question sets(Due to lack of time I could not cover all here),Continued making notes. Read Madunix Process Guide (I didn’t understand this on Day 1 and only understood just the day before my exam-That was a check to gauge if you knew things). Jan 2018 Watched Kelly Videos, Revised my notes looked through Madunix process guide, Sunflower notes, Questions from Telegram and Sybex. On the exam day I felt strongly I might not make this. I kept reminding myself from reviews that you will never feel you have prepared enough and tried to imagine positive stuff. Prayed my God and left to center. I was conscious that my initial performance of first 50 questions matters. As time passed by I knew I was slow but just to stick to previous point, I stopped looking at timer as that was impacting my performance. Questions were tricky but not hard. I wasn’t sure if I was answering right or wrong as it was ambiguous. If I got a hard question I knew was previous answer was right else I got an easy question. I crossed 100 after 2 hours so I was hoping I was still in game and later at 114 th question the exam stopped. Later I saw the print sheet saying Congratulations. It felt like a miracle.
Important areas:BCP, DRP, RMF, SDLC, Forensics, Configuration Mgmt, Crypography concepts,Telecommunication and networking, Mobile Security, Roles and responsibilities. I can’t stress this enough, the whole journey is a test for endurance, Mindset and Patience to cover the whole content diligently (Any one can make this up with perseverance). Luke’s articles were a good motivation (I remember one such sentence “How badly you want CISSP”) and everyone who shared there honest thoughts in this group. Can’t thank all enough. Resources Used: Sybex(9/10) Shon Harris(I like only the 6 th edition)(8/10) Eric Conrad(10/10) Sybex official practice tests(10/10)-This was the only full-fledged practice test resource I used) McGraw Questions(8/10)-Worth your time Shon mp3 Audios( On all time when I was travelling to work and my bed time)(9/10) CCCure Audios(They are 55 hours so I heard a few of them) Kelly (Awesome. Takes very less time and helpful before exam)(10/10) SNT Telegram Group (It gave me a lot of strength and knowledge)(10/10) Sunflower notes(7/10) Madunix Process guide(9/10)-When you understand this you know you have prepared decently CBK Green book for Domain 4 and Questions (8/10)-Questions are good and worth Practicing. SNT Paid Membership (Clarifies important concepts in videos and questions by Luke are Tricky and worth spending time). Alberts Mind Maps (10/10)-This was when I understood what is RMF conceptually just the day before my exam
Conclusion CISSP is a mind set and it’s not hard given reasonable time based on your daily schedule ,Patience and disciple(burn you midnight candle when whole world is sleeping to attain your dream).
I can’t thank Luke, family, friends enough who aided me this journey enough. I drew many around me crazy with my studies but it’s WORTH it. Final Note Apologies for the lengthy review. Hope it helps just like other reviews in this group helped me. Elam Pughazhum Erivanukae (Tamil)-All praise goes to God, A famous dialogue by A R Rahman (Musician)