I started chasing CISSP about 15 years ago. I never followed through with it because I always thought I just wasn't smart enough to understand and grasp all the concepts. Since CISSP isn't a "dime store" certification, I figured those who got it were just far superior to me, and I always chickened out.
This time, my job depended on it, and I manage a team of people who are expected and required to be CISSP, so i figured their manager should also be held to their same standards so i committed myself to taking on the challenge. I will start off by saying I have been doing security and network operations for the US govt for the past 20 years and I hold other technical certifications, so I didn't go into this without some working knowledge.
Per the recommendations of this group, I started out with the Sybex book. Reading it was tough for me. I would fall asleep after a few pages. So I decided to start with the end of chapter exams. I looked up each question in the book and marked it accordingly. This got me reading little sections of a chapter at at time with a goal in mind...answer the chapter question. Before I knew it, I had read most of the chapter without it being a sleepy task. Since the Sybex book comes with online practice exams, i started to take each one of those. I scored terribly and then i would go back and look up those questions in the book and mark them. This approach yielded me reading he entire book, without it feeling like an impossible task.
I then took a bootcamp last week to attempt to solidify my knowledge and to hear and interact with other students who were also working towards this goal. The social networking was tremendous in helping to lock in on those concepts I hadn't mastered on my own. The peer pressure pushed me to stay on focus and target.
I used the Sybex book and the companion CISSP Official Practice Tests to help prepare. They both have online test engines and that helped me to get instant gratification when answering questions, so that I could keep on going. Two days before the exam, I did nothing but simulate practice exams. I would take the Sybex practice exams but would NOT review the answers afterwards. I simply wanted a score and then took the test again. I did write down on paper any question that i didnt know the answer too, so that i could study those topics. I did this to avoid memorizing the practice exam answers and giving myself a false sense of knowledge with high test scores. I never was able to score above 77% on these tests.
The morning of the exam...I got up early and got ready. Drove to the testing center an hour before my exam. I sat in the car and reviewed by brain dump sheets one last time.
I didnt realize you couldnt wear a sweater or coat in the exam room, so i was unprepared with my short sleeves. Wear long sleeves to test, you can push the sleeves up if you get cold. I also had to remove by bracelets.
The test started out scary. I didn't recognize anything! I read each question two times. The first to see what they were asking and again applying each answer to the question until i found the one that made the most sense or was the logical choice. There were drag and drop questions. Those were the hardest for me because although I knew the concepts, the way they were worded just didn't make easy sense to me.
I am a native English speaker and I had great difficulty with some of their word choices. Those of you have English as a second or third language and take this exam in English are simply amazing. At about question 180ish, I started to mentally give up. I hadn't seen a lot of questions I was 100% confident on, so i started to feel discouraged. If this happens to you, stop and take a break! I took about 5 minutes to recompose myself and get back to it. The remainder of the exam seemed to take forever. I kept glancing at the question number i was on and counting down.
This was a distraction for me. I asked them for a sticky note to cover that part of the screen. From there on, I couldn't see how far i had left, so I just kept taking the questions one at a time. Finally I finished. I was so sure I didn't make it. The test center staff was very somber and expressionless so it made it hard to tell. He signed me out and passed me to the desk for my print out. One page...was that good or bad? For me..it was good, it said Congratulations! I felt amazing relief.
This group has been amazing to my experience and your help and encouragement gave me the strength I needed to get this done. I pledge to return this gift to the group and to help all others who are also chasing this goal. Thank you to all members!
It's true that memorization will not get you far on this exam. Memorize the NIST titles and what they do and the steps in RMF and BCP, but only memorize them so you know the order so you can answer question that ask you to apply that memory knowledge. An example would be "in NIST 800-53, which of the following things would you do FIRST or BEFORE (where they list a task from the publication) to achieve this. (some goal or end product that results from a process).
Good luck to everyone out there studying and preparing. I will be sticking around to answer posted questions to keep up with my knowledge and to help those of you who follow onto a successful test.
Best of luck to all