top of page

How Alek Cracked His CISSP Exam

I took the exam today for the first time and was done after 100 questions. Having not taken any exams since my college days (20 years ago) and understanding that there are still many areas where I was not fluent, I was about 50% certain I would not pass (actually, considered rescheduling a few times), so it was short of a miracle. Many thanks to Luke and this group for helping me get ready. It was invaluable. Best of luck to everyone who is going to try it again. Here are some thoughts that may help others.

THE EXAM Frankly, it was not as hard as I expected it to be after hearing horror stories. Maybe I got lucky and should just praise God. Or maybe after all the training I had done I was finally in the right mindset. Or maybe both. Anyway, as people say, the questions were indeed not like the questions in the prep tests, but not necessarily in a worse way. I have seen a lot more difficult questions when using Boson and prep apps. I think I had 5 or so questions that I did not get at all and just picked the answers by gut feeling. I was not sure about a dozen or so questions were, but mostly I felt pretty good. Since they don't give you the answers, it's hard to say what I did right and what I did wrong, but for a few, the answers seemed more revealing than the questions. I was surprised that all abbreviations were spelled out (I thought only ambiguous abbreviations would be spelled out, so could've saved time not learning them and not freaking out about not being able to remember them all). Didn't have any questions that would require calculations or using the pen and paper. Yes, there were questions about some basic laws, regulations, and frameworks but they were all in the context of a described scenario. Did not have to do crypto much, but a few questions required understanding of the basic concepts and algorithm names (but nothing like "how many rounds and block sizes RC6 supports"). Overall, with a couple of exceptions, questions made sense.

THE DAY OF THE EXAM Took a day off work. I scheduled the exam at 3:30, but should've scheduled it earlier to get it over sooner. Watched Kelly Handerhan's "Why you WILL pass the CISSP" video to set me in the right mood.

THE WEEK OF THE EXAM Took Monday and Tuesday off to re-watch Thor's UDEMY videos (for the third time) at 2x speed (we have the Udemy subscription at work). Reviewed my notes on Wednesday after work. Watched a couple of videos on Thursday and glanced over a few notes that I still did not get. Came to peace understanding that there were still some topics that I did not know very well.

4 MONTHS BEFORE THE EXAM Practically, had no personal life. Spent most evenings and weekends studying. Read Luke's "How to Think Like a Manager" book. Read the "11th Hour CISSP" book. Started following this and a couple of other groups. Bought "Official Study Guide, 8th Edition" and "Official Practice Tests, 2nd Edition". Read a couple of chapters of the official study guide and realize that I couldn't hold all this info in my head, so only used it as reference. Have not used the practice tests book at all because I bought the Official Practice Tests app for Android and it was pretty much the same. Used a number of free test prep apps (pretty much everything I was able to find at the Google play store, some of them were quite useful). Practiced Boson tests (highly recommend). Also tried to do a couple of Boson labs and realized they were mostly a waste of time. I think I practiced something between 1,500 and 3,000 questions. I stopped using each practice app once I realized that the questions started to recycle. A side note about apps: none of them are perfect (some have wrong answers, some have other issues), but I would still recommend everything I used: Boson, official study test prep app, and other apps. By the end, I was getting about 75%-85% on tests on average, depending on the platform. When doing tests, I used Chegg Prep to keep notes of everything I struggled with. I mostly did tests in prep mode and tried to analyze the wrong answers. Did timed exercises, as well, just to get an idea.

1 YEAR BEFORE THE EXAM Gave up fighting my manager who insisted on me getting CISSP certification. Watched Thor's Udemy course (a couple of times). Started listening to the old Kelly Handerhan's audio (pretty much listened to it at 1.5x speed all the time I was in a car driving alone; I think I listened to them 2-3 times). Bought Boson app and then realized that it was only a practice app (no training materials other than labs) and it would expire 6 months after starting to use it, so I held off until I was more or less ready.

BACKGROUND A software guy. 20+ years of IT (mostly, InfoSec) development experience. Didn't know much about infrastructure, networks, firewalls, etc., before I started learning for CISSP.

Anyway, it was a hell of a trip. Many, many thanks to Luke and the team. Could not have done it without you. I'm going to phase out for now and go tell my kids that they can get their daddy back.

God bless!

P.S. Forgot to mention that among the things I found helpful were the Mind Map series on YouTube and a lot of random YouTube videos (really liked networking topics covered by this guy:

P.P.S. If anyone is interested, I posted links to resources I found useful:


bottom of page