How Andrea Cracked Her CISSP Exam!
Let me first share with you that it was only 2 years ago that I even had heard of the words Information Security. I started working on the ISO27001 from a quality management perspective and really enjoyed the topic so I decided to shift my career towards InfoSec.
I was aware of the fact that I needed to learn a lot so that was the reason for me to start CISSP. I had never in my life heard of OSI model, symmetric cryptography and many other CISSP related topics since 6 months ago that I started my journey. I believe that if I can tackle this beast anyone of you can.
Let me summarize what I did:
I used the CBK book as my main material. I worked through domains 1 through 4 and made my own summary. Then I started to study mostly for domain 3 and 4 as this was literally all new to me. I used simple internet to help me grasp the different topics and already did practice questions to accelerate my understanding.
I watched Kelly Handerhans Cybrary videos because she is very good in explaining concepts in simple words and she also gives you the right focus for the exam.
After that I continued with domain 5 through 8 and studied those after finishing the entire book.
After finishing the entire CBK book I started combining as many different sources and methods to understand all concepts
I used the Sunflower summary and many of the material from the Study and theory website.
I listened to podcasts while driving to and from work (Podomatic had one but the guy was quite monotone so I am sure there are more inspiring podcasts you can use).
I used the ISC2 official mobile app while waiting for the dentist or hairdresser.
My exam practice material:
ISC2 official practice test (€28 on Amazon). This has been my life saver. I first went through all 800 domain questions and made flash cards of all the concepts I got wrong or did not understand sufficiently. After that I went through the practice exams as well.
McGraw Hill also good practice material and for free!
Sybex: too easy compared to the exam but very good to identify your weak points
Eric Conrad exams. Not my favorite but still good to practice with.
Couple of weeks before the exam:
3 weeks before the exam I watched all Cybrary videos again to check if I had all important concepts straight (This really helped me through the exam!)
I redid the ISC2 official practice test and mostly focused on the explanations of the answers.
Went through my summaries and flash cards
Scrolled through many of the posts of the Facebook page to also practice some questions.
One day before the exam I did nothing, went to the beach to get fresh air so I would fall asleep easily (this really helped because I was very fresh the next morning).
At the exam:
Got sufficient food and drinks
After 3 a 4 questions realizing I wasn’t able to read it properly I would just shortly go to the bathroom, do some stretches and splash water in my face to get my energy back
Had 1 bigger break of about 10 – 15 minutes to eat something.
I realized at the end that it may have been an advantage for me to not have that much experience as many of you do. I didn’t have to reset my mindset and that made my life easier. So if you have a lot of (mostly) technical experience, you need to really reset your mindset for this exam!
Good luck to everyone!