My name is Chika Nwachukwu.
I just provisionally passed the Certified Information Systems Security (CISSP) exam on Good Friday, 30/03/2018.
This is my CISSP story as requested. I hope those yearning to get certified and even those certified would learn a thing or two from this.
HOW WE MET My first knowledge of CISSP was accidental. In 2013, a colleague of mine just resigned, so I was chosen to replace him in a 5-day CISSP Training Class.
During the training, I was overwhelmed by the depth of information security, CISSP covered. It was a massive 10 domain CBK, and I felt intimidated that I felt a bit glad in me that the training brochure did not come with the real certification exam. Of course, I failed the end of training Assessment Test. I and the two other colleagues that attended the training did not even bother to go further by enrolling in more trainings and doing the exam. But deep down in me, I knew that for me to go far in my GRC career, I needed the CISSP certification.
I needed to face it, but I still kept dilly-dallying. I was afraid of facing the exam especially when I saw the huge voluminous books I needed to digest to pass the exam. This was my usual posture for the three years that followed.
2015 Around April, 2015, I was at work one day, when someone mentioned that ISC2 had reduced the 10 domains to 8 in number. I heaved a sigh of relief. At least someone knew along what I complained about and decided to do something about it. But when I checked further that little changed, it was pretty much the same except that it was narrowed to 8 domains. So, some topics in the old domains were covered across one or two domains. This CBK review would last for another three years meaning that I just had three years left to face my fears and move on. That was when I started thinking.
Even when I was doing other certifications, CISSP remained on my mind. So, I began to read some titbits about CISSP.
2016 In the last quarter of 2016, after facing overwhelming much pressure from my then hardliner boss, I enrolled for a CISSP training with certification exam in a Computer Training Centre (name withdrawn).
That was the biggest mistake in my CISSP journey. After paying huge sums of money (our local money is not friendly with the dollar) for the training and certification exam, I was left dissatisfied. It was as if they were more interested in milking me of my money than disseminating knowledge.
Imagine, I was not given hard copy materials to read, even though it was in my bill of payment. The instructor did not even take the lessons serious as he came late all through the five-day training. Worse still, they kept delaying payment for my CISSP certification exam. You can imagine, I had to follow up with them on this till about the following year. Worse still, I gained virtually no valuable knowledge during my 5- day stay there. Till today, I believe I still demand a refund of my money.
But, I have learnt my lesson and lightning would not strike twice.
BUDDING CISSP (WHATSAPP, NOW TELEGRAM) AND FACEBOOK CISSP STUDY NOTES AND THEORY In late 2016, joining the CISSP Telegram and Facebook groups gave me joy. I was so impressed by the amount of knowledge-sharing. It was a game-changer for me. And I cannot thank Luke and Khatib, Madunix enough. These guys are legends and have brought forth legends in CISSP. May God continue to bless and enrich them. I hope ISC2 does too.
A huge source of my CISSP success goes to these groups and the failure of that Training Centre was not largely felt because I had a superior backup plan in these groups.
MY FIRST BITE AT CISSP After much delay and dilly-dallying by the training centre, my exam was finally fixed for March 31, 2017. I must emphasize I did not have a solid plan for the exam. I went with the flow. I thought what I had read coupled with the knowledge-sharing from my social media groups, work experience would be enough. I also have to exist with the intense pressure of unholy timelines given to me, I had to face my fears on that day. There were signs to show that that day was not going to be my day as my son fell ill two days to the exam, and had to admit him in the hospital. Then my cell phone I used to store my apps got missing two days to the exam.
Nonetheless, I still resorted to doing the exam.
The exam format was still the 250-question-6hour format. From the first question, it was a no-no for me. The first fifty questions I faced was a baptism of fire. I had no clue where those questions came from. This was not what I faced or taught during practice exams. They really unsettled me and affected me throughout the exam. I had a bad start and it affected me psychologically throughout the exam.
During the exam, I spent much time on some questions as I could not even figure out the answers. I ended up flagging them. I went for a break after the 70th question. I remember crying inside me that I had failed this exam as I could not understand these questions. I resorted to saying a short prayer, drank some water and returned. I put in my best and refused to go down.
I spent the whole six hours and would have spent more if given more time. The path to the printer was the longest I had ever walked. At first, I saw that the exam officer had printed the first page, I thought it was the only page and I was about celebrating in my mind, only for him to turn to the back of the page for him to print the second page. It was then I knew I had failed. Checking my score, I realized I was about twenty marks from reaching the cut-off. But I remember smiling going home that day, that I was this close if only I gave myself much belief earlier. I resorted to staging a comeback.
COME-BACK PLAN I went on vacation with my family during the summer and that was when I came up with a masterplan to conquer CISSP. I had the experience and the belief and that was all I needed to stage a comeback.
In November, 2017, I scheduled my retake exam. I focused on my weaker areas then drafted a 100-day plan from December to March 30, 2018, the day I decided to write the plan. I knew during this period, I was going to make enemies with friends, families, all my vices, weaknesses and so on. I boycotted things I loved doing for the sake of passing the exam this time around.
I spent at least three hours every working day and 12 hours on weekends. I remember staying behind at close of business at work and resuming at work an hour before work starts to read. My wife really understood me and took good care of the family during this period, to which I am entirely grateful for.
Before I embarked on the plan, I did an assessment test and scored over 70% implying that I still had it in me. I covered the following resources below during the 100-day plan and from time-to-time partook in the social media groups reviews. By the time I was almost through the plan, I took a week off work to assimilate knowledge garnered and finalize preparations for the D-day. Five days to the exam I was scoring 80%+ in the practice exams from Total Tester to Mcgraw to Sybex.
I took the last Sybex exam and I scored 88% a day to the exam. This question-formats were in 250 number. I could not get the CAT-format based practice exams. But from the experiences from people that wrote the exam, I was able to garner a lesson or two. One of which was to begin strong (Luke also gave that advice) and then complete before reaching 150 questions. Based on my plan which I followed strictly and even did a calendar countdown on my phone, I knew I was ready. I was confident, I was going to give it my best shot this
time around. I spent the remaining days to the exam, reviewing notes, and even playing with my son.
I remember watching films like “limitless”, “Now you see me" 2 days to the exam (all work, and no play).
D-DAY – DAY OF GLORY On the scheduled day of my exam, Good Friday (30th March, 2018), I arrived my exam centre behind schedule but was lucky not to be late as to be turned back home. I refused to allow anything to distract me from my goal, I was ready for the exam this time around, so I thought and believed.
The first twenty questions were tough but answerable. Though they were quite different from the normal practice exams, my knowledge of the CISSP concepts helped me. That gave me the much-needed confidence to go on. On my sheet of paper, I marked the number of the ones I felt I answered correctly and the ones I had issues with.
My strategy was to finish the exam quickly and confidently and it worked. After over an hour, my exam finished at slightly over the 100-question mark. I was notified to pick up my results at the printer. I celebrated inside of me. The path to the printer this time around was short and when I saw Congratulations on the printed sheet, I knew justice had been served, exactly a year later from the heartbreak I suffered. I called my wife to break the good news.
Now I have enough time to catch up with movies and series I denied myself from watching.
RECOMMENDATION • If you read well, you will pass well. • Flow with the concepts. Focus more on the CISSP concepts than scoring over 70% in your practice exam • Avoid distractions. You would surely make enemies on your way to CISSP certification. Do not be afraid to make hard decisions as long as you get that certification, it’s worth it. My external family even quarreled with me that I do not check on them frequently. I’m sure they know why now. • Have a plan and follow it strictly. • Face and fight off your fears and do not face undue pressure from any quarters. RESOURCES CYBRARY videos, Cybersec Study nuggets, 11th -hour by Eric Conrad
ISC2 Official Study Guide- Sybex (cover to cover twice) Sybex- Official practice tests Total Tester Mcgraw Practice Exams
Study Notes and Theory Telegram Group and Facebook Group