How Joshua Cracked His CISSP Exam
My CISSP Journey. Fourth time is the charm!
My CISSP began 2 years ago. I had recently moved to California after earning a Master’s degree in Information Assurance and also obtaining a Security Plus certification. I had moved to California because I had accepted an Information Systems Security Officer position.
Three months into the position, the company had decided to send me to the week-long CISSP boot camp. I’ve received flashcards and the CBK official study guide book at the boot camp. While attending the boot camp, the class sessions were long and exhausting. I felt like the boot camp was cramming all eight domains into me within the week, but I tried my hardest to keep up.
On the exam day, the instructor informed the class that if we weren’t comfortable taking the test then we can always postpone until a later date. I thought about it, and decided I will take the test that day. During the test, I felt overwhelmed and I rushed throw my answer so I can get through it. My results were not good as I got a 510.
I felt so disappointed not only for me but the company because the company spent resources (Those resources were not cheap) on me to send me to boot camp and I didn’t pass. I told my boss I didn’t pass and he said “don’t worry about it, it is a hard test to pass and hardly anyone passes it on the first attempt”.
However, my integrity wouldn’t let me stop because of the company investment in me, so I did some research and purchased the Sybex book 7th edition. I started studying and booked the exam 2 months out. I read the Sybex book cover-to- cover and answered the questions for each chapter. I’ve also used the CBK 4 th edition I acquired from the boot camp as well. Second attempt for the test was here thinking that “I got this” and I went into test.
I still felt overwhelmed and failed again. My score was increased to 589. Keep in mind this was the second attempt the company dished out money for and still could not pass it.
I was defeated but my boss reminded that “It is a hard test”. I took a month off from studying and had the privilege of talking to co-workers who are also CISSP certified. They reminded me that the test is a management test and not so much technical. I realized that I was probably thinking too technical my first two attempts and that is why I failed. I had one co-worker that he didn’t study for the test and took the test and passed. Later found out that he had over 20 years of experience when dealing with security.
Feeling invigorated, I purchased the recent Shon Harris book. I later found out that I could not read the entire book because it was too much information so I only used the book as reference material and for tests. My boss later told to try CCCure.org for practice quizzes so I enrolled immediately.
I’ve also learned about Luke Ahmed’s CISSP site, Cybrary, and Sybex’s Practice test book. I liked Luke’s site, bought the Sybex Practice Question book, and watched Kelly’s Cybrary videos. I spent 9 months from the time I failed the second attempt to studying, watching videos, answering countless of questions from different sources. I had to make sacrifices (Ex, gym, hanging out with friends, and watching TV) in order to prepare for my third attempt.
I felt stressed because I constantly had the CISSP on my mind 24/7. I couldn’t stop thinking about the test because of all the stories I’ve heard about how the CISSP will open doors for me. Also like I said before, I felt guilty that the company spent money on me and I didn’t pass the test on my first two attempts. There would be nights where I would come home and just collapse because I would be too tired from work.
I would come home and try to study and couldn’t and just fall asleep in my work clothes. 9 months later I registered for the test for the third time with my own money. I felt better this time because I was scoring at least 80% on the practice tests but at the same time still felt nervous. So, the day for the third attempt was here and was extremely nervous. I went in and as soon as the test started, I started writing down notes. Before I knew it I had almost filled up the one piece of scratch paper the testing center gave me before I even got to question 10.
Well, it took me all of six hours to complete the test with brakes included and I felt exhausted! As I waited for my results, I felt nervous. My hands were shaking anxiously waiting for the results. The testing agents had to calm me down and kept reminding me that I probably did good (because they were probably watching me while taking the test). They printed out the results and gave me the folded piece of paper. I slowly opened the paper and learned that I missed the mark by 35 points.
I was stressed, tired, exhausted, and depressed. Didn’t feel like talking to anyone. I told my boss and my boss told me “don’t give up because I am so close to passing”. I felt like I gave it my all and still failed.
I needed a break because I was studying for 8-9 straight months. I took a week vacation to San Francisco just to clear my mind. I came back and had energy to study again. I had to wait 180 days to take the test again so I waited to start studying again. I registered for the exam three months out and read the Sybex book again and answered practice questions.
I actually became a paid member on Luke Ahmed's Study Notes and theory site which really helped me out. I watched his videos and took his practice questions. The questions I got wrong I investigated why I got them wrong. I was still scoring between 80-88% on practice tests from Sybex, and CCCure. I occasionally answered questions from Shon Harris book.
As the test day for my fourth attempt drew closer, I went back and studying the domains that weighed the most according to the ISC2 site (Security Risk Management and Security Operations). A week before the test, a friend was pointing out random words from the Sybex Index and I was able to explain most in full detail.
Test day was here and this time felt different. I wasn’t as nervous and as soon as the test started I was calm. Didn’t really use the scratch paper because all I had to remember was the CIA tried and IAAA. I was actually leaned back in chair just answering questions. Flagged about 10-12 questions I didn’t know and kept it moving. I took 3 breaks. I finished the test with an hour and a half left to go. I went over my flagged questions and might have changed 3-4 answers. I then went back over the whole test and changed about 3-4 answers.
I hit complete the test. I walked up to the test agent to receive my results. The test agent gave me confidence that I probably did well. Before she handed me my results, she said “I don’t what’s on this paper but I sure you did well”.
Opened up the paper and the first word I see is CONGRATULATIONS! Words cannot express how relieved I was. My two-year journey was finally over!!!
RESOURCES Sybex 7 th edition Official Study Guide Luke Ahmed Study Notesand Theory questions and videos My hand made notes on Microsoft Word Sybex Practice Questions CCCure questions Shon Harris questions from the most recent Shon Harris book (The first question on the comprehensive test in the back of Shon Harris book is a good example of how to think like a manager and not so technical).
CBK 4 th edition CISSP Study Guide (This really didn’t help me a lot. Only used this book to review the most critical domains).
P.S. To all people who are currently studying for this test. I passed this test on my fourth attempt. The power of determination and discipline goes a long way. If you truly want something in life, then nothing should stand in your way of achieving your goals.
I was constantly drained and tired every night studying for this test for 2 years and made sacrifices. A week before the examine I found a video on YouTube by GoalCast. The showed Denzel Washington speaking to college graduates about determination. If you have a chance, check it out!