My CISSP experience and things that can help you pass your exam.
I started serious studying in December 2015, and went to a boot camp May 2-7, 2016.
1. Study Notes and Theory
Read everyone’s experience after passing exam including all resources used for study. Visit often, and answer questions you do not know. Contribute to the group by explaining why you gave an answer, it will help you learn.
2. Read, Read, Read
(OK, maybe this is overkill, but this exam scared me! Select one good book-note, the CBK Common Body of Knowledge is terrible and has a lot of mistakes, I do not recommend that book)
a. CISSP Study Guide
b. Eleventh Hour CISSP c. CISSP Study Guide
d. CISSP for Dummies e. CISSP Summary
Lots of other resources such as YouTube videos, etc. were used when I did not understand something or wanted further clarification. CISSP: Certified Information Systems Security Professional Study Guide: Edition 6 James M. Stewart Mike Chapple Darril Gibson
3. Practice Tests
a. http://www.mhprofessional.com/sites/CISSPExams/exam.php...(Downloaded the MP3’s and listened to them in the car)
b. (Practice exams for the CISSP, CISM, CISA, CEH, CASP, PMP, SSCP and Security+). (I was scoring between a 72 & 79 overall score on these and did two full 250 question tests prior to the exam to see how long it would take. I finished the 250 practice exams in a little over three hours, and did not go back and check or change anything.)
c. http://www.wiley.com/…/productCd-1118314174,miniSiteCd… (Was getting 80-100 on chapter tests)
d. http://www.pocketprep.com (Did these quizzes on the bus on the way to and from work) (range of scores was between
50% and 80%)
4. Free online training resources
a. Larry Greenblatt CISSP
i. Day 1 CISSP
https://www.youtube.com/watch?v=ept-Mn-a3xE ii. Day 2 CISSP
https://www.youtube.com/watch?v=BKjqfi47GKo iii. Day 3 CISSP
https://www.youtube.com/watch?v=1qaTuZx8yfU iv. Day 4 CISSP
https://www.youtube.com/watch?v=5HXZ_o-cAHs v. Day 5 CISSP
https://www.youtube.com/watch?v=JTrP1hoLXI0 vi. Crypto Packets don’t lie
Note: I listened to Shon Harris and Cybrary – Kelly Handerhan CISSP when driving in the car)
Gwen Bettwy Instructor
7. Test taking tips:
a. Visualize your passing letter!
b. RTFQ – Read the Full Question!
c. Peppermint – A tip from one of my classmates was to get peppermint, it help you to stay alert. I made sure to have some peppermints on hand!
d. Note the key words
e. Eliminate the 2 distracter answers
f. Reread the question to make sure you understand what it is asking-sometimes the first time, you may miss a word.
g. Look at the two remaining answers and determine the difference
h. When answering questions, remember the three main goals of security. Confidentiality, Integrity, and Availability. If the question is about Confidentiality, the answer will be related to confidentiality, if the question is about integrity, the answer will be related to integrity, and if the question is about Availability, the answer will be related to availability. Try the technique when doing practice questions.
i. If you read the question and just do not get it, read the answers and see if you can notice the one that is different than the rest; this may be the right answer.
j. Take breaks!!! If the questions are getting harder to answer, take a break, get a drink, grab something to eat, refocus.
k. If you are taking too long to answer a question, mark it and move on, do not
waste time-you will have time to go back. I think I marked about 45-50 questions, but when I went back I was very careful and did not change too many answers unless I really knew they were wrong, and I think I did change about 10 answers.
l. All tests are different, so I do not think there is any magic idea of what to make sure you know. Study all of the domains, understand them, and remember you will need to apply the knowledge when answering questions. I recommend doing the practice tests and try to be proficient in each domain. I was scoring about 80% average on most of the domains except my weakest (Security Engineering) which I was scoring about 70-75%.
m. Sometimes, all answer look wrong. In this case select the least bad answer.
n. Three important things to remember.
i. Life Safety comes first
ii. ‘Do a risk assessment’ is often the answer instead of trying to choose one of the answers that is a technical fix which people with a technical background tend to do.
iii. Look at the answers from a management perspective, and finally people and processes trump technology answers.
8. When the exam is done and you end it – the program makes sure you are really ready to end by asking/warning you that you are going to end. I tried going back and reviewing all of the questions after I completed the flagged review and it was making me a little crazy once I got to 125, and had about 47 minutes left, so I just decided I should end the exam and not risk making changes.
9. You raise your hand when you are done, return all test taking materials to the
proctor, and the results are printed out in another room where you will find whether you pass or fail. I was sure I failed until the proctor told me I passed! When you get this new it is a great relief! Now I can get back to my family and clean my house!!!
10. Note: If I failed, I planned to sign up immediately to take the test in 30 days. Don’t give up!! I hope this helps! Good luck to all and thanks again to everyone in this group for your comments, and encouragement.