How Oz Cracked His CISSP Exam
I have divided my notes into 3 parts – studying, the exam & my remarks:
My learning path/method:
Watch a module (each domain of the 8th got its own module on the video course) on the “CISSP Complete Video Course” in order to get familiar with material.
If you are interested, Sari (the course instructor) has published a second version of this course - https://www.safaribooksonline.com/library/view/cissp-second-edition/9780135180488/ which fits the 2018 objectives
After that I read the entire same domain on the “CISSP All-in-One Exam Guide, 7th Edition - Shon Harris” book. After that I read (fluttering only – searching for things that were not written on Shon’s book) the same domain on the “Official (ISC)2 Guide to the CISSP CBK - Fourth Edition” book. After that I have answered the relevant domain questions from those two books + “CISSP Practice Exams, 4th Edition - Shon Harris” book + “CISSP Official (ISC)2 Practice Tests” book.
Basically I was learning (reading and answering the practice questions) every day for about 3.5-4 hours (depending how late my daughters went to bed) a day from end of Jan.2018 till end of Apr.2018 and took a month to relax.
My exam was scheduled to the 25th of June 2018. I went to a CISSP boot camp to refresh my knowledge during week 2 of Jun.2018 and after that I had few days to answer the questions of chapter 9 + 10 from the “CISSP Official (ISC)2 Practice Tests” book which are questions from all the 8 domains.
The day before the exam I read the “Sunflower Study guide - v2 (2017)” file which summarize the learning material
The exam itself:
To be honest, this was the hardest exam I have ever experienced in my 14 years of being in IT roles as this exam challenged everything I thought I knew about security.
Hebrew is my mother tongue language but my English is very good (I work in HP with most of my teammates are Americans guys so all of our email, chats & phone calls are in English) so I took the English based CAT exam.
From what we all heard about it, the CAT exam gives you a first 15-20 hard questions and continue based on your answers, so I took my time answering those.
I was very anxious during the test and adding to that the high level of wording (all the practice test I took where worded in an average complexity but on the exam I found many words the I didn’t understand) lowered my morale so finding out that 20 first questions took me almost 40 min didn’t improve it.
I was never completely sure about many of my answers and when I reached question 100 I thought for sure that the test was going to stop and fail me but it continued up to the 150 questions.
My words of wisdom:
CISSP study material is very wide and will take you time to learn so don’t rush yourself, give yourself a month or two for the studying – take your time with 3-4 months and even more depending on how many hours per day you can give.
Memorizing does very little with CISSP - you must learn not only the definitions but the concepts behind them as an example: not only the definition of SSL/TLS but when is it used and why.
On the exam itself, If you pass question 100, don’t lose hope because If you’re still testing this means you haven’t failed and still got a chance. During the exam, you’re probably going to get discouraged, but don’t let it take you down keep your head up and understand the questions concepts even if you do not understand the entire wording.
Hope this will help others