Journey to CISSP
How does it all start? For every successful journey, there is always sacrifice, pain, and tears to achieve the impossible. Not that I'm boasting about it, nor am I saying that I've achieved the highest. There are many things in the world to conquer. I had a pretty rough year with lots of personal issues at the front, and the job market was tough. I could feel the ghosting. To summarize in Risk Management terms, it all started with a purpose.
I had attended the CISM TUP program in Dec 2023 and wanted to give the exam in Jan. But my Mom-In-Law wasn't well, and we were taking care of her in Melbourne, and my job hunt was low profile. I booked the CISM exam and cleared it in Feb. I wanted more and wanted to explore more certs to build my profile, so I enrolled for CompTIA Security Plus. Voila! I cleared that one too, in just 2 weeks.
The TUP group suggested that after cracking CISM, CRISC is a good one too, as it covers a lot of CISM concepts, and the domains kind of overlap. I studied for 3 weeks (QAE) and spent 1 week researching on YouTube videos, Shorts, and various other materials. To my surprise, I passed that one too.
After studying all the domains, I kind of got attracted to ISO and NIST frameworks and the controls used. I wanted to learn more about Key Risk Indicators (KRIs), various ISO/NIST controls, and what the numbers are. I knew the "Why" part when I was associated with the ISO Audit committee but wasn’t aware of the specifics. That is when I enrolled in the ISO Lead Implementor course and exam. This was an open book exam, but I underestimated the concept. The exam tested my patience in searching for the right concepts, keywords, etc. At last, I passed the ISO 27K LI too. So, my task on Scope, Selecting, and Assessing was done in this stage.
It was May 16th, 2024, when I called Sanjay Verma to update him on the results of my LI exam. At that time, I just put forward my idea about CISSP. Since Sanjay was aware of my background, he suggested starting with Domains 5, 4, 6, 7, 8, 2, 1, and 3. This theory actually worked for me as I didn’t want to start Domain 3 in the beginning and lose my focus now and then. Sanjay was the only person who didn’t even think about what it would take to clear it or judge me on my technical skills. There were a few others who hinted that it would be impossible for me to achieve. So, lesson learned: "Trust your own instinct and calling."
It was hard to sit with a focused mind initially. I know it’s not easy, but stick to it. You will love it.
Domain 3 tested my patience, memory power, research work, and ability to connect the concepts. I revised this domain twice on OSG and practiced questions on LearnZapp, OSG Practice papers, and YouTube videos. I had subscribed to Luke Ahmed’s StudyNotes and Theory for 3 months. His practice questions are really tough, and I couldn’t hit the 70% target initially. Somehow, I stuck to his style and thought process on answering the questions. I started hitting the 72-75% goal on the Domain 3, 5, 7, and 8 combination. I did fail a lot of practice tests, but that’s how it prepares your mind. I started gaining confidence in Domain 3. Kelly’s course and Thor’s were really good to understand the concepts for the exam. That’s when I booked the exam.
You need to feed your brain with small and easy concepts, relate them to real-world scenarios, and start jotting them down in your notebook. The notes play a crucial role in the later stages. You need to refer to them before the last 15 days of your exam. You have to explore different study materials and videos. That’s when I started watching Prabh’s, Pete Z’s, and Rob’s videos whenever I got bored with OSG.
To cover this vast syllabus, my day started at 4 AM and sometimes 5 AM. The harsh winter of Melbourne with 4-6°C temperatures was really hard to focus. The bed heater was calling me to sleep, but my inner thirst was slapping me to wake up. :) Thanks to my hubby, who bought me the electric blanket so I could wrap myself in it and focus.
Even though I wasn’t working, I still got up at 5 AM and studied until 7 AM. Then I prepped breakfast and lunch boxes for the kids, freshened up, did my morning spiritual offerings, had a quick bite, and by 10 AM, I sat for another study round. I studied till 1 PM, did some gardening and walking to refresh my brain, prepped for lunch and dinner, and then again sat back to study from 7 PM till 11 PM depending on my body. Sometimes, I couldn’t take it as I started having headaches. So, on those days, I slowed down.
One week before the exam, I just relaxed and started visualizing in my mind what the concepts were, what comes next, and the why and how part, which had already been covered in the early days. So that became easy. ChatGPT free version was also helpful, although some answers were incorrect, and I had to cross-verify.
The day before the exam, I didn’t read much. I was like, "Let's give it a shot and leave the results to Krishna. I have done my duties and now will not worry about the results." What’s the worst-case scenario here?
On the exam day, I still got up at 4:30 AM. I couldn’t sleep well as I was a bit nervous but remained calm. I took the 6:10 AM train since the exam was at 8 AM. After completing the initial prep work, I started the exam. I felt at ease with the first 25-30 questions but later found it hard to choose. I hadn’t heard a few word meanings, but I didn’t lose focus. The scenarios were like ones I had experienced somewhere or some time ago—though not all of them.
I felt I hadn’t cleared and came out with a sad face. I went to the printer area, and the result sheet was kept upside down. I didn’t have the courage to flip it. I just looked for that one word: “Congratulations.” That’s it. I went to the washroom and wept like a child, thanking God. His act of kindness and blessing came in at the right time.
Comments