Pass the CISSP exam
I recently passed the examination in March This entire experience has helped me understand security at a foundation level, and I expect this knowledge to greatly benefit my career. Most employers seek candidates with the CISSP not knowing what the certification prepares the holder for, and here is what they can expect from someone that has passed the exam.
This person has a ten thousand foot view of information security and understands the core reasons behind some the of most critical areas of security Yes, including physical security. To obtain the full certification you will also be required to complete five years of full time professional information security experience. This proves that the holder of the CISSP has a great overall understanding of how to protect or secure an environment.
This exam, in my opinion, should be taken by anyone in the information security field. Analysts and Engineers need to understand how and why security managers make certain decisions for the business. This also allows technical employees to understand the processes of a complete security system in an organization.
How I Passed CISSP – My Three Months CISSP Exam Study Plan
Policy, Standards, Procedures, Guidelines. As an example, when I read about buffer overflows, I had to know how it worked so I ended up doing a deep study on the subject. This was great……until the 6th time through. At this time I was also watching the videos on cybrary. Last, I started taking practice tests. I completed over 3, test questions throughout my studies. I added the total amount of questions that I had access to, and divided it by the amount of days I had until my test day. This forced me to cover all the questions in small amounts every day.
During the final week I took full question tests and read through 11th hour. On test day I ate a great breakfast full of protein, then left very early for the test to avoid any traffic issues. During the test I felt as though I was failing the entire duration of the exam due to the style of questions. I focused all my attention on every question and chose the best answer of the options provided. I tried not to think of whether I was passing or failing at any point.
You must be logged in to post a comment. Skip to content. Leave a Reply Cancel reply You must be logged in to post a comment.It's both disarmingly easy and bewilderingly You forgot to provide an Email Address. This email address is already registered. Please login.
You have exceeded the maximum character limit. Please provide a Corporate E-mail Address. Please check the box if you want to proceed. This article aims to demystify the process and help you prepare with tips for obtaining one of the most prestigious cybersecurity certifications in the field.
The credential was created in by ISC 2 Inc. It shows you have all it takes to design, engineer, implement and run an information security program. Alternatively, you can have four years of experience, plus either a four-year college degree or an approved credential from the CISSP Prerequisite Pathway.
If you fail the first time, you can retake it, though you have to pay each time. The certification is valid for three years.
There is also an annual maintenance fee. Other motivations include filling in knowledge gaps, earning peer recognition, expanding one's professional network and contributing to the development and maturation of the cybersecurity profession. Sure, some of this material is boring and impractical, but studying for the exam will give you a very strong knowledge base in topics like security architecture, risk management, business continuity, information assurance and more -- no matter how hard they seem at the time.
The English-language exam is to questions.
These comprise multiple-choice questions, as well as advanced innovative questions. The English exam uses Computerized Adaptive Testing, using an algorithm to adjust the difficulty of each successive question based on the candidate's ability level. Candidates are given three hours to complete the exam. The questions are weighted differently, adding up to 1, points.
You will receive a ranking of the exam domains according to the percentage of questions you answered correctly. If you're preparing to take the test a second or third time, one of the most important tips is to look at which domains you did poorly on and pay extra attention to those areas when studying.Whether or not you find CISSP hard to pass the first time depends greatly on your experience and ability to learn.
Senior Cyber Security Expert. But forget the brain dumping stuff. The exam is about thinking differently. And you need to learn to gain your thoughts straight and understanding all vectors included in the process. Cybersecurity Director. This exam will test your knowledge in Information Security Field, it is a Kilometer wide topic and an inch deep. Understand the domain and how it will be implementing real situations rather than theories only or memorization.
Technical Solutions Architect at Cisco. Study for at least 3 months prior to sitting. There were not many good textbooks that year. I studied all the domains according to the given syllabus from ISC2 and tried very hard to find the related material on the internet including the below textbook. After all these years of teaching until now, I still recommend this textbook.
The book could explain security management concepts from basic, linking up to other topics well, and easy to understand. It is the 7th Edition now. I do not have this book, but I think it is fine as well. Information Security Consultant. I found the study guides to be the most helpful. Practice tests are also helpful, but they can create a situation where not all information is covered, so be sure to read the material that goes along with it. Senior System Analyst at Steampunk.
Chief Security Strategist, Capgemini. Go through the CBK and honestly evaluate your strengths and weakness. Study the weaknesses first. The study, Study some more. Take practice exams. Take the ISC2 course if you can. Take a break halfway through the exam. Senior Cybersecurity Consultant at PwC. Senior Information Security Manager at Nokia. I'm Henry, the guy behind this site. Very difficult, although I passed at questions I felt like I was failing the whole time.
This certification is not for anyone, you really need to have a background to understand many of the core concepts. Make sure you do due diligence looking into the content before you embark in taking on this challenge. Good luck. Having said that, understanding as much as you can about each domain will help so reading all the recommended study guides and doing thousands of practice questions will be extremely helpful. This in itself is sometimes the biggest challenge.
You need to be as familiar as you can with as many terms as possible and just as importantly, work on your skills in understanding questions and how you can infer and dissect the questions being asked.
This is the number one reason why no one is ever confident if they are dong well during the exam. This is a hard exam. Passing the exam requires a lot of effort but is quite rewarding at the end of the journey.All rights reserved. All other trademarks are the property of their respective owners.
Sign In or Register. Sign In Register. Hi Guys, I would like to start by thanking all those who have posted about their experiences in this forum. It has been of great help for people like me who have been reading them passively, to get as close as possible to the realities of CISSP certification exam. Having provisionally passed my CISSP exam couple of days ago, I feel obligated to give back to this community by sharing my own experience preparing for it.
The trigger was an internal organizational change that I wanted to suited up for. In my current role I lead a team of security and network engineers at work, working on specific missions around securing information systems within our organization. Quizlet CISSP Flashcards - I found this online on the day of my exam and was quite handy for the last minute refresh of key topics before the exam. Finally, on the day of the exam, I was a bit anxious about the CAT format of the exam, as it was a whole new experience for me.
This is where the experiences shared by people in this forum helped. As experienced by others who have gone through the CISSP exam in English since DecemberI also felt the initial set of questions quite straightforward and started getting more and more difficult. Surprisingly I found this to be a good thing. It ensured that I gave due respect to each question.
Though the CISSP exam is a 3 hours long exam with upto objective questions, for me the exam stopped abruptly at questions with almost half the time remaining.
I knew I was doing okay, but I expected to reach till questions. I was relived when I was handed over the printout of the result. I had provisionally passed! The exam stops as soon as you hit the passing score, with each question given different weightage based on the difficulty level of the question. Once again, thank you for all those who have shared their experiences in this forum and good luck for those who one day would!
August Excellent work and great writeup!In this blog post, I will share with you my CISSP exam study plan, what are the books and resources I used and why, how I prepared for the exam in three months and pass at the first time, and how to adopt a new security mindset that helps you pass this exam. This blog post is part of a blog series:. There are a lot of topics to cover and you need to rely heavily on your previous work experience, and because you are dealing with 8 domains here, the chance you are a master in three or four domains is very very small.
That is the reason why before you go and start studying for the exam, you have to have a proper CISSP exam studying plan and a timeline three months for example. It is also not enough to go and attend a CISSP training for 5 days for example and then directly go and take the exam, because the amount of information you receive will most likely make your head about to explode and you need to spend time by your own reviewing the CISSP exam domains and really understand the materials.
To prepare for this exam, you should have a good CISSP exam study plan a head of time because there are many thing you need to study for and a lot of security theories. It is hard to find someone who knows or works in every of the CISSP 8 domains, but at least you should have good knowledge in two domains at least.
Any study plan should have a timeline, study materials of choice, studying methodology, and practicing method. The first book is the official study guide with pages and 21 chapters that cover all the 8 CISSP domains, and the second book is the practice tests book with pages and 12 chapters of test questions covering all CISSP domains.
You can buy them both in Amazon as a bundle here. I like Sybex books and I think they have a good balance between simplicity and material coverage. As the CISSP exam was updated recently and the materials got updated, make sure you get the updated materials that reflect the updated exam objectives.
All links in this blog post point to the updated materials in Amazon. Another famous book for the CISSP exam is this one authored by the famous Shon Harris Eight edition that also comes with a separate practice exam book.
The practice book is pages with 8 chapters, each chapter contains questions for a specific CISSP domain. I found that this book while being a very good book contains more details and extensive information that even the Sybex book does not contain.
For example, the Sybex book mentioned the different physical locks in a brief way, while the Shon Harris book goes deeper and list the details of each physical lock which I believe is overwhelming and requires more studying and memorizing. It depends on your preference I believe, but for me the Sybex book was my top choice and it helped me pass the exam from the first time, with a good preparation and less time. This is a pages long mini book that helps you review all material in short time after reading a full CISSP study guide.
After purchasing the Sybex book, it is time to start studying. The Sybex book contains 21 chapters and tt the end of each chapter you have 20 questions with their answers to test your knowledge.
My study plan is:. No matter how well you prepared, you will be shocked with the CISSP actual questions you will see in the exam.
You need to practice on solving as much questions as you can at least questions to learn how to get the mentality of answering so many questions in less time you get average of 1. In my case, I believe I did to questions before taking the exam. You can force yourself to have such commitment by scheduling the exam today, pay for the exam, and put the exam date three months from now.
This will creates the urgency to commit yourself into studying and preparing for the exam. The other tip is to try to study in a continuous manner. It is hard to study for two weeks for example, then get busy doing something else for another two weeks, and then go back and continuing studying for the CISSP exam. You will loose focus and momentum, so make sure to have a commitment for a continuous three months of your life for the CISSP exam.
Just Passed the CISSP Today With a Month of Study
I spent at least three hours of studying each day excluding the weekend day as I would spend it with family.By now, you have probably searched high and low; far and wide on what it is you need to do in order to become CISSP. I found myself in a similar position a year ago. What I discovered? Yes — it is possible. Anyone can do it! CISSP is a managerial exam. It is an Information Security managerial exam.
Yet — a managerial exam, nonetheless. This is very important to know when preparing for the exam as questions are not formatted logically as you would see in other IT Security exams. CISSP is a significant investment in time and money so you need to weigh this up with your circumstances to determine how best to meet these investments.
Know the exam structure inside out!How I Passed the CISSP Exam (Part 1 - Background)
A free outline is available on ISC 2 site located at:. Know the Content! CISSP content is broad but not very deep. Prior tothere were 10 domains with similar content.
Code of Ethics. One book is not enough! An array of resources is required. It is important to ensure that you use the most up to date books and resources to prepare. The study materials recommended below all come in Kindle format. Keeping one hard-copy version of your main CISSP materials is useful for a central point of reference. Step Four — Winning Strategy.
How to Study:. It is recommended to start with first domain — Security Governance through Principles and Policies. That way you will solidify the overarching principles AIC! Before the exam, take one to two weeks out to go through all of the domains inside out before you sit the exam. Remember This! Setup a study schedule. Anywhere from 2 months to 1 year of preparation depending on how quickly you would like to sit the exam and previous familiarity with the content. Consistency is Key.
Daily practice if possible, even an hour during week days and up to 10 hours on the weekend, whatever you can spare. This is a tough stretch for most busy Information Security Professionals! However there are a few techniques to assist with this.
How Do You Learn? Know what learning style suits you. Visual, auditory, kinesthetic or a combination? How you learn will determine whether you select to attend training, self-study etc. I have spoken to many CISSPs who have attended boot-camps and training courses with mixed reviews on the effectiveness. It really depends on how best you learn.There is no silver bullet for the CISSP that translates into a guaranteed passing score and only you know where your strengths and weaknesses lie.
This blog alone will not guarantee a passing score, but I hope it better prepares you or helps in some way. The CISSP is geared towards managers, consultants, architects, C-level executives or anyone looking to break into the security industry. If you do not have the work experience you can still take the CISSP and apply for the Associate level until you gain the necessary requirements. For non-government work, the CISSP is highly sought after in candidates as well, but it is not a hard requirement for select positions similar to government opportunities.
Before I began to study for the exam, I wanted to learn more about the exam itself. As the name suggests, CAT adapts to your answering abilities to tailor the exam to truly challenge your mastery of all areas of the CBK. The basic flow is as follows: your first question in each domain will be rated as a relatively easy challenge.
If you answer that question correctly, your next question in that domain will be more difficult, and so on. If you answer incorrectly, the next question will either be at the same level of difficulty or easier. This trend continues for each domain until you have sufficiently displayed your competency of that domain. The CAT is a good thing. It might seem like you now have to know more than previously when it was a linear question exambut in reality, CAT allows you to pass the exam in questions in less time.
The CAT mandates the same knowledge as the older linear format and creates a more enjoyable testing experience if such a thing exists…. In total, the exam is questions and three hours long. Due to the exam leveraging CAT, you can pass in only questions and potentially finish the exam in under an hour! A good way to think about the CISSP is that you have questions and three hours to display competence in all 8 domains, but once you show competence in one domain, that domain is complete for the rest of the exam.
You may end up having the last 10—20 questions be on one single domain as the CAT works to establish your competence in the final domain that has yet to be passed. Included in those questions are 25 experimental non-scored questions. You only need to display competency in each domain to pass and this can be accomplished in as little as questions.
Each person learns differently, and each exam is going to be different by nature of the CAT. Do not let that discourage or intimidate you as the CAT does its best to help you to pass. My studies involved only a few core resources:. Everyday I would re-read my notes from top to bottom, it ended up being close to 35 pages by the time I took the exam.