BIBA NO WURD! Soon those words will be seared into your brain! Early morning on October the 13th I found myself stand outside a large building in S
BIBA NO WURD! Soon those words will be seared into your brain!
Early morning on October the 13th I found myself stand outside a large building in Southern California staring at a piece of paper with the words Congratulations! written on it. The words that I had worked hard for, it was a accumulation of years of hands on experience and a week of the hardest studying I had done in my 30+ year career. I want to pass on what I had seen, heard, and learned so that maybe it will help someone else as they prepare for their CISSP exam.
Ok, hopefully if you still reading then you already know that CISSP (Certified Information Systems Security Professional) is a certification offered by ISC2, and is highly sought after by many companies, especially in today’s technological time when breaches have occurred at many top companies across the world. When I first decided to take the exam I knew that it was going to be a tough one, especially harder now since they changed the test to only 150 questions, and you can no longer go back to a past question, plus it is considered psychometric which really tests your capabilities and what areas you are weak in or strong in.
I decided a boot camp style class was just what I needed, after reading much reviews and forums I decided to choose Infosec Institute’s, CISSP Bootcamp. Yes they will recommend you to take the online course, FlexPro, and entice you with a so called pass guarantee, which only means that if you fail they will allow you to take the class again. Personally, if you want to really pass this test then I recommend that you take the in-class program. Book yourself into a hotel for the week, self sequester yourself and study as much as you can, then study some more .
InfoSec says the Boot Camp class is 7 days but in reality it is only 5 or 6 depending on when you will be testing. Days 1-5 you will be in an instructor lead class usually 8:30am to 5:00pm, then you will be expected to read four chapters per night out of the ISC2 CISSP Study Guide, and do at least 150 practice test questions from the Sybex testing database which comes with the Study Guide. Now that doesn’t seem too bad, but we are talking 100-150 pages to read, and it will take you on average 3-4 hours to do the 150 questions. It was not uncommon for me to be up until 2AM each night! By the last evening before my exam I was doing 150 practice questions and scoring an 813, (700 is the minimum passing), but again you will be wiser to make sure you are well over that number to leave room for extra ones that you will miss.
I saw many email testimonies by people that said they sat down at the exam and didn’t even think the thing was in their language, it is that hard. Many said they just wanted the torture to be over! Why is this test so hard? because it doesn’t just test your capacity to memorize technical answers, it tests your ability to think quickly on your feet as management without all the answers, some questions won’t even feel like there is a right answer, and maybe there isn’t, maybe its just the least wrong answer.
On day 6, it is mostly review and practice questions in the class. If you are taking the exam within the next one or two days then it is highly advisable by the instructor that you skip the 6th day and focus all you have on the areas that you are weak in. Don’t worry by the time that you reach this point, you will know which areas, or domains that are your weak points. DO AS THE INSTRUCTOR SAYS! I highly suggest that you purchase the book way before your class and start reading, it will help give you a foundation before class and put you ahead of schedule, that way you only have to review and not read the entire chapters. I know, the book does come as part of the class, so you will have two of them in the end, do you want to pass the exam or just go through the motions and fail?
This exam is not just technical, so if you go into it thinking that it is or that you can memorize everything and pass, then you will fail! If you don’t get yourself in the right mindset, you will fail! CISSP is a management level certification and you need to start thinking like management, do get all cocky that you are the technical guru that can do anything because I am telling you, you will fail if you have that attitude!
There are eight domains in CISSP, but there are some domains that are more important to know on the exam than others. Domains 1,3,4,5 you better know hands down! Encryption techniques, Software Development Lifecycle, Disaster Recovery Planning, Business Continuity Planning, Business Assessments, all these you need to know like the back of your hand. This is not going to be a test about which protocol uses what port, you will need to put on your Management hat if you want to pass this one.
The class I took was instructed by Robert Mitchell, a man whom was extremely knowledgeable and could recite entire volumes of information off the top of his head, I was fascinated each day with the vast knowledge he had amassed over many years of his career. If you are ever fortunate to have him as an instructor I advise you to listen closely, pay attention to what he to say.
Do the practice questions, do them until you feel like your eyes are burning, then do them some more! Do all the practice questions that you can. Sure, you will be lucky if even one question is even vaguely similar to the ones on the test, but they will show you your weak areas, and they will prepare your mind to be in testing mode. I highly suggest you arrive early before your test and do more practice questions, my exam was scheduled for 8am but I was in the parking lot alone at 6am sitting in my car doing another 200 practice questions, then I walked in right before 8am ready to go with my mind in testing mode!
Look all these little tips will help you pass the test. I saw guys at the class that I never saw after class studying, I used to sit in the hotel lobby for 8-10 hours after class studying and practice testing. Why the lobby? because you need to get use to distractions, they will help you to focus! By day 6 there could be 40 people around with kids crying and I could tune it all out easily, and when I went into that testing room with 14 other people sitting there clicking and typing, it was as if I was the only person in that room. That is what you need to be able to do!
Look, if you do not study, and study hard, you will not pass, it is really that simple. A CISSP certification is a very sought after certification in the IT industry, and it doesn’t just fall into your lap, you will have to earn it!
I’m going to include some material that helped me to study in passing the exam and I am sure will help you, I take no credit for this material as I did not create it.
All hash provided are SHA1 to guarantee integrity 😉
- Service Ports and Numbers (116 downloads) – 61ca4d17885b76112f0b611df0ef27bdb5e3b4ce
- Notes on OSI Layers (112 downloads) – 3b930b910bb53ebfd5a7d4df4d101cf904584a14
- PowerPoint - 2018 CISSP Exam Updates (147 downloads) – e7ac893e18056e00c2c4983e1511f78816881a24
- Network Study Notes (134 downloads) – 8ee7fac7979399f754ab739133c03a8fbfc9a124
- CISSP Practice Questions (129 downloads) – 2c5ada0f34a980e7fe7899f5e6aaa23fc97423e1
- Domain Notes (124 downloads) – e7145255f72353becd15ab382dec15ebde5223bf
- PowerPoint - IPSec OSI Ports (79 downloads) – 48ba9dd4596c9e6f07cb10fd7f5de2bb5bfc531e
- Biometrics (77 downloads) – 244064ed36751268b17b450502d2ff5748016ce0
- PowerPoint - Kerberos (106 downloads) – 30fe69cc76e08000331536446fe1f4df5a5bf8cd
- Access Controls (90 downloads) – f90e5474cb96c79bb0135d580ef9d1399100de46
- PowerPoint - Software Defined Networking (109 downloads) – 666f73b69776471c9eaf2578a13e69a7b2e8f79b
- CISSP Domains Study Sheet (147 downloads) – e4b8412998c71fafbb5b23da47dd6b0d986000a3
Good Luck, and please let us know if you passed!