BIBA NO WURD! Soon those words will be seared into your brain! It was early morning on October the 13th 2018, I found myself standing outside a lar
BIBA NO WURD! Soon those words will be seared into your brain!
It was early morning on October the 13th 2018, I found myself standing outside a large gray building in Southern California staring at a piece of paper with the word “Congratulations!” written on it. The words that I had worked hard for, it was an accumulation of years of hands on experience, months of studying and a very intense week long bootcamp, it had been the hardest studying I had done in my 30+ year career. I want to pass on to you what I saw, heard, and learned during that time so that maybe it will help you prepare for your CISSP exam.
Ok, if you are still reading then you already know that CISSP (Certified Information Systems Security Professional) is a certification offered by ISC2, and is highly sought after by many companies when it comes to hiring, especially in today’s technological age when breaches have occurred at many top companies across the world. When I first decided to take the exam I knew that it was going to be a tough one, especially harder now since they changed the test to only 150 questions, and you can no longer go back to a past question, plus it is considered psychometric which really tests your capabilities and what areas you are weak in.
I decided a boot camp style class was just what I wanted, after reading much reviews and forums I decided to choose Infosec Institute’s, CISSP Bootcamp. Yes they will recommend you to take the online course, FlexPro, and entice you with a so called pass guarantee, which only means that if you fail they will allow you to take the class again. Personally, if you want to really pass this test then I recommend that you take the in-class program, nothing can replace the help of fellow colleagues that are working towards the same exam as you. Book yourself into a hotel for the week, self sequester yourself and study as much as you can, then study some more, and when you think you can’t do it anymore then study some more.
InfoSec says the Boot Camp class is 7 days but in reality it is only 5 or 6 depending on when you will be testing. Days 1-5 you will be in an instructor lead class usually 8:30am to 5:00pm, after class you will be expected to read at least four chapters per night out of the ISC2 CISSP Study Guide, and do at least 150 practice test questions from the Sybex testing database which comes with the Study Guide. Now that doesn’t seem too bad, but we are talking 100-150 pages to read, and it will take you on average 3-4 hours to do the 150 questions. It was not uncommon for me to be up until 2AM each night! By the last evening before my exam I was doing 150 practice questions and scoring an 813, (700 is the minimum passing), but again you will be wiser to make sure you are well over that number before you go for your exam.
I saw many email testimonies by people that said they sat down at the exam and didn’t even think the thing was in their language, it is that hard. Many said they just wanted the torture to be over! Why is this test so hard? because it doesn’t just test your capacity to memorize technical answers, it tests your ability to think quickly on your feet as management without all the answers, some questions won’t even feel like there is a right answer, and maybe there isn’t, maybe its just the least wrong answer.
On day 6, it is mostly review and practice questions in the class. If you are taking the exam within the next one or two days then it is highly advisable by the instructor that you skip the 6th day and focus all you have on the areas that you are weak in. Don’t worry by the time that you reach this point, you will know which areas, or domains that are your weak points. DO AS THE INSTRUCTOR SAYS! I highly suggest that you purchase the book way before your class and start reading, it will help give you a foundation before class and put you ahead of schedule, that way you only have to review and not read the entire chapters. I know, the book does come as part of the class, so you will have two of them in the end, do you want to pass the exam or just go through the motions and fail?
There are eight domains in CISSP, but there are some domains that are more important to know on the exam than others. Domains 1,3,4,5 you better know hands down! Encryption techniques, Software Development Lifecycle, Disaster Recovery Planning, Business Continuity Planning, Business Assessments, all these you need to know like the back of your hand. This is not going to be a test about which protocol uses what port, but you will need to put on your management hat if you want to pass this one.
The class I took was instructed by Robert Mitchell, a man whom was extremely knowledgeable and could recite entire volumes of information off the top of his head, I was fascinated each day with the vast knowledge he had amassed over many years of his career. If you are ever fortunate to have him as an instructor I advise you to listen closely, pay attention to what he has to say.
Do the practice questions, do them until you feel like your eyes are burning, then do them some more! Do all the practice questions that you can. Sure, you will be lucky if even one question is even vaguely similar to the ones on the test, but they will show your weak areas, and they will prepare your mind to be in testing mode. I highly suggest you arrive early before your test and do more practice questions, my exam was scheduled for 8am but I was in the parking lot alone at 6am sitting in my car doing another 200 practice questions, then I walked in right before 8am ready to go with my mind in testing mode!
All these little tips can help you pass the test. Only a few of the participants in class did I ever see studying after class, and everyone one of those failed the tests, for many it was not their first time either. You don’t study, you will not pass, it is that simple. It all depends on how much do you want to pass the exam and get your certification.
I used to sit in the hotel lobby for 8-10 hours after class studying and practice testing. Why the lobby? because you need to get use to distractions, they will help you to focus! By day 6 there could be 40 people around with kids crying and I could tune it all out easily, and when I went into that testing room with 14 other people sitting there clicking and typing, it was as if I was the only person in that room. That is what you need to be able to do!
Look, if you do not study, and study hard, you will not pass, it is really that simple. A CISSP certification is a very sought after certification in the IT industry, and it doesn’t just fall into your lap, you will have to earn it!
I’m going to include some material that helped me to study in passing the exam and I am sure will help you, I take no credit for this material as I did not create it.
All hash provided are SHA1 to guarantee integrity 😉
- Service Ports and Numbers (553 downloads) – 61ca4d17885b76112f0b611df0ef27bdb5e3b4ce
- Notes on OSI Layers (680 downloads) – 3b930b910bb53ebfd5a7d4df4d101cf904584a14
- PowerPoint - 2018 CISSP Exam Updates (7777 downloads) – e7ac893e18056e00c2c4983e1511f78816881a24
- Network Study Notes (484 downloads) – 8ee7fac7979399f754ab739133c03a8fbfc9a124
- CISSP Practice Questions (715 downloads) – 2c5ada0f34a980e7fe7899f5e6aaa23fc97423e1
- Domain Notes (551 downloads) – e7145255f72353becd15ab382dec15ebde5223bf
- PowerPoint - IPSec OSI Ports (2372 downloads) – 48ba9dd4596c9e6f07cb10fd7f5de2bb5bfc531e
- Biometrics (369 downloads) – 244064ed36751268b17b450502d2ff5748016ce0
- PowerPoint - Kerberos (1832 downloads) – 30fe69cc76e08000331536446fe1f4df5a5bf8cd
- Access Controls (511 downloads) – f90e5474cb96c79bb0135d580ef9d1399100de46
- PowerPoint - Software Defined Networking (1339 downloads) – 666f73b69776471c9eaf2578a13e69a7b2e8f79b
- CISSP Domains Study Sheet (706 downloads) – e4b8412998c71fafbb5b23da47dd6b0d986000a3
Good Luck, and please let us know if you passed!