Pages

Sunday, December 6, 2020

My thoughts about the CISSP exam

Last month, I took the CISSP exam and I got an unexpected result : I passed.

By "unexpected", I mean I was expecting to have 150 questions, and the exam ended by itself after I submitted the 100th questions.

My notes for those preparing this exam:

- take you time to answer to the questions
It does not worth the risk to rush out the exams and failed it.
Better to take the time to answer to each question carefully and get the positive outcome after 100 questions, than rushing out thinking it will take 150 questions, and get a negative outcome after 100 questions.
When the exam ended for me, it remained about 50min for the 50 questions...

- for technical profiles, focus on the theorical and processes points
You have the weight of each domain available on ISC2 website (it will change next year by the way). And although the textbook I used (official study guide from Sybex) discussed about practical examples, most of the questions were theorical (just question checking the understanding of a notion definition) or processes oriented.
I advise you to write down while you're studying the different processes seen, the inputs/actors/expected outcomes/objectives of each process, it position related to other processes... Something I did not do, but I think it is more interesting than some cheatsheets I found online which contains just keywords and brief explanations.

- schedule the time to set a deadline
I had to take 2 exams during the past 3 months, and for technical reason I had to reschedule one. This change the study planning for the CISSP. When you study for the exam, you keep the knownledge in your short term memory, it means you need to take the exam when you still have this knowledge. It does not mean you don't have the knownledge in your long term memory, just that the amount of data will not be the same (on PAN-OS, it is like detailled traffic logs and summary traffic logs, the short term memory is like the traffic logs, detailled but covering short amount of time compared to the summary traffic logs, aggregations of traffic logs (information lost) covering larger period of time).

- don't waste your time on "silly" points
On one of my questions, I felt there was a mispelled word on a word which affect the asnwer of the question. At the end, the answer I selected was not related to this mispelled word, as another word in the question was the main point of the question.
Just note the mispelled word with the question ID and give it at the end of the exam to the proctor.

Resources used:

- the Sybex - CISSP official study guide, it is great for people who cannot sleep at night.

- the videos on LinkedIn learning from Chapple (one of the author of the official study guide), I advise to watch the video after finishing the book to refresh the memory. (you can pass the first 5min of each video where Chapple is selling the book).

- CISSP cheatsheets, see my comments above.

For me, I an currently in the endorsement process, so certification in process.

And good luck for those taking the exam.

No comments: