Cracking CISSP

Its been a long time that I wrote on this blog but recently I got CISSP certified and many of my friends wanted to know how to go about it so I decided to put it in this post.

Honestly speaking I cracked this exam in 1.5 months of dedicated study. I have heard people taking lot more time for the preparation and then lot of videos/books/questionnaires to practice,  I found it easy to handle may be because of my experience with the Info-Sec industry(6+ years) and due to various roles(technical/Non Technical) and responsibilities I played in organization and a good preparation.

CISSP exam supports the people with Information Security Managerial skills. It pokes your decision making abilities on various information security issues. So with lot of study covering all the syllabus along with Info-Sec common sense it the key to pass the exam. And ya not to forget good amount mock tests will certainly avoid the injuries during the test as sitting for six hours staring the monitor at the pro-metric center needs endurance !

So how I cracked it :

1. RIP Shone Harris : Initially I had started with CISSP official guide CBK(as suggested by a CISSP friend), but I found that after reading the chapter when I was attempting the questions from All In One(AIO) Shone Harris I was getting most of the questions wrong. Then I realized that  my way of preparation is not ok. I ordered AIO from amazon and started with it. I found the book was written in a very nice way which helps the reader to the enjoy the chapters and helps you to understand the concepts well. She has a nice way presenting the boring stuff with lite and humorous manner unlike reader unfriendly Office guide CISSP CBK. I read AIO thrice and completed all the questions chapter wise. The question which I was getting wrong at the first go I marked them as important and then during the second reading I revisited those questions to rectify the mistake I was doing. Also not to forget the questions in the CD which comes with AIO. This software is exact replica of the way CISSP is conducted.

So, read AIO and get the concepts right. After attempting the chapter wise questions and the questions in the CD will prepare you well.

2. Official guide to CISSP CBK : I didn't read this book but I attempted it's questions and whenever I got any answer wrong I revisited the concepts and made sure that I am not missing any topic.

3.  CCCure Quizzer ( : This is great collection for the CISSP based questions. You can buy the subscription and its worth spending 50 USD for it. Practice chapter-wise first and them once you are done with all the chapters take a full test of 250 questions. If your result for full length test crosses 80% marks then know that you are ready for the exam. This site will gauge your preparedness to sit for CISSP exam. Also, it gives you a chapter wise/topic wise analysis so after a full length test you can work on your weak areas well. I would suggest you to start with it only once you finished your AIO at least once. 

4. CISSP Practice Exam: Again great work a by Shone Harris. Attempting these questions will top up your preparation, order this book as well along with your AIO. But CCCure will show you the real mirror !

I passed the exam in the month for SEP'14 and sadly after few days Shone Harris passed away. I wanted to meet and thank that lady about her great work as so many people passed CISSP because of her work. RIP !

5. Final Exam !!! : I had booked the exam date before starting the preparation, the reason is simple it helped me to set a time bound preparation plan and provided the deadline pressure which helped to keep my commitment high. I was overconfident so first time I gave myself one month time but when I score 65 % in CCCure full length test, I paid 50 USD to reschedule my exam date taking 15 more days and gradually I cross 80% in the test 2 days before my exam date. So I was confident but I revised all the concepts well before the exam. I had not made any notes but had underlined important stuff in the book. Its good if it works for you.

Exam day I did Yoga, meditated,ate lite lunch and was set for the exam which was scheduled in the afternoon slot. The pro-metric center reminded me of old cyber cafe days where people used to hide in small partitions for their privacy. It was 6 hours long exam and you can't stop the timer once the exam is on. I took almost 5.5 hours to finish and revisit the flagged questions. The exam was cunningly designed and surely if there is not depth in your preparation it will injure you. After the exam a soon as I submitted the answered I got the results and I had passed the exam. I knew I had done really well the reason was a good preparation. 

So prepare well. give dedicated time everyday for it. I had taken work from home for those 1.5 months. Also, note that all the modules are important. Don't leave any module, I saw many questions from the modules about which people were suggesting not to pay much attention to.And as now with the latest syllabus as the number of modules has been reduced it is all the more important to prepare well all the modules.

This was my way cracking CISSP. Something else may work out well for you. So design your strategy and with committed study for few months you will be able to crack it easily !


Popular posts from this blog

Facebook: A Privacy Error ??

DevSecOps Expeditions

HackIM 2018 Walkthrough OSINT 1 to 4