I took the exam in London as planned, very nerve-wracking and took about 3.5 hours. Of the 250, I was sure that I'd answered about 40% correctly, another 40% I though should be OK and the last 20% I didn't want to ever see again! I revisited about 70 questions, second guessed myself a few times and then un-guessed a few of those. By the end of the exam, I wasn't confident of passing or failing - my eyes were starting to un-focus and my brain was fried...
You don't find out until you leave the examination hall if you passed or failed, and if you passed you only get a 'pass' - no score to say how well! If you fail, they'll let you know how you did on each CBK domain, allowing you to focus your future study.
The feeling of elation when they tell you that you've passed is great - I certainly didn't want to have to retake the exam. The next step is to get endorsed and I was able to get this done by a CISSP that I've worked with before who stands in good stead and was impressed with my work and knowledge when we worked together. 5 weeks wait before the confirmation email arrived and another 7 weeks before the certificate arrived in the post.
For those of you about to start studying, or currently preparing for the exam, here is a quick description of my study process:
- I used the CISSP exam study books for reference only - it's not written in an easy-to-read way and by the time you'd finish reading the entire book you'd have forgotten all of the content from the beginning anyway. Find a weak area and use these books to flesh out your knowledge.
- The 11th Hour Eric Conrad book (know this inside out) - the content in this book came up more often than content from the official study book - but you'll need to know everything that's in there.
- Skillset & CCCure for very simple and basic exam questions - they're not really anything like the real exam questions but tests your basic knowledge of all the domains. If you can use these to focus your study on your weak areas - I made sure I was hitting 80%+ for each exam I was doing before I booked the exam.
The exam questions are not the simplest to decipher - make sure you take the time to read each question twice and then make sure that answer is the 'best fit' for the question as there may be more than one correct answer (one will be a better fit than the other though!). Examples here may include questions about encryption or a transmission protocol - there are more than one of each but one will be better suited as a solution to that specific question.
So take your time, know your stuff, be confident and I wish you the best of luck!
Time to focus on my CPEs now - 40 per year to keep the qualification!
