Inch Deep, Mile Wide

The CISSP Journey

  • cissp cheat sheet, cissp exam results, cissp exam results how long, cissp results, cissp results how long, cissp exam results how long 2010, failed cissp, failed cissp exam, cissp failure rate, keepass vulnerabilities, cissp exam experience, cissp cram sheet, what to memorize for cissp exam, how long for cissp results, waiting for cissp results, cissp test results how long, cissp resources, eric cole cissp, cissp results 2010, how many questions can you get wrong and pass cissp, cissp failed, coworkers with cissp, cissp exam result, official (isc)2 guide to the cissp exam - 2010, keepass vulnerability, taking the cissp, failing cissp, cissp exam cheat sheet, cissp scantron, how many question can you miss on the cissp, keepass review 2010, cissp exam experience 2010, cissp exam results long, keepass review, failed the cissp, how long to get cissp results, cissp exam failure rate, i failed my cissp, how long does it take to get cissp results, eric reed cissp, failing the cissp, cissp exam cheat sheets, cissp exam, i failed my cissp exam, failing the cissp exam, torrey woodhouse cissp, how long do i have to wait for cissp exam score?, how long cissp results, how hard is the cissp exam, cissp cheatsheet, cissp dec exam result, waiting for cissp exam results, cissp fail, how many questions can you miss on the cissp, cissp results wait, how many people fail cissp, cissp results december 2010, fail cissp, cissp december, cissp exam fail, failure rate for cissp exam, cissp test experience, how many domains are covered in the cissp exam, cissp results email, failed the cissp exam, how long does it take to get cissp test results, cissp, torrey woodhouse, cissp exam statistics, do you have to pass each domain for the cissp exams final grade, fail the exam cissp, cissp failed 1st time, cissp scaled score +70, fail cissp test first time, waiting on cissp exam results, thank you for sitting for the certified information systems security professional (cissp)® examination on 12/05/2009. we recognize and commend the significant personal commitment, 2010 how long does it take for cissp results ,cissp exam failed, cheat sheet cissp, eric cole sans management 414, people who thought they failed the cissp exam, experiences with taking cissp, freepracticetests cissp exam, cissp dec result, cissp failed 2010, cissp cheat sheets, cissp personal study notes, cissp exam results email, cissp time until grade received, how long isc2 cissp exam results, how long should i wait for my cissp results, cissp questions, how is the cissp exam graded, how is cissp graded, cissp exam difficulty,, eric cole cissp audio, cissp exam status & results, wait time between cissp exams if you fail, how long does it take to get the results of the cissp exam, do people fail cissp, what should i know before taking the cissp, i feel like i failed the cissp, december 2010 cissp results, how many questions can you miss and still the cissp exam, should is used all in one cissp 5th edition to prepare for the cissp examination?, cissp exam results december 2010, are questions really from the test, cissp cheat, cissp exam result wait, cissp exam thoughts, how long until i get my cissp results, why does it take so long to grade cissp, cissp december exam result, how many fail cissp exam, took the cissp exam, cissp fail rate, cissp exam results nov 6th 2010, i am going to fail cissp, cissp exam result december, cissp exam result dec, difficulty level of cissp questions, why does cissp take so long to grade, cissp taking, my cissp exam experience. cissp exam cram failed cissp, cissp results take longer than other, cissp certification discouraged hard, cissp exam result email, what did you see on cissp exam?, least privileged blog, taking cissp exam, cissp results december, 7 types of hard cissp exam questions, waiting cissp exam results, how many questions can you miss on the cissp exam, cissp practice exam, took the cissp december 5, 2009, how long cissp results failed, cissp test results, cissp study sheet.xls, eric cole cissp prep, dec 6 2009 cissp results, cissp how long for results, cissp cryptography cheat sheet, hands-on ethical hacking and network defense 2nd edition pdf, fail cissp by 9 points, cissp dec 2010 results, cissp exam failure rates, i think i failed the cissp, sans enough for cissp exam, cissp cheat notes, when did you receive your cissp results, how many pass cissp exam first time>, cissp test rsponse time, cissp exam results fail, failure rate cissp exam, cissp exam questions, miss exam cissp, june 12 2010 cissp exam results, how long to wait for cissp results, how long does it take for cissp results, how long to receive cissp results 2010, cissp thought i failed, cissp study sheet, when will i get my cissp results, how long does it take to receive cissp test results, cissp 5 dec exam, cissp eric cole, cissp exam results fail experiance, cissp results, how long to get cissp exam results, cissp fail safe, cissp post exam syndrome, cissp exam can you bring notes?, keepass mcafee, what to bring to cissp exam, shon harris evo, cissp exam result 20th december, giac security leadership certification training programs wisconsin, cissp result score, 401, how many pass cissp exam on first change, cissp+cheat+sheet, eric cole sans cissp slides, pass fail for cissp, giac security leadership certification personal experiences, cissp cheat sheet 2010, how many questions can i miss on cissp and still get 70 percent, cissp recent exams feed, how many domains are covered in the cissp exam and list each domain name?, cissp 80% who fail first time, cissp exam results failed, about cissp failure rate, how long does it take to get a response after taking cissp, cissp post cheat sheet, how to pass cissp, if you fail the cissp exam, least privlaged cissp, beta questions on cissp test, how hard is cissp exam, dear candidate, certificate number: 360xxx, how long grade cissp, cissp experience, my experience taking the cissp exam, long cissp exam results, cissp cheat sheet notes, cissp exam tips, cissp online books resource, just wrote the cissp exam, cissp result 5th dec 2009, cissp post exam experience, cissp results fail, keepass + vulnérabilité, how to cheat on the cissp exam, carnegie-mellon cissp course, how long for the isc2 endorsement, how long after the exam the cissp results come in, cissp study plan .xls, how long does it take to get cissp exam results back, cissp test comments, 7 types of hard cissp exam questions, where do i check for my cissp result for pass or fail, sans cissp test answers wrong, cissp practice exams (all-in-one) download, real exam cissp pass, grading cissp test, percent of people who pass the cissp exam, taking the cissp exam - my personal experience, cissp cheat sheet free, failed cissp 2 times, how long cissp results december, failed 5 timees in cissp, cissp exam questions weighted, cissp exam experience, osi cissp notes, cissp 2010 results, cissp cheet sheet, cissp made easy, keepass malware, what if i fail cissp exam, cissp how many can i miss, keepass rainbow, waiting for cissp test results. cissp test results taking a long time results nov 6th, taking the cissp, cissp 2009 result fail, i am ready for the cissp exam, what to bring to cissp, cissp exam is really hard, what is the failure rate of 2010 cissp exam, cissp december 2009 results, cissp how long to get results, keepass security, ow many people fail the cissp, issp answer sheet a,b,c,d quarters, what to expect when taking the cissp exam, eric cole cissp mp3, i fail cissp, cissp pass fail rate, when you fail th cissp, what is the percent of per domain for cissp exam, how long does it take to get exam results for cissp,, transcender practice cissp forum hard easy, failed cissp test need help, cissp results 1 week, keepass online storage, cissp test fail rate, cissp december results, cissp dec 2009 result, isc2 said i passed cissp exam then turned around and said i did not, how to cheat on cissp, cissp exam 6 hours, brute force password cracker snapfish, cissp lectures, cissp access control cheat sheet, how long cissp exam results, cissp vs gslc,, how long doees it take for the cissp results, failing cissp exam, taking the cissp exam, time required to prepare for cissp, how many fail the cissp exam, cheat sheet for cissp, cissp results how long 2010, i failed the cissp exam, how long to wait for cissp exam results?, cissp exam, failed cissp exam what do i tell my boss, i think i failed the cissp exam, securitymanagementpractices1.mp3, cissp least privlaged access, pass fail cissp, eric cole cissp seminar, 2010 cissp exam blog, eric cole cissp notes, cissp exam failure, cissp exam write on blank paper, cissp december result, failed cissp longer, gslc vs cissp, keepass vulnerability ctrl-c, eric cole audio download cissp, free practice exams cissp, how close to real exam, cissp study plan, how to feel after taking cissp, how do they grade the cissp exam, how many questions can i miss on cissp exam and still pass, cissp test closer to real exams, cissp barely failed, freepracticetests cissp pro hard, what day do cissp results normally come out, cissp results how long, cissp missed questions, how many times can i write the cissp exam, cissp exam results e-mail, december 12, 2009 + cissp examination results, secret to passing the cissp exam, failed cissp exam 3 times, cissp exam no problem, cissp exam result for 5th december 2009, who took cissp exam in 2009, deepmile facebook, keepass vunerability, how many times have you taken the cissp, cissp weighted, cissp test timeto get your result, isc2 training camp archive, cissp shon harris, copied cissp questions 2010, cissp exam results time, how to find out cissp test results, cissp exam overview slides clement dupuis, issep practice exam, sans audio for cissp, official (isc)2 guide to the cissp pdf, cissp waiting game, how many questions can you miss on the cissp and still pass, prepare cissp exam, 7 days to cram for cissp, cissp fail test scores, passing the cissp exam, eric cole mp3 cissp, cissp exam room highliter, sans audio slides series eric cole, sans mgmt 414 mp3, cissp 414+, sans mgt 414 mp3, test results for cissp october 4, how to prepare for cissp, cissp domain 6 quiz, cissp december 2009 result, i received my cissp results today at, why people fail cissp, december 12 cissp exam results, free cissp mp3s, sans cissp practice test by eric cole, audio cissp eric, cissp domain 5, cissp exam 2009 drp, cisa barely passed, sans cissp eric cole mp3, clark-wilson model anti-malware, december 6th cissp exam 2009 still no results, cissp domain rss feeds, when will i get my cissp results?, cissp exam results december 2009, cissp eric reed, i took my cissp exam 2009, eric cole cissp video, cissp test october 2009, eric cole audio cissp, cissp exam december 5 2009 results, cissp exam december 2009 results, cissp frustration, management 414 sans +s training program for the cissp certification exam presented by eric cole!, december 5 cissp exam results, feel in exams personal experience, waiting on cissp score, what to expect when taking cissp exam, cissp fail one domain, how long will the result of cissp exam be kept, what if i fail the cissp, cram guides cissp practice exam 2010, what you need to know for the cissp exam 2010, skillport cissp, cissp results response, how long does it take to get the cissp exam results, eric cole cissp lectures mp3, failed time between cissp tests,, cissp 2009 domain 10 notes, cissp study sheet telecommunications and network security, cissp exam estimated results, how many times fail cissp exam, how long to find out if you passed cissp, failure rate of cissp exam, let someone else take cissp test, percentage of people that fail the cissp exam, how much time do i have after passing cissp exam, cissp exam results aug 2010, when can i expect my cissp results?, official (isc)2 guide to the cissp exam - 2nd edition, 2010 pdf, can i take a class for cissp exam and then take the exam, 7 types of hard cissp exam questions pdf business phone, brutal cissp exam, shon harris wiki, software review: keepass comment, how long should i study for the cissp exam, difficulty of cissp compared to gslc exam, cissp update, does cissp have a 80 failure rate, keepass got hacked, what day do cissp results arrive, cissp results taking forever, what is the password to print all in one cissp 4th edition, cissp exam results 2010, cissp night before, took cissp today mostly operations, cissp exam 5 times, cissp exam notes, cissp brutal 6 hour exam, cissp passing results take longer, cissp 5th front, i failed cissp 2009, cissp taking again, picturetrail password brute force, transcender cissp practice exams, cissp exam failing results, how many people fail cissp first time?, i'm socring 80 and higher on cissp practice exams, cissp difficulty level, i passed the cissp, isc2 exam results letter scanned, cissp booklet, how good is freepracticetests cissp, cissp one month passed, cissp exam results waiting, how i passed cissp exam, any experience before cissp exam, cissp exam result already 4 weeks, weighted cissp exam, cissp encryption cheat sheet, who grades cissp tests, cissp telecomm cheat sheet, took cissp exam questions focus more, cissp how long before taking the test if you fail, cissp failed again, cissp is an easy exam, but tricky, cissp exam most tested domain, cissp exam what to bring, cissp statistic, online cissp practice questions exam cram, cissp exam comments, cissp exam results takes a long time, cissp failed email, cissp exam results 2010 do they give you your score fail, cissp actual test feedback, length of time to learn results from cissp, issmp notes, least privileged +physical security, passing cissp 1st time, cissp how many questions can i miss?, keepass auto login vmware client, cissp waiting for results, feel like ive failed after taking cissp, cissp change grade, (isc)² eric cole review, freepracticetests any good for cissp prep, trick cissp scantron, how to pass a cissp exam buy guessing answer, cissp exam collector, cheating on cissp exam, how many cissp question can be missed, cissp exam 80 percent right to pass, what kind of pencils do you need for cissp exam, cissp exam audio cd, cissp exam grading time, cissp acronyms flash cards, post cissp test syndrome cccure, when does cissp exam start hours, keepass experiences, failed cissp exam?, eric cole cissp lecture, cissp pass for sure, failed exam cissp, how long does it take for the cissp results to come out, issap cheat sheet, help failed cissp three times, getting cissp results, does it take long to get cissp exam results, failed my cissp exam, taking cissp, waiting for cissp result, what is the hardest cissp domain

Taking the CISSP Exam – My Personal Experience

Posted by -Durk- on December 18, 2009

There were two groups of folks from my workgroup who prepared and took the CISSP exam. The first group of 3 (including my boss) started off with a CISSP boot camp, studied for about 10 weeks, traveled to a different city, stayed in a hotel and took the exam. They felt very unsure after the exam and thought that they either barely passed or barely failed. They all passed. So the pressure was on me and the rest of the second group! The first group studied about 500 hours.

There were 4 guys from my team that made up the second group (including me). I started out with just the AIO Shon Harris book (Fourth Edition) and the online site that is extremely introductory but has some short Shon Harris videos (basically just introduces each domain). Shortly after I added a SANS audio/slides series taught by Eric Cole. The audio and slides were from a 1-week CISSP boot camp sponsored by SANS.  And then I took many practice tests ( And I was failing miserably! I had to switch gears!

SO, the first thing I did was start a study group. I really think this is key. It was definitely a turning point for me.  If you can get a study buddy then DO IT! We added a video series by Shon Harris. I also made some study cards based on a boot camp that centers around the Shon Harris book. The first group of 3 guys went through that actual boot camp by Eric Reed, they traveled and went through a week of hell. They said it was a waste of money. It was not sponsored by ISC2– a waste (in their opinion).

We conned our boss into buying 300 practice questions from ISC2. They are pretty good questions, but nowhere near the difficulty level of the real exam. And we focused on the site. We generated questions across each individual domain that we studied and focused on the pro questions. But then we discovered later on that the pro (the hardest) doesn’t give you much of the easy/medium/hard, but seems to pad with the rookie questions. So then we went back and generated 250 (or the max) for each level (Rookie, Easy, Medium, Hard & Pro) across all domains. If I had a chance to do it again (and I just might!) I would do each level for each individual domain (or 50 different tests).  [UPDATE: was all free when we were first using the site, now there are limitations with the free version.  Go ahead and spend the money to be able to generate more questions.]

Once we generated the questions we copied/pasted into note pad or text pad, printed the questions off, created a scan tron sheet (link here) and we practiced taking the real exam with the questions from We were scoring in the mid to upper 80s to lower 90s. We made it a practice to write on the test. We wrote the answer (A, B C or D) on the test, crossed off the wrong answers, made notes, circled or underlined key words, marked questions that we were unsure or not confident about, etc.

One of the guys on our team used the Official ISC2 book and we also used an Exam Cram book and Exam Cram practice test book, we mostly used these as a reference along with wikipedia. I estimated that I studied around 300 hours-just me.

The exam that we registered for was in our metro area, but about 45 minutes away. We conned our boss into letting us stay in the hotel that was hosting the exam the night before the exam. That way there were no worries about traffic or travel. We relaxed the night before, did a little bit of last-minute testing and cramming and we felt pretty darn good. We visited the conference room where the exam would be held-nothing too special, but still building up our confidence. We made sure that we woke up 2 hours before the exam and we were ready to go when the doors opened a half hour before the instructions were given. The room was packed-about 40 testers, most seemed to be there for the CISSP exam.

I came up with the idea of a cheat sheet. I started to create a cheat sheet (link here) that I wanted to memorize so that when I sat down for the exam I could just begin to write these notes on paper and create a cheat sheet from memory!  I was proud of myself, before I even looked at a question I brain dumped and scribbled my notes on the inside of the first page. I made a half a page of notes. The OSI model, reserved IP range, Bell LaPadula, Biba and Clark Wilson model and some notes. And a few others.

And then there was the taking of the real CISSP exam after all that preparation….

Holy hell. It was like a blow to the head from out of nowhere.  I never used any of my notes! I had one question on the OSI model and it was about an optical cable…physical layer.  That was the easiest question on the test.  Maybe the only easy question on the test.  And I still spent a good 2-3 mins making sure I wasn’t being tricked.

About 3 pages in I had to close the booklet to make sure I was actually taking a CISSP exam. There were a couple of other exams being offered at the same time. Unfortunately I had the right exam. I will say this, about 3-4% of the questions I knew the answer before I saw the answers, but there were about the same amount that I didn’t have a freaking clue, as in I totally and completely guessed-but only 5-7 questions. MOST of the questions I was able to cross off 2 of the 4 answers and make a pretty good decision about the final answer-as in I felt pretty good about the answer I picked.  I didn’t second guess too much.

Some questions took up a half or a whole page. It took me 5 solid hours. I took 2-3 bathroom breaks. I had 2-3 plastic 20oz bottles of Pepsi. I had a few chocolate granola bars. I went through 3 pencils (that they provided). It was brutal. I planned to review the questions I didn’t feel too good about, but just didn’t have it in me-plus I went a tad slower and was pretty comfortable with the answers I chose. 2 of the others in my group also took a solid 5 hours and one took about 3. I am very unsure of how I did. I THINK I guessed OK most of the time.

I had 3 immediate thoughts during and right after the exam:

  1. Inch deep mile wide my ass! I wrote this on the inside cover of the exam booklet.
  2. My boss got ripped off on the 300 ISC2 questions! The exam simply wasn’t like the practice test questions.
  3. I’m gonna have words with my co-workers who said that the test questions we were studying accurately represented the real exam.

Most of the others on my team that took the exam were almost sure that they failed. The first group of 3 that took the exam last summer felt the exact same way, 2 were sure they failed and were on pins and needles waiting for the results. Boss thought that they would all barely pass (or barely fail).  They all passed!  They too expressed frustration with the practice questions they studied.

There was only 1 in my group that took the exam with me who is pretty confident that he passed. He has been in the telecom and tech industry for 20 years, and honestly, he is the smartest person I know. I am sure he passed. The other 3 of us just flat out don’t know. If I failed then I think I only missed the mark by a little-I doubt I got less than 60%. And I am very confident that I can switch gears and study another month or 2 and pass no problem.

My co-worker keeps asking if I think I got 75 questions wrong-that is about how many you can miss and still pass. The questions are weighted so that is not completely accurate. ISC2 throws out 25 that they use to just test the waters (“beta” questions if you will).  70% of 250 would mean one could miss 75 questions, but 250 minus 25 is 225, 70% of that is about 67 questions.  So technically one could miss 67 plus 25, or 92!  I really don’t know how I did! I sure could have missed 75 questions! I just don’t know. Hopefully I will know before Christmas.

I took the CISSP exam December 5th, 2009. It is my understanding that they just wait until they have “enough” exams and then they grade them all. So I don’t know when they will grade them or when I will get the results.

I will let you know ASAP! And I will be honest about the results.

[1/8/10 update:  I received my CISSP results today from (ISC)².  I am now part of the 80% of the people that fail the CISSP exam their first time.  I got 65% and needed a 70%, so I barely failed. Time to put Plan B into effect.]

Déjà Vu: Taking the CISSP Exam – My Personal Experience (Part 2)

76 Responses to “Taking the CISSP Exam – My Personal Experience”

  1. Torrey Woodhouse said

    I know how you feel! I took the test today and I also looked at the front of my booklet to make sure it was the right exam. It was bananas. I felt like I studied for the wrong test. I would read the stimulus and figure “the answer should look like THIS.” But then I would read my choices and none of them were like what I expected. This slowed me down a bunch because I had to read every question and every answer. I would eliminate 2 choices at times, and then I would take too long to make a choice between the remaining two. I kept a coin handy and at times I would flip the coin to help me make a doggone decision, but then I would second guess the coin. I finished 5 minutes before shutdown time, and I’m so hoping I have the results of your colleagues.

    Me: What a great response! Shock is definitely one of the things I felt strongly when I was taking the test. I was pissed too.

    Here’s what I would ask you to do, take a few days to process your experience and collect your thoughts then write out these thoughts (preferably before you get your results):
    –What was your study plan? Resources, hours, strategy? Did you have a study partner or group?
    –And before you get the results that you passed, tell me what you would do if you had to study more and take the exam again.

    Finally PLEASE let me know if you passed or failed. Be honest, 80% of people fail the test the first time out. I have vowed to do the same!

    Thanks for stopping by. There just isn’t much of this type of feedback out there. This simple site has gotten a whole lot of hits in a short period of time!

    • Torrey said

      I just got word this morning that I passed the exam. Prior to taking the exam, I had not heard this statistic of 80% failing the first time. I’m glad I didn’t. It was really a downer to read it in your response to me. I’ve actually heard something to the contrary. I went back to Clement Dupuis’ flash presentation on and re-listened to the part about post exam syndrome. He said, “You WILL feel this way.” I was surprised at how he didn’t equivocate at all in this statement, and he’s a CISSP trainer! He also said, “It’s probably a good sign because most people who feel this way find out later that they passed the exam.”

      A friend of mine who passed the exam about 8 years ago said he felt the same way after the exam and was surprised to see that he passed. I focused on his words and those of Clement’s instead of your 80% statistic. It was the best thing I could do since the test was over anyway. I hope that friend is still in good standing because I need someone who knows me to endorse me.

      Anyway, it’s now time to get endorsed and move on to the ISSEP, ISSMP, and/or ISSAP sometime in the next 12-18 months.

      Me: Congratulations! Yeah, the folks that feel good generally did not do good. However, my co-worker finished in 3 hours and felt pretty good. He was the only one in our group of 4 who passed. Good luck with the endorsement!

  2. 80% fail rate? My SANS instructor said she’s had hundreds of people who took her class take the exam, and she only knew of one that failed.

    Me: The SANS CISSP preparation classes, although pricey are incredible! I have heard and read that statistic all over, but a quick Google search brought up the stat from Cert Test Training center: CISSP Estimated Exam Failure Rate = 81%.

  3. […] for the CISSP or have some advice for those studying for this exam? Check out the Least Privileged blog for this person’s experience with the exam (he failed the first time) and lots of CISSP […]

  4. Judi said

    I failed.

    • -Durk- said

      Well then you are in good company. Welcome to the 80%. Now, be pissed, take a breath and start to create plan B. My advice is not to wait to start studying again. I waited about 5 months before I started up again-that was just too long. So here I am with the Exam 3 weeks away and a year away from the first time I took it.

      My experience is that if you are in a profession that immerses you in security then you will probably be OK. But if you only have a deep experiences in very focused areas of security then it is a struggle. I belong to a security group, I have security in my job title, but it is a very focused area. I also am in the telecom sector and telephony is my worst domain! Don’t be discouraged!

      I would love to hear your experience. How and what did you study? What did you think of the exam itself? Paper or Electronic test? Take a few days to get over it and begin to journal-even if it is just for YOUR eyes! This will help you next time.

    • -Durk- said

      Judi, are you taking the exam again? I have a few lectures if you are interested email me directly and I will share with you. (That goes for anyone else too)

  5. Jason said

    I took the test yesterday (Dec 5th 2010), exactly one year to the day after the original post above. I feel pretty comfortable that I passed but I am not 100% sure. I studied the 5th edition of the All-in-One guide cover to cover, downloaded a book containing 300 practice questions onto my Kindle (that I never completed) and then purchased the companion book of practice tests by Shon Harris. I know I missed 3 of the questions that I looked up as soon as I got back to my jeep. This waiting is going to drive me mad. Man I hope I passed!

    • -Durk- said

      I hope you pass too! I have waited for a month now. I think it is a holiday thing. I hope to get the results VERY soon!

      Thanks for stopping by! And thanks so much for sharing a bit of your experience!

  6. DK said


    Took my exam yesterday (in the UK), and I don’t have a very confident feeling. What probably surprised me most (like most people), was how different the actual questions were compared to the practice ones I’d been using. Very little similarity.

    I narrowed a lot of questions down to two sensible options, but felt there was such a fine line between the two remaining, made it difficult to guess. Probably, why it took me five and a half hours to complete.

    BTW, thanks for setting up this site. Good to have an area where people can share thoughts\feelings\tips etc.

    • -Durk- said

      Thanks for stopping by DK. Best of luck to you. Please let me know how you did. I found out today that I passed! Thanks for the kind words about my blog.

    • DK said

      Got an email through today from the (ISC)2 Registrar informing me that I’d passed the CISSP exam. Wasn’t what I was expecting at all. I guess lady luck was on my side. The CISA awaits me now!!!

      Good luck to everyone out there preparing for this exam. My only advice is to put the effort in…..there are no short cuts with this one.

      • -Durk- said

        Congrats! Good job! Celebrate hard!

        Next is your resume and someone to endorse you. Excellent! The relief and sense of accomplishment is exhilarating. Not luck, hard work, and it paid off. I have said the same thing, you just have to put the time in and it will somehow work itself out. If not the first time then the next. I wish there were better prep materials out there. The real deal is nothing like the prep.

        Took them almost a month to reply? They need to fix that gap. Frustrating.


  7. scott said

    I am currently studying for the CISSP test and have read 3/4 of Shon Harris’s book along with a Global Knowledge test prep course. I bought the Krutz Gold Edition book along with an exam cram. I have heard from many others what is said on this board about the test being not like the study guides and and practice questions and am wondering if studying this stuff in depth will do anything but put me to sleep. I hope to take it Jan. Feb. time frame but I am worried I won’t pass even with a lot of study.

    • -Durk- said

      I hear ya Scott. I don’t have an easy answer, the time still needs to put in, just know that the real exam is hideously different, deeper and tougher…AND PASSABLE!

    • -Durk- said

      Scott – Did you take the CISSP Exam? How’d you do?

      • scott said

        Thanks for asking Durk,
        Yes, I took the exam on March 5th in Chicago and within two weeks got an email that I passed. Whew what a relief, I was pretty stressed about it. I have my application in right now waiting for the actual cert. I really didn’t think it was as bad as I expected. Although a lot of the questions were confusing. I took some granola bars and some unsweetened tea, I only took 3 breaks and plowed through it in 5.5 hours. My brain started to shut down after question 169 so I chugged down a tea and the caffeine took me through to the rest of the test. I had circled some questions I wasn’t sure about and went back and changed answers several times on them but never felt like I knew the answers to those at all. I really did feel like the Shon Harris book had all you needed to know in it, especially since a lot of the questions were not direct questions from the study guide. I felt like if I studied too many different resources I just started to get confused and frustrated. If I had to do it again I’d study the Shon Harris book alone. I think I got a little of every domain on the test with a slightly higher number of questions on BCP and DRP and legal. But it’s over now and I’m relieved.

      • -Durk- said

        CONGRATULATIONS SCOTT! Way to go! Thanks for the description.

  8. Marty said

    Wow, I know all too well how all of you feel. Feels bad doesn’t it? “That’s an understatement” I took the one week bootcamp. Studied as much as I possibly could. I work in this industry but that alone would not have made a difference. I took probably around 1500 questions all that week also from CCCure and others that I could find. I took the test and failed. Yes, in the test I thought “this can’t be right. I have the wrong test”. Oh it was the right one. I begame to calm down and knew exactly this answer (or so I thought). I guessed a some also. I read the entire Shon Harris book and the class material. So, I failed not expecting too. I was about in tears when I got the “Thank you for taking…” because if your email starts like this you failed. Now, I told myself that I would not take a test again that is like throwing a rock in the dark. But it ate at me for 6 months or longer. I have never allowed something to beat me. So I started studying again. I signed up and payed my $549 myself since out company forgot to mention the free resite we got if we failed. Its okay since the class as a absolute joke. Waste of company money. Plan B: I watched all the Shon Harris Videos, took about 3 notebook full of notes almost the entire dialogue of her videos, but didn’t do any practice tests. I didn’t see one practice test like I took on the test. I felt this messed me up. I took it this past Oct for the second time and ….yep I failed again. Now that is a downer right? “Okay, I see how this dog and pony show is going now” I said. I now have taken it personally. I have studied the last 3 to 4 months. I purchased the Eric Conrad book and I highly recommend it. I have went through the entire book with different color highlighters, listened to Shon Harris on my iPod at night falling asleep many many nights, took another 4 2″ notebooks (front and back) of notes. I know the material better for sure. I am taking the test again in a week. I now have about $2000 of my own money. The company spent over $3000 for the camp and test. I have spent well over I don’t know a 1000 hours between the three study times. Some overlap of course but the hours are still there. Again, I people ask me am I ready. I tell them I am as ready this time I guess as I was the first I guess. Well, not really. You see I have learned a lot more. Looked at more than one source for material. Did the notecards, notes, highlighter to emphasize, about 5 inkpens and pencils, and more experience working in the field which is a great asset. Now, I really am more prepared but one never knows. I likened it to this. There are two stacks of paper. One says PASSED. One says FAILED. I am just hoping my name is in the PASSED one this time. If not, I will continue on and take it again. Oh yea, I forgot to mention that I have Tourrette’s Syndrome and ADD but those have never been used as an excuse for anything I have failed and I won’t start now. It actually makes me more determined. My point is: This is a career investment (and no I don’t have the money to keep doing this) not another Certification. So do what you can with all your might, pray for sure, relax, and enjoy the ride. Once I do pass it will all be worth it. Don’t let this beat you as I am not!!! YOU PASS THIS TEST. MAKE IT PERSONAL BECAUSE IT IS PERSONAL AND YOU KNOW IT.

    Wish me luck and I bid you all good luck. Email me with any questions if I can help. They will help both of us I am sure.


    • -Durk- said

      FANTASTIC descriptions! Thank you much. KEEP AT IT and the best of luck to you! Also know you are in good company. I passed it my second time, but my 2 co-workers did not. I feel for them and I feel for you. Can you get a study partner? Be sure to check out my latest blog on Thrifty CISSP and CISSP Study Plan Memoir ( because they are some GREAT tips-I wish I had read it before I took the exam. I especially like the 8 steps approach for the exam questions, very nice! Please follow up with me. I sure hope you pass. Eat and sleep well before the exam. No cramming. THE HARDEST PART is taking it the first time while not knowing what to expect and choosing to continue on. You’ve done that (twice), now keep going. KEEP GOING, KEEP GOING! You can do it! Give me a date of when you plan to take it and I will pray for you, seriously, I am a man of faith. Also let me know if I can help-even if it is a phone call to encourage you. Seriously. Now kick its ass!

    • -Durk- said

      I have a few lectures if you are interested email me directly and I will share with you. (That goes for anyone else too).

      • emma said

        I am interested cissp. I have setting for the exams in july

      • -Durk- said

        Are you ready?? What are you studying? How are you studying?

      • Marty said

        I am very interested. I took the exam on April 10 and failed. Made 671 this time. That was the 3rd. time. Now on to study for the 4th. Yes, I would love anything you could offer. Many thanks,

  9. Pete said

    I failed the exam with a 645 score after I attended a Training Camp boot camp. The teacher was terrible and deceitful regarding questions that would NOT be presented in the test. For example, he skipped the Telecommunications & Network Security domain almost entirely because according to him there wouldn’t be any “technical” questions in the test specifically not about the OSI layers, networking and such. He was wrong, his name is Kevin Henry, if you ever hear he will be your teacher for a boot camp you plan on taking, my advice would be: STEER CLEAR. He would get side-tracked most of the time sharing hour long stories about his personal experiences, we’d all look at each other and wonder if it would ever end and if we’d ever get to actually learning anything.

    I can’t blame him entirely for failing though. I have about 9 years of experience in IA, and felt pretty confident that I’d pass it on a second try. I studied hard for 30 days for about 5 hours on week days and entire days on weekends starting after I got the fail notice, I took another shot at it and just got my second fail notice: 678. At this point I felt extremely frustrated, I know the material, I was doing great on practice tests, but just like that, it felt like it was all for nothing. That was a month of my life which I’d like to forget forever, but no, I will not give up just yet. I just scheduled a third time for May 15.
    This will likely be my last try.

    • -Durk- said

      Pete – Thanks so much for sharing. I haven’t heard of too many good things about boot camps. I certainly feel your pain! Be sure to check out my latest blog on Thrifty CISSP and CISSP Study Plan Memoir ( because there are some GREAT tips-I wish I had read it before I took the exam. I especially like the 8 steps approach for the exam questions, very nice! I am so glad to see that you are sticking with it! Like I have told others, you are not alone! HANG IN THERE, YOU CAN DO IT! May 15th, OK, please let me know when you pass (and you will pass)! Hang in there brotha!

    • -Durk- said

      The practice tests just aren’t anything close to the real exam, at least in my experience. They are just completely different! What are you doing differently this time around? Are you studying differently? Diff material, tests? What? Also, I have a few lectures if you are interested email me directly and I will share with you. (That goes for anyone else too)

  10. Pete said

    Well, I watched all the Shon Harris vids, lots of reading and practice tests..I wish I had came back here after my comment. The lectures would have been welcome.

    I appreciate the email you sent me with tips for the test.

    Thanks man!

  11. Pete said


    I got the email yesterday with the good news that I passed..FINALLY!

    Now on to the CEH v7..

  12. Devin E. said

    I took the CISSP today and I don’t know if I passed or failed. I read the Shon Harris book, Shon Harris Videos, and the completed the ccsecure questions. There were so many situations were I was down to only two questions. I HATE the waiting.

    • -Durk- said


      You studied the right stuff. Take a few days to relax. It is over with for now! The waiting game begins. In a day or so start to write out your experience, what you studied, how you studied. Then write out the actual exam experience. I’d love for you to share your thoughts here! GOOD LUCK!

    • -Durk- said


  13. ramses said

    Durk, is a late congrats, but Congratulations, I will try it on october so I will cross my fingers to passed in the first round because 500 buck in central america is a lot of money, I have a similar story when I did the CISA exam, I did it english because is better when you what to try luck in other countries and I was lucky to pass that one. thanks for the blog

    • -Durk- said

      Thanks for the congrats! Even after all these months it still feels good to have that exam behind me! Good luck on the test in October.


  14. Ayoub Tartir said

    My CISSP journey started on January 1st of this year. Before thinking to become CISSP certified, I did a CompTIA Network+ and Security+, also I am a PMP (Project Manager Professional) and a Master Certified in Program Management. If I speak the truth, all of these certifications helped me to study and prepare well for the CISSP at which I initailly took it on May 21, 2011 and unfortunatilly I did not passed it, but I retake it on Sept. 10, 2011, and currently I am waiting for my results. For my CISSP preparation, at which I need it to be started in a simple fashioned, I started reading The Eric Conrard 11th hour CISSP study guide. I read this book 3 times and kept all of the knowledge in my brain. After that I read the “Eric Conrad & others” CISSP Study Guide 1 time and did the 2 onlne tests and I remember I achieved a score between 780 to 800 of both of them. after that, on Jan. 23, 2011, I attended a CISSP preparation course, as a credit college course in a local community college, by paying around $450, and the instructor used Shon Harris book, as a textbook. I was happy for attending this course and it let me to understand the whole Shon Harris book in more in depth. On May 10, 2011 this course has been ended and I did great work by achieving an “A” grade, at which it motivated me to do the actual exam. Between May 10, 2011 and May 20, 2011, I reread the Eric Conrad book again and redid the 2 onlne exams, and for this time, I achieved a score of 880 to 900 for both of them. On May 21,2011, I did the CISSP exam, and speaking truely, it was the hardest exam at which I took it in my whole life. My exam score reported on Jume 10, 2001, and as I mentioned before, I did not pass it, I remember Igot a score of 609. After that, I told my self why I did not pass it and how can I pass it in the next time. I found out that if I restudy and keep focus on the 5 below knowledge areas, at which I achieved them on below my previous score, I will definitally pass it on the next try. So I picked up the (ISC)2 CBK book and read it 3 times from the front cover to the back cover by keeping more focus the 5 below knowledge areas. So I retook it on Sept. 10/2011 and currently waiting for the results but feeling that I did well this time and hopefully I am going to pass it. Also I am currently started reading the CSSLP exam material to fill out my waiting time and hopefully to take it on Dec. of 2011. Generally speaking, CISSP is a more subjective exam, which feels that the examiner should bahave simillar to the CIO or CEO duties, so both of my Project/Program management could help me to achieve it.

    • -Durk- said

      Thank you SO much for sharing your story. Was there any of the study material that you wish you hadn’t used? Good luck and please let me know when you pass! THANKS AGAIN!

      • Ayoub Tartir said

        All of the materials, that I listed them above, helped me to intially introducing me to the CISSP world and then let me to understand more in depth the material, and I pround that I used them. My role in the life is in order to succeed, need to think it as simple from the beginning, like security rule which conforms to the simplicity. In other wards, if I started reading Shon Harris book first, I will definitally not continue my journey into CISSP world.

      • Ayoub Tartir said


        I just got an email notice yesterday, and unfortunatilly I got a score of 678 and I did not passed it. It is look like that I did much well this time compare with my last time when I got a score of 609. So what do I need to do next to succeed and achieve the CISSP credential??. I am going to do the following steps:
        1- Between 9/11/2001 – 9/25/2011, I read CSSLP exam preparation by Donald Krutz. I found out that some CISSP exam questions answers are found in this book and I am going to be confident to answer them correctly next time. Also I am going to reread it later.
        2- On 9/26/2011, I started reading CSSLP CBK by (ISC)2. This book will improve my Software Assurance knuwledge and skills and will let me ready for answering a better number of questions which are related to software security.
        3- I recently ordered, ISSAP CBK by (ISC)2 at which I am going to start read it once receiving it and finishing reading the CSSLP CBK. This book will enhance my knowledge in the field of Systems Archetecture, including: data communications, physical security, access control, and security archetectures.

        In general this plan, will not only help me to pass the CISSP exam, as I hope, but also invite me to discover and keep advancing in my professional career.

        I am thinking to schedule to retake the CISSP by the early of December 2011. So I welcome for any comments which can help me to achieve the CISSP.

        Also, I remember that both of CISSP exam questions are completely different, thats may contribute to not passing in my 2nd trial.

      • -Durk- said

        67.8 %! Ugh…that means you are 96.8% of the way to passing! That’s only couple of questions. I like your plan! Get right back up on the horse and try again! Good luck, God bless.

      • Ayoub Tartir said

        I retook the exam again on October 8th, 2011 by paying an extra 50 dollars rather than waiting into next December, and guess what???? A big surprise: I finally PASSED. In general, I feel that I have been overstuding for the CISSP but this will help me to prepare well for my next CSSLP and ISSAP certifications at which I am going to take them next year.

      • -Durk- said

        GOOD JOB! Congratulations! And good luck!

        I’d love to know more about what and how you studied. What would you do differently? What is your plan for the future security certs?

  15. Kurslar said


    […]Taking the CISSP Exam – My Personal Experience « Least Privileged[…]…

  16. Online Privacy…

    […]Taking the CISSP Exam – My Personal Experience « Least Privileged[…]…

  17. said

    Thanks for a great write-up. Overall I completely agree with your sentiment about how different (harder) the actual exam questions are from the practice ones. I just took my exam yesterday (December 11, 2011 in Reston, VA) and I felt very uncomforatable walking out of the exam yesterday. It took me 5.5 hrs to complete the exam, which I would say was average because there were a lots people still in the room when I left.

    I took a study course, read the book, did practice questions in the book, from Wiley’s and practice questions from CC website. Overall I did about 2 full practice exams and 1000+ questions. Walking into the exam I felt very excited and comfortable which is why I felt so nervous now. Anyways we’ll see

    • -Durk- said

      Thanks for that great response! Best of luck to you. Please keep us informed of your results. Which (results), by the way, you probably won’t get until mid January. Be sure to read my posts about the waiting game! HA!

      I’ve been told that if you walk out of the exam thinking you nailed it no prob, that you’ll bomb! But if you walk out thinking you just got your butt handed to you then you have a pretty good chance of passing. So walking out feeling uncomfortable is very good!

      The CISSP exam was the most difficult test I have ever, EVER taken. It was more difficult than ANY exam I ever took in high school or college (and beyond). I studied more for this exam than for anything I have ever done in my life! The test taking process was brutal! I have never been so prepared for anything! And I failed the first time. BUT, it can be bested!

      OK, here is my advice to you. You are in the SAME EXACT position as me, I took the exam in early Dec. (both times). Focus on your friends and family and celebrate the holidays however your tradition celebrates this season. Party at the New Year and start the year off right in your personal life and at work. DO NOT worry, do not fret, do not second guess. FORGET ABOUT THE EXAM (riiiiight). And when you pass you’ll be pleasantly surprised!

      Hang in there and follow up!

      • Omer said

        I passed the exam.

        I got my result email on Friday (Jan 6, 2012) around 4pm. Honestly i had worked hard (80+ hours of stuyding and 1300 questions) and I wouldn’t have been really upset if I didn’t pass. Durk, you were right about when the results will show up. I had a tense holidays because of the exam (though I tried my best not it let get to me) but overall there was a lot of pressure (work reputation, cost, and effort). Thanks everyone.

      • -Durk- said

        CONGRATULATIONS and thanks for sharing!

  18. Thanks for sharing your story. Can totally relate to how you felt after the exams. Can’t even remember my way home after the exams (was on autopilot). LOL.

    I am in the lucky group that cleared the exams the first time round. But I’ve got a friend who is trying to playdown that the exams is not such a big deal, although he has not even sat for it. Do you know where I can find the info about the 80% failed rate?

    All the best to those who are still waiting for your results.

    • -Durk- said

      I thought I had sited that 80% stat and I see that I did not. And of course now I can’t find it. I did a Google search to verify it the first time. This is what I am searching for in Google today: cissp 80% fail rate. It definitely gets results. Although I think it is an accurate stat, and it definitely gets thrown around a lot, it does concern me that I could not easily find the same stat with a search. I am trying my best to remember where I first saw the stat and I think it was Wikipedia, CCURE or maybe something related to Shon Harris. HOWEVER, since I can’t find it now the stat is definitely in question! Frustrates me that I can’t find it again! GRRrrr…Sorry.

      Thanks for stopping by!

  19. Ken McTyer said


    My name is Ken, and I took the CISSP in Chicago on 17 Dec 11, for the second time. I didn’t do so well the first time, and to be honest not sure how I did this time. The good news is that I felt much better this time, most of the questions I was able to get it down to 2 possible answers. There were probally 20 questions that I for sure knew the answer, and the other 210 don’t know. I was surprised that the questions were not like the practice questions, I should have remember that from the first time. I studied the Shon Harris All in One, I listen to her tapes and a practice the CCCure test questions, Test King, and additional Shon Harris questions. But again none of the practice questions measure up to the real test. If I passed this test it will be because GOD is on my side. I will keep you posted when I get my score, hopefully it will say “Congratualation” vice “Thankyou for taking the exam.”

    • -Durk- said

      Thanks Ken! Super good luck to you!

      • Ken McTyer said


        Thanks a lot, I forgot to mention that I took a course at Villonova University title Advance Information Assurance and Security Government. The classes were the same 10 domains that the CISSP concentrates on. It is suspose to prepare you for the exam. Well just thought that I would add. If anyone needs information on this class just let me know.

  20. Watson said

    I took the CISSP in Reston VA on Dec 18th, 2011, got results about an hour ago and I have passed on the first attempt (needless to say I have no idea by just how much but honestly I do not care). My study strategy was very, very simple, just reading the official ICS(2) CBK book over and over. I took no practice tests at all as I knew they would not reflect an actual testing experience. When I sat for the exam I first went through the book and answered (circled in the exam booklet) every question I was sure of. Next I went back and looked at only the questions I was unsure of (drawing on sparked brain cells from known answers) and answered each of them to the best of my ability. Third, I went back over every question from start to finish. Fourth I filled in each of my answers on the sheet. Fifth, I started to re-review and found myself changing 50% of my answers after the first 15 questions. I stopped and changed them back to what I had originally marked and closed the test booklet and the answer sheet – I was done, and apparently it worked, now just awaiting my boss to fill out my endorsement form and thats that. Good luck to everybody who is studying for any attempt, that test is a Garde-A Nasty B!@#h.

    • -Durk- said

      WAY TO GO! Congratulations! OMG! Dec 18th! AND JUST GOT THE RESULTS?! That, is the definition of torture…cruel and unusual punishment! I guess that’s only a month…but still…IT IS A SCANTRON FOR CRYING OUT LOUD!

      Thanks so much for sharing! I love the part about going back and changing the answers back!


      • Watson said

        Thanks for the support, I will say that when I walked out of the testing area I felt like someone had sawed open my head and kicked my brain, 4 shots of Jameson (thank god for hotel bars) later I was able to think and honestly had no idea if I passed or failed, twas a strange feeling. I figured if I didn’t I’d reschedule for 2 months from the date of results and restudy the indicated areas. In the meantime I have been studying (half-heartedly) for my Technician Class HAM Radio license. Once again.., Good luck to everybody who is studying for any attempt, that test is a Garde-A Nasty B!@#h.

  21. As many of you said, this is a tough exam. It’s not like other exams where you can read the book, study a few questions, and pass. No shortcuts exist on this one. You either know the stuff or you don’t. So if you’re taking short cuts, you’re in dangerous water. There’s no secret, it’s just study hard and know the material, especially basic security concepts so when they through you something you haven’t seen before, you can still figure out what the answer is.

    I passed on the first time, and I changed a ton of my answers. Normally, that is fatal, but this isn’t a normal exam. After the first run through the questions, the second go round made the questions read differently. Check out my tips on How to Pass Certification Exams

    Good luck.

  22. Laura said

    I was one of the first few to take the test via computer based test (CBT) in October. Like most people I failed… By 4 points. I took a boot camp and it was garbage. I ran through the shon Harris 5th edition and her practice exam book, plus the CD that came with the book had a database of questions. I was getting 70% on those. I thought I was doing well and I still failed.

    I am in another class right now. I test this week and I can honestly say I do not feel any more comfortable.

    • -Durk- said

      That is how you are supposed to feel. I know you are living in this, but as you take the test step back just a bit, breathe, breathe again and then dive in. Best of luck to you Laura. Get lots of sleep, eat breakfast, no last minute cramming. Relax. Laugh. Smile. Then pick up that mouse and pass that bitch!! Please let me know how you do and your thoughts the second time around. I’d also love to know what the test experience is like, like walk us through the computer thing and the logistics and structure and such. Can you go back and review questions answered, etc. Thanks for posting. It means a lot not only to me, but to others. Peace to you. And prayers!

    • -Durk- said

      How are you doing Laura? Thanks so much for the comment. How is the studying going? Have you taken the exam again? Only thing I would recommend (and should have when you first commented) is to try to get your scores into the 90%s with Shon Harris tests.

  23. Ed said

    Thanks for all the posts. I got 60% on the Shon Harris mock-up tests. The best plan is to re-schedule so that I have one more month to study.

    • -Durk- said

      In my opinion, you have to be getting well into 90% on Shon Harris’ tests before you go and take the actual CISSP exam. Update me, how are you doing? How is your studying going? What are you studying, HOW are you studying and what tips and tricks would you recommend and what do you struggle with?

  24. […] for the CISSP? Check out the Least Privileged blog for this person’s experience with the exam (he failed the first time) and lots of CISSP […]

  25. tony said

    I took my exam back in april and got 677 and this was after 4 months of studying. Shon Harris book and taking practice exams on cccure and transcender..
    I was in the process of moving so I did go back and study right away, when I moved I started studying for a month and went took the exam this wednesday and failed again this time I got 653. eerrr I was scoring in the 90s on transcender and high 80s on the shon harris practice test.

    I will start studying next again week and will only studying my weakest domain which is telecom network and will take it again

    • -Durk- said


      Thanks for stopping by. I feel your pain bro! I certainly do. I question the training materials in general, it seems to be almost right, but not quite. Get back up on that horse right away. Study hard. Try again! Good luck! Peace to you!

  26. Sarah said

    I took the CISSP exam yesterday for the second time….and I realized that it is a money making scam for businesses that train CISSP boot camp, for people who sell the book, and the $599. you pay to take the exam with ISC2.

    1. There are two or more sets of questions given to test taken candidates. You will be lucky to get the easier one that the 20% passer’s that finishes the exam in 3 hours get vs.The rest 80% failures who wonder where in the study materials, or boot camps say these topics?

    2. When you do the 5-10 scenario questions on the exam, and especially you are recommended to read the question at least two/three times to understand it by the boot camps, 6 hours or 360 minutes is not enought to take the exam. Some of the study engines gives you different answer for the same question and confuse you with most of the topics.

    3. The new computerized system, doesn’t tell you the if the scenario questions apply for the next two or three questions in a different screen. You still have to read the same question expecting words will change.

    4. The test taking environment with the Pearson Vue now do not allow for you to keep Water, Little Snacks next to your desk when you take the exam. You have to raise your hand to be excorted to the admission area to get a sip of water and munch your snack out of your locker.
    My throat was dry and my brain was exausted from getting glued to the computer screen for the whole six hours. I was one of the unlucky one to get the non-cissp related exam.

  27. TC said

    I passed the computer based CISSP exam at PV on the first try in September, and I echo the other comments about the testing environment, not pleasant and the chairs are terrible. Also I agree with everyone else that the actual test is much much harder than any practice material I worked through. But remember the NDA for CISSP does not allow anyone to be more specific about the actual test questions.

    My 3 month study for the exam consisted of the Wiley and Harris books and their related practice exams, and I specifically focused on the scenario based questions, those seemed to best simulation of a real-world experience. One thing I did that may be helpful to others is to create flash cards for any questions I missed on the practice exams as well as flash cards for any information that seemed to need a refresher, then study the flash cards diligently.

    Good Luck to All

    • -Durk- said

      TC-Thanks for sharing! Questions: Could you have brought your own chair or grabbed a chair from another room/location? What could you have done to make the environment better? Are you referring to the The CISSP Prep Guide?

      I created flash cards too. I think that is a great idea!

      Thanks again for stopping by.

  28. TC said

    Durk – I didn’t see any other available chairs and you are monitored like a hawk so doubt I would be allowed to make any changes, but I didn’t complain maybe I should have, but 6hrs in a sway-back steno chair was definitely uncomfortable. The one thing, other than the chairs, I would recommend to change is the breaks, or lack of. I took one 5 minute restroom break and to get a drink of water, which you have to leave the testing area to do, and that break counted against my time. As it was I took every minute of the 6 hours to take the test, and if I had wanted a longer break I may not have finished the test! There should be a way to allow for a reasonable break that does not count against your time.

    I used a lot of different practice test material, but the one I thought was the most helpful is the S. Harris CISSP Practice Exam book. The questions in that book are at least half scenario based and I thought the material is quite a bit harder that other practice exams, good practice for the real thing.

  29. HO said

    My boss contracted a vendor for a very expensive training bond last week. We were 13 in the class and we are required to take the test in June. The training was terrible because the instructor just created a power point presentation based on Harris’ book. The instructor was just literally reading the presentation and was not able to give examples. He was mostly talking about how he passed the test last Dec 2013. I do not have the time to study because I am doing assessments at work on a daily basis. I really pray that I will pass..

  30. Why waste your time with CISSP? its a script kiddie exam! And by the way they cannot even correctly audit who passed and who did not…scary but true, years ago I passed my exam on the first try…. guess what those script kiddies forgot I passed, I mean WTF !

    Don’t waste your money on crappy little Certs like CISSP go for real ones

    • -Durk- said

      Certifications alone are not enough, it is vital that experience accompany certifications. In order to obtain the CISSP certification you HAVE to have several years of professional experience directly related to security. Earning the CISSP certification indicates to a potential recruiter or employer that you not only have the smarts to pass a pretty damn hard test, but you have years of experience as well.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: