HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 51 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow General Certificationarrow Securityarrow My CISSP Strategy
EH-Net
May 22, 2013, 10:58:27 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: My CISSP Strategy  (Read 6989 times)
0 Members and 1 Guest are viewing this topic.
cd1zz
Hero Member
*****
Online Online

Posts: 561


View Profile WWW
« on: September 13, 2011, 09:30:54 PM »
Here was my plan of attack for passing the CISSP, hope this helps others.

http://www.networkadminsecrets.com/2011/09/cissp-review-strategy-and-advice.html
Logged
OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com
don
Editor-In-Chief
Administrator
Hero Member
*****
Online Online

Posts: 4165


Editor-In-Chief


View Profile WWW
« Reply #1 on: September 15, 2011, 10:22:25 AM »
And here's mine from yeeeeaaaarrrrssss ago:

http://www.ethicalhacker.net/content/view/176/24/

The format of the content & exam hasn't changed, so it should still apply.

Hope it helps,
Don
Logged
CISSP, MCSE, CSTA, Security+ SME
tturner
Sr. Member
****
Offline Offline

Posts: 432


View Profile WWW
« Reply #2 on: September 19, 2011, 01:38:12 PM »
I took mine in 2005 or 2006 and used the following strategy:

  • Read Krutz and Vines book cover to cover and did Q&A in back of the book. (IMO the Krutz and Vines book is WAY better than Shon Harris, and I really dislike her marketing techniques and refuse to give her any more of my money. I bought Gray Hat Hacking and that's the last dime she will see from me)
  • Took official ISC2 bootcamp (Don't think I learned much if anything but work paid for it)
  • Took practice tests from various sources
  • Re-read Krutz and Vines book but only focusing on problem domains identified in practice tests
  • Re-took practice tests
  • Took exam.

I am pretty sure I aced the exam (They did not tell me my score, only that I passed), felt very confident when I left and took less than 3 hours to complete.

It's just like any other cert. Sure, there's a ton of material but the single best thing to do for yourself walking into the exam room is to change your perception. Think like an Information Security MANAGER. Once you start thinking in terms of things like liability and risk and stop focusing on every single threat like the sky is falling you will do much better. I know extremely technical folks that just can't put themselves into that mindset and then fail repeatedly.
Logged
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, OPSE, CSWAE, CSTP, VCP

WIP: OSWP, GSSP-JAVA, GXPN

Udacity on hold, again. I suck.

http://sentinel24.com/blog  @tonylturner http://bsidesorlando.org
Dark_Knight
Sr. Member
****
Offline Offline

Posts: 292


View Profile WWW
« Reply #3 on: September 19, 2011, 06:56:13 PM »
@tturner what edition of the krutz and vines did you use?
Logged
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
WCNA
Full Member
***
Offline Offline

Posts: 187



View Profile
« Reply #4 on: September 20, 2011, 10:17:38 AM »
I used Conrad's book almost exclusively. Read it cover to cover twice. Used the other books for practice questions. Wasted money on the nuggets dvd. The cccure.com practice tests were closest to the real deal. It's pass/fail so I don't know how I did but it was hard for me. The questions were worded very differently from what I expected. Took me 5 and a bit hours but I went very slowly and reread every question twice (which I do on all exams- probably cost me the CWDP).
Logged
ISC2 Associate, WCNA, CWNA, OSCP, Network+
r2s
Newbie
*
Offline Offline

Posts: 49


The Artisan


View Profile
« Reply #5 on: October 19, 2011, 06:21:12 PM »
Here was my plan of attack:

Materials:
  • Shon Harris 5th Edition AIO
  • Official CBK
  • Eleventh Hour by Conrad
  • StudyIScope Questions (3 exam set)
  • Ccure.org Paid Membership
  • Carnegie Mellon VTE CERT videos

Method:
  • Started with Shon Harris at domain 10 and worked backwards; read chapter, took notes, answered end chapter questions.
  • Watched VTE CERT video on the domain.
  • Cross referenced domain in Official CBK for any material I didn't understand.
  • Did 50 questions on the domain on Pro setting from CCure.org
  • Rinsed and repeated until I hit Domain #1. Once that was done, I reviewed the domains in the correct order.
  • During the last two weeks before the exam, I took the StudyIScope exams once and went back over my notes and read up on anything I was still having trouble remembering.

My target was 5 days per domain (reading wise) but some were shorter than others as I had experienced a lot of the content of those domains in some of my previous jobs. In terms of the exam, a great friend of mine told me to take the exam 25 questions at a time. Essentially, you count that in your head 10 times and next thing you know it, the exam's over Smiley.

I am awaiting my results so I'll see how well this worked out for me. I definitely felt extremely confident walking out but anything can happen.
« Last Edit: October 19, 2011, 08:06:44 PM by r2s » Logged
In progress: OSCP & GXPN (June)
"Silence enables the sound to be" - Eckhart Toll
WCNA
Full Member
***
Offline Offline

Posts: 187



View Profile
« Reply #6 on: October 19, 2011, 07:14:32 PM »
How long did the exam take you? Just curious as I was one of the last few. I took 2 breaks to try and keep fresh during the exam.
Logged
ISC2 Associate, WCNA, CWNA, OSCP, Network+
r2s
Newbie
*
Offline Offline

Posts: 49


The Artisan


View Profile
« Reply #7 on: October 19, 2011, 07:43:12 PM »
Quote from: WCNA on October 19, 2011, 07:14:32 PM
How long did the exam take you? Just curious as I was one of the last few. I took 2 breaks to try and keep fresh during the exam.

I answered all the questions in 2.5 hours and took another hour to make sure all the answers I put in the book matched those on the scantron. I used the 25 at a time method for about three cycles but then I said screw it and ran through the rest of the exam  Grin.

I should have taken breaks but after about 100 questions, I just wanted to get it over with.
Logged
In progress: OSCP & GXPN (June)
"Silence enables the sound to be" - Eckhart Toll
cd1zz
Hero Member
*****
Online Online

Posts: 561


View Profile WWW
« Reply #8 on: October 19, 2011, 09:10:11 PM »
2.5 hours for me too.
Logged
OSCE | OSCP | GXPN | OSWP | CISSP
http://www.pwnag3.com
http://www.networkadminsecrets.com
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.069 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.