.

My CISSP Strategy

<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Tue Sep 13, 2011 9:30 pm

My CISSP Strategy

Here was my plan of attack for passing the CISSP, hope this helps others.

http://www.networkadminsecrets.com/2011/09/cissp-review-strategy-and-advice.html
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Thu Sep 15, 2011 10:22 am

Re: My CISSP Strategy

And here's mine from yeeeeaaaarrrrssss ago:

http://www.ethicalhacker.net/content/view/176/24/

The format of the content & exam hasn't changed, so it should still apply.

Hope it helps,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Mon Sep 19, 2011 1:38 pm

Re: My CISSP Strategy

I took mine in 2005 or 2006 and used the following strategy:

  • Read Krutz and Vines book cover to cover and did Q&A in back of the book. (IMO the Krutz and Vines book is WAY better than Shon Harris, and I really dislike her marketing techniques and refuse to give her any more of my money. I bought Gray Hat Hacking and that's the last dime she will see from me)
  • Took official ISC2 bootcamp (Don't think I learned much if anything but work paid for it)
  • Took practice tests from various sources
  • Re-read Krutz and Vines book but only focusing on problem domains identified in practice tests
  • Re-took practice tests
  • Took exam.

I am pretty sure I aced the exam (They did not tell me my score, only that I passed), felt very confident when I left and took less than 3 hours to complete.

It's just like any other cert. Sure, there's a ton of material but the single best thing to do for yourself walking into the exam room is to change your perception. Think like an Information Security MANAGER. Once you start thinking in terms of things like liability and risk and stop focusing on every single threat like the sky is falling you will do much better. I know extremely technical folks that just can't put themselves into that mindset and then fail repeatedly.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

Dark_Knight

User avatar

Sr. Member
Sr. Member

Posts: 294

Joined: Mon Aug 11, 2008 7:03 pm

Post Mon Sep 19, 2011 6:56 pm

Re: My CISSP Strategy

@tturner what edition of the krutz and vines did you use?
CEH, OSCP, GPEN, GWAPT, GCIA
http://sector876.blogspot.com
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Tue Sep 20, 2011 10:17 am

Re: My CISSP Strategy

I used Conrad's book almost exclusively. Read it cover to cover twice. Used the other books for practice questions. Wasted money on the nuggets dvd. The cccure.com practice tests were closest to the real deal. It's pass/fail so I don't know how I did but it was hard for me. The questions were worded very differently from what I expected. Took me 5 and a bit hours but I went very slowly and reread every question twice (which I do on all exams- probably cost me the CWDP).
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

r2s

User avatar

Newbie
Newbie

Posts: 49

Joined: Thu Sep 16, 2010 6:14 pm

Location: USA

Post Wed Oct 19, 2011 6:21 pm

Re: My CISSP Strategy

Here was my plan of attack:

Materials:
  • Shon Harris 5th Edition AIO
  • Official CBK
  • Eleventh Hour by Conrad
  • StudyIScope Questions (3 exam set)
  • Ccure.org Paid Membership
  • Carnegie Mellon VTE CERT videos

Method:
  • Started with Shon Harris at domain 10 and worked backwards; read chapter, took notes, answered end chapter questions.
  • Watched VTE CERT video on the domain.
  • Cross referenced domain in Official CBK for any material I didn't understand.
  • Did 50 questions on the domain on Pro setting from CCure.org
  • Rinsed and repeated until I hit Domain #1. Once that was done, I reviewed the domains in the correct order.
  • During the last two weeks before the exam, I took the StudyIScope exams once and went back over my notes and read up on anything I was still having trouble remembering.

My target was 5 days per domain (reading wise) but some were shorter than others as I had experienced a lot of the content of those domains in some of my previous jobs. In terms of the exam, a great friend of mine told me to take the exam 25 questions at a time. Essentially, you count that in your head 10 times and next thing you know it, the exam's over :).

I am awaiting my results so I'll see how well this worked out for me. I definitely felt extremely confident walking out but anything can happen.
Last edited by r2s on Wed Oct 19, 2011 8:06 pm, edited 1 time in total.
In progress: OSCP & GXPN (June)
"Silence enables the sound to be" - Eckhart Toll
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Wed Oct 19, 2011 7:14 pm

Re: My CISSP Strategy

How long did the exam take you? Just curious as I was one of the last few. I took 2 breaks to try and keep fresh during the exam.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

r2s

User avatar

Newbie
Newbie

Posts: 49

Joined: Thu Sep 16, 2010 6:14 pm

Location: USA

Post Wed Oct 19, 2011 7:43 pm

Re: My CISSP Strategy

WCNA wrote:How long did the exam take you? Just curious as I was one of the last few. I took 2 breaks to try and keep fresh during the exam.


I answered all the questions in 2.5 hours and took another hour to make sure all the answers I put in the book matched those on the scantron. I used the 25 at a time method for about three cycles but then I said screw it and ran through the rest of the exam  ;D.

I should have taken breaks but after about 100 questions, I just wanted to get it over with.
In progress: OSCP & GXPN (June)
"Silence enables the sound to be" - Eckhart Toll
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Wed Oct 19, 2011 9:10 pm

Re: My CISSP Strategy

2.5 hours for me too.

Return to Security

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software