I woke up at 5:30 am yesterday to get ready for my two hour drive to Norwood, MA — the closest location (ISC)2 offers for sitting for the CISSP exam. I had to be there by 8:00 am. Check-in at 8:00 am; receive instructions at 8:30 am; and then start the exam 9:00 am. Six exhausted hours later I was done and ready for my two hour drive home. Why did I sign up for this again?
This was probably the most intense exam experience of my life. I’ve spent many evenings over the last twelve weeks studying up for the exam yesterday, and now that it is over, I can’t relax. I get to sit and wait four weeks to find out if I passed, and, frustratingly, I don’t have significant confidence that I passed.
I knew the subject matter outlined in the body of knowledge well enough, and came across only a handful of questions where I just, flat-out, didn’t know the answer, but on the remaining questions so many of the answers were right, it was difficult to know which was “best.”
In any case, having passed or failed, I feel smarter for having gone through the study process. I used Shon Harris’ All-In-One CISSP Exam Guide as my main study material and filled in some blanks with YouTube videos and other articles covering specific subjects.
Now that it is over I can look back and feel good about my preparations but if there is one thing that I could do over again, it would be to focus more effort of learning the administrative and procedural items like the steps to develop a business continuity plan or incident response procedures. I delved too deeply into the technical subject matter.
Things like networking infrastructure, protocol design and cryptography were three subject I went way too deep with. The certification is described as only requiring “one inch deep” knowledge and the test proved that true, but, again, I’ve learn a ton of useful and practical knowledge even if the exam didn’t require it.
Feel free to contact me if you’re considering taking the exam. I’ll be glad to provide what guidance I can.