How I passed my CISSP exam?

This is a story about my journey to obtain the Certified Information Systems Security Professional (CISSP) certification in 2019.

Disclaimer: Following my methods do not guarantee you passing your exam, though these principles have been used by me to pass my other certification exams too. I believe it will be of useful reference for anyone preparing to take the CISSP exam.

Why I took the CISSP certification?

CISSP is one of the most widely recognized information systems security certification in the world. Though I have a bachelor degree in Computer Science and a professional certification in Certified Protection Professional (board certified by ASIS International), I was keen to upgrade and deepen my information security knowledge. After putting off the decision to take the exam for many years, I finally decided to get the certification in 2018.

The most important factor in passing the CISSP exam is the motivation behind the pursue of this certification. Why do you want the certification and how desperate are you to pass the exam?

For me, it is not only to build upon my credentials, it is a constant drive to continuously learn and be equipped with the current knowledge and skills to perform my role better. Now that I am an entrepreneur, its for me to serve my clients better.

Once I paid the expensive exam fees, my stake was high. Failing was not an option as I would have to pay the expensive exam fees again. This prompted me to study hard and aimed towards passing the exam on the first attempt.

These factors have driven my performance in all my other certification attempts. I passed all the exams in the first attempt !

How to prepare for the exam?

I signed up for a 5-days CISSP course which included a voucher to attempt the official CISSP exam within one year from the date of the course. Attending the course helps in the preparation of the exam. A good trainer makes a difference in your learning experience. Find out the reviews about the training centres and the trainers before registering for the course.

Here's one thing I did which you should avoid the same mistake. After completing the course, I procrastinated the exam preparation for almost 8 months before I registered for the exam. Don't procrastinate. Maintain your momentum to study after completing the course. It was only after I registered the exam that I seriously started studying for the exam.

Register for the exam early and commit yourself to the preparation of the exam. I took about 3 months to prepare for the exam. I focused my study in 2 key areas.

Read the official study materials

• I studied the CISSP Study Guide https://www.isc2.org/Training/Self-Study-Resources# I read most of the pages. Some of which I skimmed through as I am already familiar with the concepts.
• I wrote lots of notes and draw illustrations which I used for my revisions.
• I also used many memory retention techniques to help me remember the ideas, concepts and numbers. For example, remembering the port numbers can be a pain in the ass. I used memory techniques from several different experts. One of them is Tony Buzan https://www.amazon.com/Use-Your-Memory-Tony-Buzan/dp/0563371021/ref=sr_1_4?keywords=tony+buzan+use+your+memory&qid=1578908003&s=books&sr=1-4

Practice exam questions

• Reading the material is not enough. You have to test your understanding of the concepts and retention of the facts by practicing exam questions. The CISSP Study Guide by Sybex comes with a one year online access to lots of flash cards and exam practice questions. I used it a lot. I practiced more than 900 exam questions by the time I seat for the exam.
• Reading the study materials and practicing the exam questions should be done in a to-and-fro manner. You can cover the materials according to the domains. This repetitive way will strengthen your mastery of the various domains.

On the exam day

I recommend taking the exam in the afternoon to avoid any potential morning rush hours that may delay your arrival at the test centre.

You will never be fully prepared. So relax on the day of the exam and stop studying a few hours before the exam starts.

Close your eyes and take deep breaths to relax and keep calm.

Bring your sweater and clear your bladder before entering the exam room. You don't want to be caught in a shivering state which will affect your thinking and performance. Going out to the restroom in the midst of the exam is a waste of precious time.

This was my first time taking a Computerised Adaptive Testing https://www.isc2.org/certifications/CISSP/CISSP-CAT exam. I had to answer a minimum of 100 questions, up to a maximum of 150 questions, depending on the actual scoring at the time I answered the questions! The exam does not allow you to return to the previous question once you answered it. Hence make your choice wisely. Here's also a few tips when answering the questions:

• Read and understand the question. Look out for double negatives e.g. not false
• Look at all the answers carefully. Don't jump to an answer immediately.
• Eliminate the wrong options until you derive at the correct one. Elimination of wrong answer will give you a higher chance of arriving at the correct answer.

I answered 100 questions in about 1hour 45minutes when the screen ended my exam. I was anxious as I walked to the counter to receive my result. When I opened the result slip, It was a "Pass" !

What's next?

To be certified as a CISSP, you still have to be endorsed by your supervisors/colleagues on your work experience. After submitting the required information, ISC2 will route the email to them for verification. It will take a few weeks for the processing.

Finally when you are endorsed, ISC2 will send you an email to make a payment of USD125 for the annual maintenance fee. Once payment is done, you complete the process to be a CISSP !