My trip for the CISSP-ISSAP (called ISSAP now) !!!
Aubin Romaric Gueliago Siewe
Architecte en Cybersécurité ISSAP|CISSP|CCSP|CISM|NSE7
This trip starts the 1st week of February 2023, the ISSAP was an exam on my list that I wanted to complete this year 2023 but also the most prestigious! What surprised me most at the time was the fact that I only knew one African on the ISC2 website who had already passed the exam, which really intrigued me. On the other hand, I wanted a fairly big challenge, and security architecture is one of my favourite subjects.
The exam is an ISC2 exam, which means you have to be in an exam centre, and the only centre is my old friend Serge's in Yaoundé, which runs the only centre where you can do the ISC2 exam. This time, given what was at stake, I preferred to sit the exam somewhere else - why not in Dubai, I thought.
One of the prerequisites for this exam is the CISSP, which I already had because it gives a good foundation, then the basic exam is a concentration of the CISSP, but this kind of challenge that I like, that's what galvanises me the most..
My strategy remains the same for this kind of exam,
1.???????? Take a look at the forums, and especially read the articles of people who have already succeeded.
?
2.?Approach people who have already taken the exam to find out about their mindset and Tips (except in this case I didn't know anyone who could advise me).
3.?Create a Study group: Except that the only person I wanted to do it with was very busy and our diaries were very far apart. So I had to go it alone. However, the advice I received from this person was invaluable.
I have to admit that Prabh Nair's videos have been extremely useful; his simplicity in simplifying concepts is phenomenal.
I'm putting together the following reading list after following Prabh nair's videos on youtube which will allow me to cover the essential knowledge for the exam:
I've limited myself to these resources, but you'll notice that there were no practical exams. The reading method I use is that of the tablet
Initially, I thought I'd be able to complete the exam in 3 months, but professional constraints didn't allow me to do so, and as I didn't have much information about what the exam was like, I preferred to make myself a checklist of the concepts I needed to master for the exam, and I told myself that I'd only sit the exam if, and only if, I was sure I had mastered all the subjects that made up the exam.
It's worth noting that the official guide is out of date compared with the concepts covered in the exam syllabus.
So I started by reading and rereading the aforementioned course materials, but I went beyond that. And I have to tell you, it was the best idea ever.
To these resources, I added the CISM resources and the CCSK resource.? The only questions I allowed myself were those of the official courses.
It took me almost 5 months of reading and re-reading, and my compass was my Excel checklist of the concepts I needed to master before going into the exam room. Since I had a few summaries of the CISSP and CCSP courses, it was easy to work with that and, above all, to refine the concepts.
Some friends and I had planned to spend the holidays in Dubai, so it was the perfect opportunity to finish the exam and, above all, to be free to enjoy it.
领英推荐
I scheduled the exam for Friday 25 August 2023, in a room on Boulevard Cheick Zayed opposite the Museum of the Future. At that time, ISC2 had a promotion which meant that anyone who sat the exam during the month could retake it if they failed a month later.
I read until the day before the exam and I have to admit that the holidays were dull as long as I wasn't psychologically free.
On the day of the exam, I turned up an hour and a half beforehand, I took a bottle of water as I left the hotel, the climate at this time of year is very hot, approaching 48°.
We did all the identity checks, the admissions and the safekeeping of personal belongings and I sat down in the examination room.
There were about 8 of us in the room but I was the only one doing an ISC2 exam. The room was fairly well equipped with cameras and air-conditioning.
After validating the NDA, I started the exam, and that's when I said to myself that it was a good thing I'd read my CISM courses. Not because it was relevant to the exam, but more because of the structure of the questions, or the format of the questions.
However, the toughness of the questions was terribly reminiscent of the CISSP, and here I had my TAF to thank for keeping me up to date with all the new concepts in cybersecurity.
The questions were all new in terms of technology, but also in terms of scenarios. The answers were similar to each other but nothing like what I'd seen before.
My strategy was to reread each question three times, but above all to eliminate at least 02 wrong answers and to rely on the remaining answers.
The questions were so complicated and the exam so long and stressful that I remember 03 things:
- The other people in the room had finished and left, and others had replaced them and also left.
- The Asian examiner came several times to make sure that everything was fine and that my calmness wasn't due to trauma caused by the rigour of the questions.
- I went out 02 times to get a drink of water and make myself comfortable (and the time wasn't up yet).
At the last question, I had 30 seconds left, I wasn't sure I was going to pass, but at least I was going to be able to enjoy the rest of my holidays, the promotion from ISC2, gave me peace of mind to retake the exam if I failed, but above all seeing the type of question was already a victory for me. Several concepts had been covered in the questions that I didn't know, so I told myself that if I failed, I'd have the opportunity to perfect things.
I answered this last question and also the survey after the exam. I heard the printer crackle in the main room.
I went to the examiner's office, who handed me the result and all was well! I'd passed, and I wouldn't need another attempt. The next step in becoming an official ISSAP was to wait for the congratulatory letter from ISC2 and the link for the endorsement. Another advantage for those who are already CISSP certified is that they can self-endorse. Which was the case for me.
Moral:
1.?You need a checklist to make sure you understand everything!
2.?You can never be too prepared, so it's a good idea to keep up to date with the best in cybersecurity.
Once again, the tablet method was very effective, as it often is. The Next Step
Good luck to those doing this exam, and I hope you won't hesitate to share your experience!!!!
Senior Cybersecurity Consultant |IT/OT GRC Leader | CISSP | GICSP | ISA 62443 Cybersecurity Expert | ISO 27001:2022 Lead Auditor | ISO 22301:2019 Lead Implementer | ISO 27005:2022 | CASP+ | CEH | OT Cybersecurity Trainer
1 年Aubin Romaric Gueliago Siewe what a motivational post, well done brother, keep up this motivation for you and for others.
PhD en Cybersécurité | CCNP ENTERPRISE|CyberOps|CCNA Security| CCNA| Cisco Instructor tra?ner at CFI-CIRAS and GNTIC
1 年Je suis intéressé
CISO for Day | Your Mentor for Life?? | Podcaster | CISSP-ISSAP| CGRC| CCSP | CSSLP | CISM | CRISC | CISA | CDPSE | CIPM | CIPP/E
1 年Many Congratulations Bro!
IT Network & System Support at BB LOME |NSE 1,2,3|VMSP,VMTSP,VMCE| WCP-P PAM| CISSP| VMWARE | (ISC)2Candidate | EHE | (ISC)2 CC
1 年Congratulations ??
Director, Product Security | MSc, CISSP, ISSAP, CCSP, CSSLP
1 年Great accomplishment Aubin Romaric Gueliago Siewe and I appreciate the mention. I’m glad the article helped. Congratulations on a huge milestone!