Worried you're not "security" enough? Take the CISSP anyway...
I took the #CISSP exam two weeks ago. I've had to reschedule it repeatedly over the last year as my family obligations shifted. I hadn't studied - i.e., I had NOT spent a hundred hours reviewing materials and synthesizing copious notes, as is my way. I couldn't justify spending $3500-$5000 on a bootcamp - for that money, I could take the test five or more times, and I know my studying habits well enough to be confident that I'd pass well before the fifth try! I decided to just buckle down and take it during my California vacation. "Rejection (i.e., failure) is clarity" is one of my personal mottos. Failing the exam would help me figure out where I needed to focus my study efforts.
So many amazing talented people I know failed on the first or even second try - I went in fully expecting to fail. I had heard how hard it was, both in the old paper form and in the new computer adaptive testing (CAT) form. In CAT, if you miss a question, the computer will present more content in that area to determine whether or not you actually understand that content.
When the screen popped up after an hour and ten minutes that the test was over, I was shocked that I'd failed so quickly. I was even more shocked to find that I had passed!
I didn't give enough weight to my 18 years of experience in Support and IT, some of it a major network hardware company, some at an amazing security vendor. I didn't give enough credit to my "oh, hey, yeah, I know that!" reaction as I listened to Kelly Henderhan's CISSP review sessions on Cybrary.it as I drove cross-country from NC to CA. (Even without the visuals, this is a great review! And no, I don't have imposter syndrome, I know I'm good at what I do, but that doesn't mean I'm good at taking a particular test...)
I understand why the CISSP is so difficult for so many talented people, though.
- If you're deeply technical and don't have much exposure to the business side of things, the business continuity, strategy and possibly compliance content will prove challenging.
- If you're all business, the technical content will prove challenging.
If you're somewhere in the middle - with a solid understanding of business, a good technical foundation, and a love for security - you'll be pleasantly surprised at how accessible CISSP content is. So if you're dithering about taking the CISSP and can afford the exam fee, just go do it. Maybe you'll fail, but hey - maybe you'll pass!
Cybersecurity Manager, ISSO, ISSM #CISSP #cybersecurity, #CISO #ISSO #ISSE #RMFconsultant, Cyber Manager, Insider Threat SME, "Words Are My Power Tools"
6 年One thing to keep in mind is that those who write the test questions try to write the questions in plain wording, and as understandable as possible.? I passed on November 11, 2011, when the exams were still paper.
Cyber Security Consultant
6 年Best summation I’ve heard of what CISSP is.
| #DrPrivacy | FSU Law Grad | Data Privacy Advocate | Global Cybersecurity, Compliance & Risk Management Compliance Leader | Mentor | Educator | Research Fellow | Privacy Expert (GDPR, CCPA, LGPD), HIPAA, CMMC |
6 年Will take it in December