Before we get to the celebration you’ll have after passing the CISSP, let’s look at some techniques to help you get through the exam. Two of the biggest mistakes people make are not treating it like a marathon and assuming that just because they work in IT or the computer industry, they know the one or more domains on the test and don’t need to study that material.
First, this is a six-hour, 250-question exam. You must be prepared to sit and take a test for six hours. If you are going to run a marathon, doing sprints, stretching, eating right and going for a jog are all good, but at some point you need to run the marathon. So, test, test, test. Before you officially attempt the exam, at some point on at least one occasion, sit down and take a 250-question test.
Second, the best answer is the best answer according to (ISC)2. You may believe that the way you do things at your job is the best way, but that may not be the right answer for the test. The people who write the exam questions come from many different industries all over the country. A best practice in one industry in one part of the country may not be a best practice elsewhere. Learn the material the way it is presented and answer the question with the (ISC)2 best answer, not your best answer.
A few other tips that worked for me:
For me, writing helped me learn. So, as I studied, I wrote points on index cards. By the time I was ready to take the exam, I had more than 400 index cards that I carried everywhere. I also carried a booklet of tests so whenever I was idle I could study and test. Finally, on the advice of a friend, I recorded bullet points on a CD and listened to it over and over when driving.
OK, celebration time. You’ve passed the exam, wahoo!
The last thing you want to do now is lose your certification and have to take the exam again. So go get your CPEs. They are not difficult to obtain, you just have to make a conscious effort. Read through (ISC)2’s criteria for CPEs, and then go get them.
One good method is to join an organization like ISSA. Our chapter members receive CPEs for attending meetings and conferences. Attendance at a conference can net you six to eight hours of CPEs. Depending on where you are, there are always online and local security lectures you can attend, usually for free since they are vendor sponsored.
Finally, my two favorite methods of earning CPEs are speaking at conferences and writing articles on security. “The ISSA Journal” is always looking for authors to contribute articles.
So study, pass the test, and then contribute to the industry and earn your CPEs.
CISSP Certification Prep Course