I Am A CISSP
On Tuesday I got my exam results — I passed the CISSP exam. My endorsement paperwork was submitted on Wednesday afternoon and by Thursday, ISC2 had crowned me CISSP. I still have a wierd feeling about it; one part euphoria, one part “quick, slap it on your business cards before they change their minds!”
So, in the end, twelve yeras in the industry, two years studying and 20 days of intensive cramming and online bootcamp == passing the CISSP on the first try.
For anyone who’s actually curious, here’s what I did (in order):
- Read Shon Harris AIO (3rd Edition) cover-to-cover, along with CISSP Passport and CISSP for Dummies (yeah, really).
- Complete Skillsoft CISSP online course series.
- Global Knowledge virtual bootcamp (I have discount codes if anyone wants one — leave me a comment).
- Brush up on rough areas with Shon Harris AIO (4th Edition).
- CCURE.org free practice tests.
CCCURE.org has excellent resources for CISSP candidates. I kept doing their practice tests until I started getting failing scores because my poor brain couldn’t handle any more. The practice tests really helped — not always because of the content, but the format.
So, that’s how I passed on the first try. Hope that helps someone.
Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically each day to your feed reader.
Trackbacks & Pingbacks
Comments
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Hi,
I am curious if your new title has won you more money? I have completed my security+ cert (yes, I know not nearly as famous and fancy). I am wondering if it is worth my time to study for the cert. Thanks.
Also, do you have to have 5 years of experience before you can take that exam? Or is it three?
My company probably won’t give me an out-of-cycle pay raise for becoming a CISSP, so it will be next year before I know if CISSP translates to $$ for me, personally. In my case, I went for the CISSP for two reasons: 1) justify my continued existence, since I haven’t yet completed my college degree (I’m part-timing it), and 2) get me on the DoD requirements chart that takes effect January 1, 2009.
In order to be a CISSP, you have to show either five years of direct work experience, or four years + a college degree. It looks like you can also go for it with four years + a Security+ certification. (https://www.isc2.org/cgi-bin/content.cgi?page=1016) If you don’t have the required years of experience, you can still take the exam and become an Associate until you do have the required years of experience.
Congrats . . . now you started your addiction. . . . gotta get the rest of the IA certifications . . . ISSEP, CISM . . . good thing is that you can use your study time as CPE now.
once again congrats!!!!
I have a 4 year, unfortunately in history. I don’t know if that will count.
What are the DOD requirements chart taking effect in Jan 1 2009?
The relevant standard is: DoD 8570.01-M “Information Assurance Workforce Improvement Program”. It’s purpose is to “Establish baseline technical and management IA skills among personnel performing IA functions across the DoD enterprise”.
The short of it is that in order to work on DoD projects in an IA capacity beyond December 31st, 2008, you have to hold certain certifications. The “chart” is on Page 92 of the Standard PDF: http://www.js.mil/whs/directives/corres/pdf/857001m.pdf .
A Security+ gets you on the chart; that’s a good thing. An Associate (if you don’t have the years for the CISSP) gets you to higher levels within the chart; that’s a better thing. But four years and a Security+ should be enough experience for your CISSP, if you pass the exam. Take a look at the requirements on the ISC2 website.