
After over a year of putting it off due to my overall contempt for certifications in general, I took and passed the CISSP exam. I came to the realization that no matter how disrespected this certification is by the top security researchers, it remains a prerequisite for many security jobs. Just run a search in any job site for "CISSP", and there will no doubt be a ton of results. So here are a couple notes regarding the process and the exam.
I utilized just one book to prepare, the CISSP All-in-One Exam Guide, Third Edition by Shon Harris. Note that outside of specifically studying for this exam, I've read many books, papers, blogs, etc. on various security topics.
In addition to the book, I tackled a large number of practice questions using the amazing and free cccure.org I believe this aspect really prepared me for the actual test. I took a bunch of practice tests, more than 100+ questions for each domain for every domain, then researching what I missed. I kept taking tests until my average was %80+.
Regarding the test, I was expecting it to be much worse. In fact, I breezed through the first 100 questions and knew that if the rest of the questions were like that, I was home free. For the most part they were, and after just over 2 hours out of an allotted 6, I was complete.
1 comment:
Dustin, congratulations,
It's not an easy test. I feel it now, one week before the exam. Next Saturday is my day.
I totally agree on the certifications as a whole. You can read the article I wrote in 2002 (see my blog at securecyber.blogspot.com)
Best in your career!
Roman
Post a Comment