My CISSP Experience

I took the CISSP in August of 2018. I had been studying off and on for about 6 months, but the test version had recently changed, and then the test format changed to Computerized Adaptive Testing (CAT). The content change didn’t bother me too much, because there wasn’t a huge change. But the change to CAT was very intimidating. I found it very comforting while taking the Security+ exam that I could flag a question that I was unsure of and re-visit it at the end. With CAT, you answer every question as it comes and move on to the next, no going back. As implied by the name, the test adapts to you as you answer correctly or incorrectly. (ISC)2 is in charge of this test, so go to their website for definitive information. Keep in mind that this is my experience, and I’m in a bit of a unique situation (but aren’t we all?), so your mileage may vary using the exact same approach. My background:

  • I have a degree in computer science, earned waaaaay back in 1990.
  • I wrote actual code for aircraft avionics systems for several years and supervised testing and maintenance for multiple functional areas.
  • I “retired” and home schooled my four children for 14 years before discovering Cybersecurity and falling in love with the field. 
  • I have not taken any formal training, classes, boot camps, or otherwise. I learn best by reading a physical book, taking notes, highlighting, etc. Not everyone can learn that way. 
  • I had taught Security+ over and over as a contractor before taking CISSP, so I knew Sec+ backward, forward, inside out, and upside down. 
  • I did not earn any intermediate certs. I got Sec+ and decided to go for the gusto and tackle CISSP. It would have been much easier to get an intermediate cert like Certified Ethical Hacker.

My actual experience on test day, was that I was super nervous, and I felt like I was failing the entire time. The lady administering the test was really excited to see a woman taking the exam, which kind of added to the pressure. To be honest, there was a pride issue, too. I have never failed a test, and I sure didn’t want that to be the first time. You have 3 hours to take the test, and it will range between 100 and 150 questions (that “adaptive” thing). I had heard that it only stops at 100 if you are either irrevocably failing or doing so well that you can’t fail. One thing that I experienced taking Sec+, and so I was anticipating it, is the feeling that you are failing the entire time you are taking it. Don’t let that freak you out. What did freak me out was that my test did stop at question 100, and I had that feeling of failing, so I was pretty concerned as I was checking out of the testing room. The administrator told me to gather my belongings from the locker while she printed my score. I was thinking, “She doesn’t want to see me crying any longer than necessary.” So I was very surprised when she finally told me, “Congratulations, you passed!” Also, keep in mind, a lot of people do not pass it on the first try. I am very fortunate in that I test well, and I had a strong background. I also realized afterward that I had over-studied, and really psyched myself out. Don’t get me wrong — it’s far better to study too much than too little. But try not to succumb to your insecurity. 

All that said, I will share the resources I used that helped me to be successful, and wish you first-time success, as well.