More CISSP Feedback

A former student offers this insight:

“ I just took the test this afternoon. Ended up with 101 questions, in  just under 95 minutes, and I passed (unless they decide they need to do  "psychometric" (lie detector?) or "forensic" evaluation). At that speed,  even if I had gotten the maximum number of questions I would have been  O.K. -- from what I've seen, many people report finishing with time to spare, so I would recommend not rushing. 

My experience was:  Lots of "BEST" and "MOST" questions. Definitely not a test to take just  based on knowing facts by rote. I did guess on some answers, but only  when I could eliminate some of the responses: and I found that often at  least one response would not make sense. I also tried to follow advice I  saw to "read the question, read the answers, and then read the question  again", since during practice tests I often picked the opposite of the  answer I knew to be right. 

I studied from the Chapple book, and the (ISC)2 flash cards, and by  taking lots of tests. For tests I had the companion book (which seemed  closest to the real test), and CCCure tests (which too often revealed  the answer in the question: but if taken with "Pro" mode and fill-in-the  blank answers was still useful (and gave easier statistics on which areas I needed further study in). It was important each time to go back  and understand my wrong answers -- that's where about 1/3 of my learning  happened. 

A note on CCCure tests & fill in the blank: unless you type the exact phrase in, it will count it as wrong, so review the results before you  decide how well you did. “

Great stuff!

CISSP Feedback

Got a detailed message from a former student I’d like to share…good insight for those studying the CISSP:

“I took your class last year (7/16-7/20), sat for the exam in late September, but did not passL. In that instance I know I incorrectly answered a drag and drop on controls and was surprised by the number of Cloud questions. That said, I spent the rest of the year and this spring internalizing all the material using the following resources:


·         CISSP All-in-One Exam Guide, 7th Edition

·         Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press)

·         (ISC)2 CISSP Information Systems Security Professional Official Study Guide

·         CISSP Official (ISC)2 Practice Tests

·         How To Pass Your INFOSEC Certification Test: A Guide To Passing The CISSP, CISA, CISM, Network+, Security+, and CCSP

·         CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide


I read the (ISC)2 CISSP Information Systems Security Professional Official Study Guide, Reviewed and read CISSP All-in-One Exam Guide, 7th Edition, and took all the end of chapter tests as well as the CISSP Official (ISC)2 Practice Tests and also read your book, How To Pass Your INFOSEC Certification Test: A Guide To Passing The CISSP, CISA, CISM, Network+, Security+, and CCSP. In addition to all of that, I spent some time studying the Cloud Security basics contained in - CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide and test questions.


I then sat and passed the exam on 4/30/2019. I was fed a completely different exam questions and again had quite a few Cloud based questions which I felt prepared for after studying the CCSP material. It’s been a long road, the test always looks deceptively easy, and I am pleased to have provisionally passed. I must say the practice exam application that came with the SHON Harris book most closely represented the actual exam experience. “

Hope that helps— seems like useful stuff!

New Year, New CISSP Exam

Just in time for 2018, the CISSP exam from ISC2 has converted from standard multiple-choice format to a Computerized Adaptive Testing model for exams delivered in English (foreign-language versions of the test currently remain in the traditional format). This means that instead of the grueling 6-hour, 250-question test, CISSP candidates now face only 100 to 150 questions, in a maximum of three hours.

Depending on your success with multiple-choice tests, and your personal technique, the new experience could be either a massive boon or a ridiculous hurdle to get the certification.

I got my CISSP back when the test was in the traditional format...and done with pencil and paper. I have no clue how I'd do on the current version.

I have, however, received feedback from the first of my students to take the new version of the test: they passed! Their exam was also only 100 questions long (meaning the student demonstrated sufficient command of the material so that the testing engine didn't have to throw more questions at the student), and it took the student an hour to complete. Perhaps most interesting, this particular student is not an IT practitioner, but is familiar with the industry in other roles. Main impression? The student repeated what I always try to stress to anyone taking one of the certification tests: READ. THE. FULL. QUESTION. Make sure you read it completely, and understand what's being asked, and that you read all of the possible responses.

The exam is still being administered by PearsonVUE, and you can download the outline from ISC2's website.

Have you taken the exam in the new format? Please add some feedback about your experience in the Comments!