So I took the plunge. I am officially a CISSP member. I know a lot of people don’t put a lot of stock in the certification from a technical perspective but I am happy with the achievement and really, that is all that matters!
Thoughts on the CISSP Exam
I spent some time reading the subreddit for CISSP and there seems to be a lot of anxiety around taking the exam. In all honesty, this was the first exam that I have taken where it just ends without you knowing whether you passed or not until you get the paper from the guy at the desk out front.
The exam itself has a minimum of 125 questions and a maximum of 175 questions which is taken during a 4 hour block. I went into the exam telling myself that if I was around the 130-140 range when the exam shut off, I would be in good shape. Once it got higher than that, I felt that I would need to be more diligent with my answers and potentially read the questions more thoroughly. I wasn’t really sure what to expect but this was the plan that I was going with.
I kept looking at the question numbers as I got a new question so I could keep an eye on that 125 mark. Once I hit question 125 and answered it, the exam shut off. At that point, I thought there was no possible way I could’ve passed. But once I got outside with my results, I was extremely happy and confused. I have heard stories of people getting all the way to question 175 and passing but others where they also failed at 175. I just didn’t think it was possible to pass at the minimum but looking back, it’s entirely plausible and possible. Reddit was a good way to see that I was not alone.
I thought the exam was tough but not incredibly difficult. Depending on your experience and study habits, it is worth a shot. (ISC)2 offered up a free retake if you took the exam for the first time by the end of October so I jumped on that. Thankfully, I didn’t need to ask for a retake voucher but it was worth it nonetheless.
My Study Materials
What did I use to study? Since this was more of a cram session due to time constraints, I had to be a little more deliberate with my studying. I chose to start with “Eleventh Hour CISSP: Study Guide” which really helped as it’s only about 200 pages. The Official Guide is much thicker and a better option if I plan on studying for a few months but the one I used was sufficient and to the point.
I also found a guy on Twitter who provides CISSP-type questions each day and then provides the answer the next day. His name is Adam Gordon and I thought those helped me a great deal as well. Obviously, they do not appear on the exam or exactly worded the same but they contain the content that might be on the exam. It was definitely a good addition to my studying.
There are so many other options from boot camps to the Official Guide but these are what helped me. I do have a few years working in the IT industry where I’m exposed to these topics so experience can sometimes allow you to know what the question is asking.
Are You Certified After Passing the Exam?
Short answer is no. There are more things that must be done but the hard part, in my opinion, is over once you have been given the official pass from (ISC)2 and then, it becomes more of a waiting game.
Once I received my official pass, I had to find an existing CISSP member to endorse me. Luckily, I had someone who I work with that was willing but if you do not have someone, you can let (ISC)2 do that for you. I did read that it could take a little longer but it can be done.
After you are endorsed by an existing CISSP member, you will just have to wait until the organization can review the endorsement. It took me approximately 2.5 weeks before I was notified but I also took it at a time where they offered the free retake so I’m sure they had an influx of applications to review.
Finally, I paid my maintenance fee which was $125 and I got my official notification that I was a member! At that time, you can download your digital certificate but your digital badge doesn’t come until a few days later. It was about 3-4 business days for me. They notified me that my official packet will arrive at my house in 8-12 weeks but that’s ok since I like having the digital versions right away.
I’m Officially a CISSP. What to do?
Well, you’ll need to 120 Continuing Professional Education (CPE) credits to keep it up but that will be over a 3 year period. The official website has an entire CPE portal and pages devoted to help with this. This is a bit better than having to take the exam over again like most renewals so I’m happy with it.
I would take a gander at the site once you are official to see some of the benefits that are afforded to you.
What’s Next?
Since we’re at the end of 2022, I’m going to take the rest of the year to relax and maybe do some TryHackMe streaming on my Twitch channel which is uploaded to my YouTube channel. The Advent of Cyber challenge should start in December for anyone who is interested! I’ll also start reading some of the books that seem to be stacking up on my bookshelf.
This is also the time of year where I decide what I want to accomplish in 2023 and look back on what I accomplished in 2022. These help keep me honest but also allow me to appreciate the work I put in throughout the year.
Hopefully, this post helps anyone who is looking to tackle this certification but also reduce some of the anxiety and scariness of the exam and process. Good luck!