You took the plunge and decided that you wish to seek one of the world most regarded Security Certification but you are not sure where to start, what is involved, how hard it could be and you feel a bit lost. Do not despair we will assist you and guide you along your learning path. First, you must ensure you have a sound study plan and you’re ready to invest the time, dedication, and effort required to become certified. There is no single resource that will allow you to pass this exam. There are no cram study guide either, all of the exam dumps web sites offers any warranty for this one. To pass, it has to be a combination of experience, reading, quizzing, and how good you are a taking tests under the clock where your stress level might be slightly higher than normal.

The biggest challenge with this exam is simply the monstrous list of topics being covered and those topics spreading over 10 different domains of expertise all at once. Most of us have worked in about 5 or 6 of the ten domains over dozens of years of experience. A junior security person with the bare minimum of 5 years of experience would have experience in only 3 to 4 domains at the most.

REQUIREMENTS

ISC2 requires a minimum of 5 years of professional expertise in two or more of the ten domains to be eligible for the exam. They define professional expertise as a job where you must apply knowledge, where you are building, you are doing architecture, you are supervising a team of experts, etc… Simply doing a repetitive task would not be considered professional experience.

If you come short of five years, you can still apply for the CISSP® ASSOCIATE program. Under this program you don’t need to have any experience. You will take the exact same test as everyone else, however you cannot claim to be a CISSP® until you would have gathered the full five years of experience. A post secondary education degree or one of the approved certification recognize by ISC2® can give you a one year waiver for experience. However they cannot be combined and only a maximum of one year of experience could be waived.

A TWO STEPS PROCESS

Becoming certified is a two steps process. First your must pass the exam with a passing mark of 700 points out of 1000 possible points. Second, you must
complete the endorsement process which consist of documenting your professionals experience and finding someone that knows you well and can vouch for your experience. ISC2® prefer endorsers who are certified ISC2 members. If you do not know anyone who is already certified by ISC2® you can say so on your endorsement form provided to you by ISC2® after you have passed the exam. The exam today in offered in electronic format, you no longer have to use the paper based version and you get your results immediately at the completion of your exam. Unless you are one of the unlucky few who are getting audited. You can book the exam online on the VUE website at:
http://www.pearsonvue.com/isc2/

THE DREADED EXAM

The exam consists of 250 questions out of which only 225 count for the exam. There are 25 questions being tested for performance and you don’t know which one they are. You must answer all of them as if they count on the exam. Six hours are allocated to complete the exam, this is usually plenty of time but manage your progress carefully to make sure you are on track and you don’t run out of time.

You can take as many break as you wish during the exam, this is what they call unscheduled breaks. However, the clock will not stop and you are on your own time. So ensure you go easy of taking breaks, else you may ran out of time. Do not leave any questions blank, take a guess if needed, you are not penalized for wrong answer. So start by eliminating the choices that are not relevant and if you’re stuck with only two answers that are left, pick one, you may get lucky.

 
Today there are three main styles of questions you will encounter on the exam:

 
1. Multiple Choices Questions with one BEST answer. This type of question is the majority of the exam. You can expect a large number of questions in this format.

 
2. Scenario Based Questions. In this case you have a scenario that is presented with one or a few paragraph of text. After reading the scenario you must answer
two to four question related to the Scenario. This type of question is very tricky. Do not assume anything, if it is not listed in the text, it is not there.

 
3. Drag and Drop Question. In this case you have a list of items you must put in the proper order or it could be items you must drag to complete a formula or a diagram. You will get only a few of those but the number are slowly increasing. ISC2 is starting to use some of the features available online which were not possible on paper.

 
4. Hotspot Question. This type of questions usually presents a diagram or graphic and ask you to choose the best answer by clicking somewhere on the graphic. To fully get ready for the exam you must be familiar with all of the styles above and practice them as well. Do not underestimate the exam, which would be a mistake that cost you $600 USD

RETAKE POLICY

In the unfortunate even you fail your exam, there is a retake policy that is now in effect. It works as follow:

After 1st Failure you must wait 30 days before you can try the exam again.

After a 2nd Failure you must wait 90 days before you can try the exam again.

After a 3rd Failure you must wait 180 days before you can try the exam again.

Obviously you don’t want to go through studying for the exam more than once. Do your homework and pass the exam on the first try. That the best way and the least painful as well.

In Summary

This is just a quick intro on how to pass the CISSP exam and to become a CISSP. We will follow up with more details in future articles. In the meantime there are some key resources I would like you to visit to learn more and to get you started in your studies:

 
1. Online CISSP tutorial on how to become a CISSP

 
2. Tips, Tricks, and how to best use our quiz engine

 
3. Post your questions in our CISSP forum for help

About The Author

Clement Dupuis, Owner and Founder of CCCure and Chief Learning Officer @ Secure Ninja*