Mike

DFIR and something something something

4 minute read

roger-cissp.png

Summary

  • I passed the exam at question 175, and it took me about 2 hours and 20 minutes.
  • I heavily relied on (ISC)2 CISSP OSG, Thor Pedersen’s Lecture Notes, and Destination CISSP Study Guide.

Study Materials

  • (ISC)2 CISSP Official Study Guide: This is the most important learning resource for the CISSP Exam.
  • (ISC)2 CISSP Official Practice Test: The questions are not like the ones you see in the exam, but doing these questions helps test your knowledge of the concepts from each domain.
  • CISSP Exam Cram Full Course (All 8 Domains) by Pete Zerger (Inside Cloud and Security): I used it to recap things I already know.
  • CISSP Certification: CISSP Domain Boot Camps by Thor Pedersen: I used it for topics that I was unfamiliar with or needed someone to explain certain concepts in detail.
  • Destination CISSP Study Guide: It’s a good alternative to the OSG (it’s not a replacement).
  • How to Think like a CEO by Destination CISSP: It’s easy to follow along and understand what a typical ‘manager’ would do in a given scenario.
  • How to Think like a Manager by Luke Ahmed: The first few questions threw me off, but I think it’s good exposure when you’re preparing to take the CISSP exam.
  • Why you will pass the CISSP by Kelly Handerhan: It’s useful.

Preparation

I started preparing for the CISSP exam 3-4 months before my exam. The first thing I did was scan through the CISSP Official Study Guide. I used ChatGPT to summarize each topic into Joplin (a note-taking app) so that I could read and learn from my iPhone/iPad when I wasn’t with my laptop.

If you’re taking the CISSP exam, you might have some background in cybersecurity. It’s important to find out which topics are tested for the exam and identify the topics in which you’re weaker. For me, I had some experience from university, and by the time I took the CISSP exam, I had already worked for a year in DFIR. Topics regarding the CIA triad, encryption, digital signatures, digital forensics, incident response, and the software development life cycle were a bit more familiar to me.

Going through the Official Study Guide helped me identify topics that I was weak in. If the summarized version in Joplin wasn’t clear, I’d refer to the Official Study Guide or watch Thor Pedersen’s lectures on Udemy. Thor Pedersen’s videos are useful if you need someone to explain a topic to you in detail. For topics that I was more familiar with, I found the CISSP Exam Cram Full Course YouTube video by Pete Zerger was good enough.

I tried to complete all the available questions on the OSG and Official Practice Test on the Wiley Efficient Learning website. It was the best way to practice and test whether I had a good understanding of the topics. It helped me identify details that I was unsure of.

1 Week Before the Exam:
I started reading the Destination CISSP Study Guide one week before the exam. I wished I had used this guide earlier. I recommend it as an alternative to the Official Study Guide. Think of it as listening to another lecturer explaining the concepts in each of the domains in a different way to you. It also highlighted what you should remember for the CISSP exam. The graphics and tables in the Destination CISSP Study Guide are good visual aids that show contrasts when comparing solutions.

48 Hours Before the Exam:
At this point, I started reading How to Think like a Manager by Luke Ahmed. I remember going through the book and doubting my preparation for the exam because I had not done any practice questions like the ones in the book before. I did about 10 questions in this book and decided to just relax since it was so close to the exam. I watched How to Think like a CEO by Destination CISSP and Why you will pass the CISSP by Kelly Handerhan as well.

Exam

I booked my exam for 10:15 am on October 11, 2023. I had a light breakfast with coffee because it was early. I was just listening to a podcast that was not related to cybersecurity on the way to the exam venue. Once I registered for the exam, I waited for about 10 minutes before entering the exam hall. The examiner called me, and I entered the exam hall with my jacket.

I answered all 175 questions for the exam with roughly about 100 minutes left. The exam questions were nothing like the ones I’d seen in the practice test. It’s true when others say that most of the answers to the questions sound correct. I think watching How to Think like a CEO by Destination CISSP and reading a bit of How to Think like a Manager by Luke Ahmed gave me an idea of what options are more favorable as a manager, and it helped me narrow down my choices during the exam.

At the end of the exam, I walked out thinking that I might fail because I had to answer all 175 questions. I went to the printer to collect my result slip, and it said ‘Congratulations…’.

Overall, I am glad that I managed to pass the exam after putting in all the effort over the past few months.

Comments

You May Also Enjoy