After I underestimated the CISSP written exam achieving only 60% back in July 2012 (the pass rate is 70%), I decided to retake the exam though this time it was available to take it electronically. Pass or fail, I wanted to express my experience. It's gut-wrenching to even write this though recently I failed the electronic exam retake by 1.5%.
My 1st attempt was by paper form. I blogged my experience entitled My experience taking the CISSP exam. I was one of the 81% of individuals who failed on their 1st attempt. I put it down to underestimating the exam questions and the sheer depth of the exam topics.
I feel there's nothing embarrassing about failing the examination. It is however painful knowing I need to devote another 3 months of my life and splash out on another $600 in order to re-sit.
If you're thinking about taking for the exam, be prepared to devote yourself. I've stopped socialising and became sober-free for the last 2 months just to have more efficient revision time during the week. 3 hours a day minimum for the 90 days and 6months revision for the first exam. all because I can start learning topics like the 16th century cryptography techniques.
I have pulled together the differentials between the exam formats and let people be aware of the 'need to know'
1. The exam layout
Unlike the written exam where the doors close @ 8am and starts 1 hour later because of the rigours checks and sharpened your H2 pencils, the electronic exam is constructed on the standard examination rules. You are seated, you agree to the examination rules by clicking 'Accept' then the first question pops up. The electronic exam is far more efficient and avoids the human error of penciling the answers on separate papers. I finished 1 hour earlier than my first exam attempt, probably because the accumulated time-saving technique when the electronic clicking compared to penciling in the answer.
2. Yummy Food
One thing I was not aware of was that you're prohibited to eat during your exam whilst taking the electronic exam. Food and refreshments are allowed for the written exam though all of your precessions are withheld in a locker until the end of the exam. With this in mind, have a good light and healthy breakfast, don't rely only on coffee and the food in your locker like I did for 6 hours.
3. Scheduled Breaks
With some exams with such a length duration, it's not uncommon to have fixed, scheduled breaks The CISSP exam is not the case which is good if you require the restroom whenever your bursting - No need to cross your legs or watch your face go purple.
4. Do not underestimate the dynamics of the questions
You will rarely get a question in the structure of, 'What does xxxxx mean?'. You will be placed into a scenario to select the best option. I say this because all the possible answers may be right, though the correct answer will be the best-fitted one. This is why the exam is hated so much because there's no clear cut question or answer.
5. Instant Results
The worse thing about the written exam was the 6-8 week anticipation to see if you passed. With the electronic exam, you get them instantly however I experienced a horrific moment when waiting for my results on the screen. I clicked 'Finish exam' and waiting for about 10 seconds, I then received the message starting...
CONGRATULATIONS! ... (Something else after it)
Now, when you first see this word in bold writing, you would immediately think you'd passed. That magical word after sitting and staring at the screen for 6 hours made it all worthwhile. INFACT the message was as follows:
CONGRATULATIONS! You've finished the exam!
... WHAT!?!?! You're congratulating me for answering 250 questions, ANYONE CAN DO THAT! Whats the results to the exam?!?
Personally speaking, Positive words like these when I'm tired and starting at the screen is both highly misleading and unfair. Furthermore, the screen goes blank...
As I am new to the electronic ISC2 exam and prior to the exam I read the message above, I didn't know if I was going to get my results now.
A large American black lady escorts me out of the testing building and escorted me back to my untouched sandwiches. I'm now thinking to myself, 'Maybe I read it wrong, maybe I did pass?!' As I'm hydrating my warped mind and body, Adjacent to me was another large black lady reading a printed document. Not knowing if she worked at the test center, she calls my first name.
She was being incredibly nosy, starting with the paper whilst walking towards me... Hands me the paper in a somewhat unmannered behaviour then walked off.
I immediately walked out of the test center in the privacy of others to reflect on what I though was my exam results... I failed by 1.5%. I got 685 out of 700.
I felt total dispare, I have devoted myself for 9 months with the draining feeling that I will have to try for another 3 months. Even if I passed next time round, I would of spent nearly $2,000 on exam fees let alone the material used.
So learn from my experience and be prepared to receive the result via paper or in the next 4-6 weeks.
6. Comparatively, do the questions differ?
The questions are not be clear cut. I would begin by learning the fundamentals, advance on to further complexities. I did however notice 2 questions that I remembered from the previous written exam so be prepared if you're retaking the exam to learn from your mistakes. I have talked roughly about the CISSP question structure.
7. How to prepare for the exam
It's true that you have to devote your life to this examination because it's a mile long and an inch deep. I would take the exam preparation in the same fashion as the written exam. I know I have yet to pass, though I have read many materials. I have pulled together CISSP learning material that I would recommend.
8. The Price difference
At the moment, the written exam is $549 whilst the electronic examination is $599. I don't understand this because the written exam contains a rented room with people only taking ISC2 exams, and moderators thats are employed by the same company. Surely, an electronic version of this, saving paper and H2 pencils etc, would be cheaper... obviously not.
9. Good luck
I hope this gives you some idea on the challenge ahead. I will be retaking the exam just before the end of 2012 in the hope I pass.
About the author
Daniel is a Technical Manager with over 10 years of consulting expertise in the Identity and Access Management space.Daniel has built from scratch this blog as well as technicalconfessions.com
Follow Daniel on twitter @nervouswiggles
Comments
Other Posts
AS I was migrating my environment into an S3 environment, I wanted to leverage off the SES services that AWS provide, more specifically, to leverage the off the SMTP functionality by sending an email via PHP
Read More...
The WeMos D1 is a ESP8266 WiFi based board is an extension to the current out-of-the-box library that comes with the Arduino installation. Because of this, you need to import in the libraries as well as acknowledging the specific board. This process is highly confusion with a number of different individuals talking about a number of different ways to integrate.
Read More...
NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration.
Read More...
For what I see, there's not too many supportive documentations out there that will demonstrate how provision AD group membership with the ICF connector using OpenIDM. The use of the special ldapGroups attribute is not explained anywhere in the Integrators guides to to the date of this blog. This quick blog identifies the tasks required to provision AD group membership from OpenIDM to AD using the LDAP ICF connector. However this doesn't really explain what ldapGroups actually does and there's no real worked example of how to go from an Assignment to ldapGroups to an assigned group in AD. I wrote up a wiki article for my own reference: AD group memberships automatically to users This is just my view, others may disagree, but I think the implementation experience could be improved with some more documentation and a more detailed example here.
Read More...
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...
org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...
ForgeRock IDM - org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...
When performing the attempt of a reconciliation from ForgeRock IDM to Active Directory, I would get the following error
Read More...
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...
During the reconcilation from OpenIDM to the ICF google apps connector, the following error response would occur. ERROR Caused by com.google.api.client.auth.oauth2.TokenResponseException 400 Bad Request - invalid_grant
Read More...