First Impressions of CISSP Practice Exam

Share this
Preparing for the CISSP Test

The first phase of my studying is complete and I felt great this morning because I knew what was coming.

Finally get my first crack at a practice exam for the Certified Information Systems Security Professional (CISSP). Everyone says this test is tough but I’m not hearing any of that. I’m going in guns blazing and hoping to show myself that I got this. Wish me luck.

Three Hours Later / First Impressions of CISSP

What a nightmare that was. Don’t get me wrong, it was the experience I wanted but man it definitely didn’t hold any punches back.  I definitely have a newfound respect for test taking.

One thing I noticed right away was the amount of options for a response was not the traditional 4.  Many of the multiple choice were 8 responses, with a lot of combination answers (i.e. option a, option e and option d).  Thinking about it, this is likely a method to ensure that you know the content in and out. It’s not enough, nor should it be, to know what the acronym are, you really need to take the time to understand the concepts.  This is key in separating the novices from the professionals.

The other thing that caught me off guard was the scenario questions.  Here the question would explain that you are a security professional tasked with providing recommendations of a security plan or business continuity plan.  It explains a lot of the current controls and deficiencies of the corporation you are working with.  About 9 paragraphs long, no joke, but when you read what the question asks you, it quickly becomes apparent that it has nothing to do with the actual scenario itself, at least not directly. My only concern with this is how much of a time sink this is and as I will explain in the next section, time management has to be top of mind.

Always Think Time Management 

Time Management for CISSP is important

In no way do I consider myself a great test taker.  With that being said, I believe the key to being successful on this test beyond knowing the content is managing the clock.  The CISSP test is 3 hours long and approximately 150 questions. This means each hour you will need to have completed at least 50 questions to avoid running out of time.

As mentioned prior, the scenario questions took me for a loop.  I literally spent roughly 4 minutes reading and analyzing the question only to be told that everything I read was irrelevant.  This was definitely frustrating as I knew I shouldn’t spend more than a minute and half at best for each question.

Going forward I believe I will start reading the direct question first, then the available answers.  If they make sense, I may forgo the scenario altogether.

The CISSP Aftermath

After the dust settled I received an unsatisfactory score of 61.33%.  The thing I appreciate about this practice test is that it shows me exactly where I struggled and I will be focusing on those areas throughout the week.

61.33% for CISSP Practice Grade
My First CISSP Grade

By far my weakest area shows Identity and Access Management.  I believe this section had the most 8-answer option questions and some current technology I was not aware of like the Clipper Chip.  Apparently that chip was developed by the United States National Security Agency (NSA) as an onboard encryption device for secure communications.  It also doubled as a backdoor device. May need to do a blog post on that sometime soon.

It is good to know where your weaknesses lie as it can be used for motivation.  The only way to success in life is to learn from the mistakes you have made. I intend to do just that.

I hope to have better results next week. April is crunch month. Plan on taking the test in May providing the pandemic allows

Stay tuned.

For over 20 years, I have had the distinct opportunity to work in the Information Technology space under a variety of distinct roles. My unique position has helped me become a risk management Maven for Fortune 500 and Small Business Companies around the world. For the last 12 years, I have assisted Small Business Owners and Insurance Agency understand the impacts of Cyber Incident exposures and what steps to take to help mitigate potential data breaches. My desire to expand my reach related to cyber security has led me to establish the Sage Knows IT blog as a way to help Small Business Owners and aspiring Information Technology (I.T.) Professionals better understand the road-maps of I.T. through the experiences I have had. Information Technology and Information Security is the future of our world and I hope this blog will inspire those that are interested in joining our ever involving field.

Related Posts

CIA Triad 2022

Understanding the CIA Triad in 2022

A question I commonly see when individuals are trying to break into the Cybersecurity industry is: What do I need to understand to be successful and make…

CISSP Domain 1 Notes

Last week, both our YouTube Channel and the blog reached milestones I anticipated taking year to accomplish. It is difficult to put into words how thankful I am. As a way of expressing my gratitude, I’m making available the notes I used to pass the CISSP.

Studying The CISSP Using Amazon Echo

Many of you are probably thinking to yourself that I’m crazy but I assure you on this topic, I am not. The Amazon Echo (Alexa) is one of the most underrated and most powerful tool available on the market. Not only can it tell you the weather, lock your front door, play music and tell you when a local store is open but it can read books you purchase….

How I Studied And Passed The CISSP Exam in 2020

Everyone has heard the stories of how tough the Certified Information Systems Security Professional (CISSP) examination is. It’s been described as taxing, mind-blowing and hard to pass. In fact, in many tech circles,

The Big Update

These last couple of weeks have been tough for me. I realized that my internal struggles with anxiety will have to be met head on if I am to have a chance at passing this CISSP exam.

Why My WordPress Blog Is Being Attacked?

My blog has been live for about 30 days and I’m shocked at the malicious attempts to gain access to it. Not quite sure what exactly the motivation is but it can be daunting for non-IT bloggers to see Brute Force attacks from IP addresses on the other side of the world.

This Post Has One Comment

Leave a Reply

Your email address will not be published. Required fields are marked *