Sitting for the CISSP exam can be intimidating even for an experienced and capable test taker. 250 multiple choice questions in 6 hours means you have to be navigating through the exam at an average pace of completing one question every 69 seconds. A disciplined CISSP test taking approach is necessary to perform at a high level to reach your goal of passing the CISSP exam on your first attempt.
CISSP – Before Exam Preparation
Step 1 – Preparation is key, put in the study time
For most people the CISSP exam requires a focused and intense study effort. Even if you are an IT Security professional with a lot of experience across a few of the domains you need to study to learn the ISC2 way of approaching the exam. The CISSP tests your knowledge base across 10 very different information security domains and if you have weaknesses in any of them it could mean the difference between success and failure.
Step 2 – What is your CISSP MED (Minimum Effective Dose)?
Assuming your only goal is to pass the exam ideally you would want to find the minimum effective study dose that will enable you to pass the exam. A weighted score of 700 out of 1000 (70%) is required to pass so targeting a 75% leaves sufficient margin for error. Overachieving is encouraged but remember your goal is to pass so build your study plan with that goal in mind. Your CISSP MED will be determined by several factors including:
- Breadth and depth of industry experience across the 10 domains
- Your ability to memorize important information
- Your test taking abilities
- CISSP preparation method (self taught, CISSP training class or boot camp, etc..)
- Your risk tolerance for doing just enough vs. the more is always better approach
Step 3 – Formulate a winning CISSP study plan
The CISSP exam is about winning (no I am not Charlie Sheen). To win you must approach the exam with a disciplined test taking approach and laser like focus. Here are some tips to get you started:
- Speed read/scan through each domain area in your CISSP study materials to get a feel for the terrain. The CISSP is a Napoleonic campaign not a minor skirmish. A good general knows their surroundings so scout ahead.
- Use your notebook to highlight which domain areas require more focus for you vs others that you have more comfort with. This will be different for every test taker, I highlighted Cryptography, Access Controls, Application Development Security, and Security Architecture & Design as my areas to focus on for extra study time.
- Review each domain and make notes of key material that you were not previously aware of or were confused about during your review. These notes will serve as good day before the exam study reinforcement to get these problem areas into your short term memory.
- Complete the practice exams/questions after each domain. Make notes of any questions you get wrong, research why, and document the results in your notebook.
Step 4 – Prepare a winning CISSP test taking approach
When I sat for the CISSP exam I used the following test taking approach:
- Prepare to mark up your exam booklet. The exam book is the perfect place to make notes and mark questions for follow-up that you will need to go back to later. I did this by making an index on a designated page in the booklet and listed questions I needed to return to. This allows you to focus your extra time on the right questions vs. reviewing ones you know you have correct.
- Cross out obviously incorrect answers so only possible options remain
- Complete questions that you quickly know the correct answer to by circling the right answer in your exam book and circling in the answer grid. If you can only narrow the possibilities down to 2 choices make note of that question on your index sheet and move on.
- Once you have completed all of your slam dunk questions utilize your index to return to the questions you need more thorough analysis on.
- For questions where you are down to 2 choices put your CISSP hat on and ask yourself What makes one of these the preferred answer based on the material I reviewed? Is there a subtle difference that makes one of the alternatives an inferior answer. Think back to your short term memory if its a question you highlighted as an area of difficulty.
- Implementing this disciplined approach helps make optimum use of the allotted 6 hours and avoids getting bogged down on questions too early in the exam process. This helps give you the mental edge and confidence you will need to slay the CISSP dragon.
Step 5 – Practice the plan on sample CISSP exams
Obtain practice exams and treat them as an actual simulation of how you would approach the actual exam. Test the approach explained in the CISSP test taking steps above. When you review your exam results determine:
- How accurate was your assessment of your slam dunk questions? A high correlation validates your partial readiness problems here show you need a return to the study material.
- How accurate was your return to question index vs. the questions you got wrong. A high correlation will validate your judgement and helps validate your approach.
- Analyze trends on missed questions and try to pinpoint it to specific CISSP knowledge domains. If you see glaring gaps retrain in the problem domains.
Step 5 – Make notes of the areas/concepts you need focused improvement in and continue to give these areas attention prior to the exam.
CISSP – The Day Before the Exam
Step 1 – Plan to spend the night close to (or preferably at) the testing location
Ideally you should stay within walking distance to the location of the exam if possible. This helps you avoid a drive while you will be distracted, lowers your chance for unplanned delays and puts you in an exam taking mindset. If this is not possible make sure to leave several hours before the exam begins to account for Murphy’s Law. Ideally you would be off from work on this day as well to focus on the day ahead.
Step 2 – Review the study material
I am a big fan for having the material fresh in your short term memory especially the noted trouble areas from your practice exams.
Step 3 – Go to bed at a relatively early hour and get plenty of rest.
Try not to let your mind worry too much you have put in the preparation time and the end is in sight. Avoid excessive alcohol or other toxins that could interfere with your success the next day.
CISSP – Test Day
Step 1 – Eat a solid breakfast
Not big per se but the breakfast that typically energizes you without making you feel lethargic. I prefer something low in carbs and high in protein like eggs but do what you like and do not stray too far outside your norm.
Step 2 – Arrive to the exam one hour early to get acquainted with the environment, get registered and get focused on the goal.
Step 3 -Bring identification, number 2 pencils and other materials that the preparation info tells you to bring.
Don’t let these administrative details get in the way of your success.
Step 4 – Implement the test taking plan described in the Prepare a winning CISSP test taking approach above.
Your practice with this approach should give you the confidence and winning formula for maximizing your CISSP results.
Step 5- Use all of the allotted time
Some people will leave early, don’t be one of them. Use the whole 6 hours and once your slam dunk questions are done hone in on your index of return to questions and cross them off as you find your best answer.
Step 6 – Await your passing results
Don’t sweat the waiting period. If you have implemented this approach you should do just fine.
Here is to your CISSP certification!