So, How’d I Tackle the Monster? Let’s Get Kicking!

In this blog post, you’ll learn about my steadfast desire to champion the ISC² Certified Information Systems Security Professional (CISSP®) exam, along with the effort and dedication it took to achieve a successful outcome. My journey was not an easy endeavor, but I am hopeful that what I share here can help you during your journey and ease your efforts. Here, I’ll cover:

• Why I wanted to become a CISSP
• Knowledge preparation
• Psychological preparation
• Study habits and cadences
• Taking practice exams and analyzing results

Why I Wanted to Become a CISSP

I’ve spent a large amount of my career in the information security and information technology consulting space. Client organizations have trusted me to identify problems, evaluate security issues, assess risk, and ultimately propose (and often implement) solutions that defend against threats that can cause grave harm and injury to their organizations. Most importantly, I’ve always been seen, recognized, and relied on as a trusted security and technology advisor. But why would I need the CISSP certification when organizations already knew me a seasoned information security professional? Here’s why I decided to get the CISSP certification:

• I wanted to attach a globally recognized certification with my life’s work. As I’ve stated already, I’ve been leading and practicing as an information technology and information security professional for 15+ years. It was long overdue for me.
• The CISSP exam offers every candidate an opportunity to validate and showcase their comprehension of the various domains within information security. I wanted the world to know that when Daniel Wallace is involved, you’re getting quality, you’re getting deep thought, you’re getting a professional who knows how to drive the ship toward success.
• I am a lifelong student and learner. I never consider myself as “done.” I’m never finished with absorbing information or meeting goals that place me in a better position to provide a better life for my family and those I serve in the workplace. I saw exam prep as an opportunity for me to absorb more information into my own knowledge base. At every chance, I want to make a positive impact on the lives of those who rely on my judgment for sustainable technology and information security. I am passionate about it, and I’ve seen how my decisions directly impact organizations and the families/communities that are connected to them.

Knowledge Preparation

My pool of resources was not large in number. BUT! They were spot on in helping me pass the CISSP exam. Here is what I used and roughly how much time I spent with each:

Distribution of Time Spent With Each

• Boson Ex-Sim Max was by far the most useful in my preparation. As you can see, the majority of my time was spent there. Although you’ll see where I used the official ISC² study material below, I found the Boson materials to be veeeeeeeeeery close (in both concept and syntax) to the real test.
• ISC² Official Study Guide is … official. You won’t get any better than this, but to put things into context, the book is well over 900+ pages. It’s a necessity to read through each page of this book, but how does one manage that? I’ll go over that in the section below labeled, “Study Habits and Cadences.” Besides being overwhelmed from just looking at this book, I’ve got to shoot straight with you — the book is indeed a large undertaking. This bundle also comes with practice test materials, so there is plenty of room for engagement with simulated questions and choices of possible answers. We’ll learn about psychological preparation in the next section. Breathe easy! You’ll make it.
• The CISSP Mentor Program offered by FRSecure is fantastic. This program was designed by Evan Francen and has brought on others over the years to assist. Evan set a goal of mentoring tens of thousands of individuals for the CISSP exam so that our world is in better shape for handling information security risks. The program is roughly 14 weeks, meeting two times per week, and is held live via stream on YouTube. Each session is a deep dive. The group steps through each domain for the exam and will walk you through each concept and break things down in a very digestible manner. The stream is usually about +/- two hours in length, so be prepared with a snack and a bottle of water.
• CCCure is a very large bank of test-prep questions. This was my first stop once I decided to prepare for the CISSP exam and I wanted to get into an awareness of question types and possible answer types. It served as a reference point, whereas once I jumped into the ISC² Official Study Guide, I’d be able to say, “Hey, this was part of the question bank. Perhaps this is testable.” It certainly helped put me into a mental exercise of content recollection.

Psychological Preparation

Let’s be honest — preparation for the CISSP exam can burden you in many ways. You’ll spend less time with your family. You’ll spend less time doing the things you enjoy. You might get stressed out a lot. You might find yourself short in temperance. All of this happened to me. And it stinks!

After about the first two weeks of being in panic mode and forgetting things I’ve reviewed, I knew I needed a plan for mental peace. I needed an outlet to simply relax and not be so anxious over this exam. Ultimately, I was scared of what failure would look like. Having to tell people I failed. Having to pay more money for an additional attempt. It’s overwhelming. But I had to come to peace with the idea of not passing on my first attempt. I realized that just because I may not pass this exam on the first attempt, it won’t mean I’m any lesser of a person. It won’t mean I have failed knowledge of information technology and information security. It simply means I need to prepare better and learn how to answer questions according to how ISC² is looking for responses. You’ve got this! You haven’t worked this hard and this long to feel like a failure. We just need to better align with the expectations of this test. I did. And you will.

Talk with your network. One key element to my success was getting input and opinions from those who have already taken and passed this version of the CISSP exam. I asked the same questions to many people:

1. How was your experience taking the exam? What are some “gotchas?”
2. What were some of your strategies for narrowing down answer choices?
3. How much time did you dedicate to studying?
4. What were some of your study strategies?
5. How did you manage your time and pace during the exam? Are there any pointers for helping keep a steady pace?

You’ll come up with a pool of questions for folks, too. Or feel free to use some of the examples above. Don’t be afraid. If you need someone to chat with, reach out to me. My contact details are below.

Study Habits and Cadences

So how did I do this? And how did I manage my time? For me, this was not easy. I’m married and have four kids (a 7-year-old boy, 5-year-old girl, and a set of 3-year-old twins, also a boy and a girl). I work full-time. I volunteer my time elsewhere. My schedule is jam-packed! How?! How?! How?! Cut some things out and slide this in. Some of my volunteer activities had to be cut down (instead of five times per month, it went down to two times per month). Instead of being idling while parenting, I had the Boson material up on my iPad, tapping through questions. I’d later review why I got some answers wrong, once I had more quiet time without distractions.

Things quickly started falling into place. I had a rhythm but no cadence. I needed time dedicated to preparation. I decided that it was in my best interest to dedicate one hour per day, whether it was early morning or late night, to reading the ISC² Official Study Guide Book, or going through a bank of questions. I spent the bulk of my weekends immersed in the official study guide and the various (mostly Boson) question banks. For you, you’ll want to adjust your schedule accordingly and find what items you can scale back on. Find where you might be able to fit in extra time for question banks. Perhaps you can wake up half an hour earlier in the morning and target 25 questions. Chip away at it. Before you know it, you’ll begin feeling higher confidence in preparedness.

Taking Practice Exams and Analyzing Results

As previously stated, I relied heavily on the Boson practice exams. The resource has a pool of roughly 700 questions and the questions are organized into banks A through D (four different banks). The user interface of the resource was easy for me to work with, and I had the option to randomize or customize between banks if desired. What I loved about the resource is that you can see which answer is correct and see the wrong answer choices with why each alternative choice is wrong. This was a game-changer for me. Some answer choices are similar and you’ll want to know why choice X is superior to choice Y or choice Z.

Taking practice exams quickly became a drag for me. It’s exhausting. And oftentimes, I only had the capacity to absorb so much. I came up with a plan. I calculated that If I could spend two and a half hours on 120 questions, this would put me in a better position for the time constraints of the exam. Over the recurring weeks of practice, I got better with pace. I used a timer and this helped me get into a steady mental rhythm.

Conclusion

I am an experienced professional and wanted a knowledge verification that is globally recognized. The CISSP was it! I hope that what I’ve shown here will help you with skills and knowledge prep, psychological prep, crowdsourcing efforts, and ultimately championing this exam. Take your time and absorb the information at a pace that you’re comfortable with. Even if it takes a while, you can still do it.

“Circumstances may cause interruptions and delays, but never lose sight of your goal” -Mario Andretti

Connect with me on LinkedIn

If you have any questions, or would like to discuss this topic in more detail, feel free to contact us and we would be happy to schedule some time to chat about how Aquia can help you and your organization.