It has been an absolute delight to have Claudia in the study group. She has carried herself with a remarkable and positive attitude. I think in a small way she contributed to making everyone else’s day a little bit better, I know she at least did mine!
But wow I didn’t know she failed the exam because she let the NDA screen timeout! All that studying, balancing life and family, only to fail the test without even seeing the first question! I would be devastated!!!
Not Claudia though. She got right back up. She went right back to studying, and proceeded to pass her exam!
This is one of my favorite stories in the “Crack the CISSP” series. I pinged Claudia a few days before the exam just to quiz her on some CISSP concepts. Guess what? Not only did she answer all of them 100% correctly, but she even taught me a little something about polyinstantiation!
Claudia you are a rock star, and I hope you come back every few months and let us know how great your security career is going! Congratulations again, you earned and deserve every bit of your CISSP credential!
Let me begin by making one thing very clear: I do not believe in coincidences. I believe with every fiber in my being that everything happens for a reason. If you told me in the beginning of the year that I would encounter an opportunity that would change everything, I wouldn’t have believed in a second, or even have been ready for it. But it did happen, and it completely blew me away. Here is my CISSP story:
*** If you want just the dirty details of what I used to prepare, then just scroll on down to the section “Thank you for taking the time to read my story…” But be forewarned, you are going to miss out some details that you may find pretty important. ***
So here I am: an almost 40 year old, divorced, childless woman with almost 20 years of experience in the IT field. I started a very colorful career in the private industry, but decided to transition to the public sector before I was 30 to get settled in my career. And boy, did I settle in. The past ten years, I’ve been doing the same thing: software development to support and manage an application that interfaces with Active Directory, MS Exchange, and now Office 365. There are other legacy things, as there are in many instances in government – but I don’t want to talk about that.
Sometime ago, I asked the universe for a change in my career. I’ve been very scared for a long time to make a change, but I was ready. And I know that when I ask for it, I’d better be ready for anything.
The original timeframe was March 21st – May 3rd, 2016. The actual timeframe was March 21st – June 6th, 2016. Read on, and you’ll see what happened.
Everyone at my agency was canvassed to apply for a fast track to obtain the CISSP. The track would include a paid boot camp training, paid materials, and a paid exam. This change was totally not on my radar, but it sounded like a very exciting and fulfilling change. I applied and got accepted, while I’m sure many others were “wait listed”.
We all took this boot camp and followed the Conrad 3rd edition. This was such an intense training, and the instructor was amazing. Not only did he teach us the material, and what would be expected on the test, but he also told us how much time we would need to dedicate to our studies. We were fortunate enough to be provided with study tracks from the instructor – a 4 week track and a 5 week track. I of course opted for the 5 week track, which started the Saturday after our week of training. No break – hit the ground running. It looked something like this:
Read Chapter 2 and take CCCure for Ch.2 – Sat – Sun
Read Chapter 3 and take CCCure for Ch.3 – Mon – Wed
Read Chapter 4 and take CCCure for Ch.5 – Thur – Tue
You get the idea.
Before you assume from reading the second paragraph that I am just an old maid with a lot of time on her hands – hold your horses. I have a second career. That’s right – I have another career where I hold a whole other set of certifications and credentials. I have worked in the fitness industry for over 10 years. While I may not have the craziness of a family, I did have that, and I teach about 7-8 classes a week. And it can be pretty exhausting – I teach boot camp, kickboxing, HIIT and spinning. I also have a side business where I craft and sell my own jewelry.
Well, the jewelry business got put completely on hold. And no more picking up extra classes. Every spare minute I had, I was neck deep in this stuff. I was not messing around. It’s been a long time sense I’ve done something like this, and I was going to do this. This wasn’t about money, it wasn’t about glory and it’s not about a promotion. It’s about proving to myself that I really can change and do something that will make me amaze myself.
I completely consumed myself with the CISSP. I didn’t listen to music anymore – I was listening to lectures. If there was a concept I had a hard time with – I found videos on YouTube and watched them while I was working out on the treadmill. No more going out, no more TV – I was reading. I become anxious, irritable and downright scared of this exam. Was I ready? Could I do this?
May 2016 – Pre-Exam Incident
I took Friday and Monday off before taking the exam on a Tuesday. That extended weekend I packed in extra practice exams, as much frantic studying as I could, and of course Kelly’s Cybrary videos.
So here we are. Test day. I had everything planned out in my head. I get in there, sit down and I close my eyes. I start praying to the universe to help me pass this exam, and to just have the strength to get through this. Then I started to meditate…I opened my eyes…and I see a TIMEOUT message appear on my monitor.
I let the NDA timeout on me. Which means – no taking the exam that day – and forfeiture of the exam fees. That’s why I warned someone who deserved this advice – because it happened to me. Don’t let this happen to you.
As you can imagine, I was a mess. But, I picked myself back up. You see, there’s no sense in crying over spilled milk. It’s just best to look for a towel to clean it up. And as I stated before – everything happens for a reason. It was clear to me that I wasn’t ready.
I worked something out with ISC2, and I was able to schedule another exam about a week later – for June 2016.
May 2016 – Post-Exam Incident
While I was getting something worked out with ISC2, I ordered the latest edition of the Sybex book. I planned on reading it to fill in the holes from the Conrad book (and there was quite a bit), and to get a fresh and different perspective. Man, I couldn’t stand that book. But here was *my* study plan:
Week 1 – Chapters 1 – 5
Week 2 – Chapters 6 – 10
Week 3 – Chapters 11 – 15
Week 4 – Chapters 16 – 21
During this time, I also did a variety of practice exams to keep my current knowledge sharp and fresh. I also downloaded Kelly’s videos on MP3 and started listening to them on my commutes. I then added in Shon’s older lectures in the mix. If I had a spare minute to spare? I was listening to one of my ladies, Kelly or Shon.
I also downloaded the $10 app that went along with the Sybex book. Worth every penny. Quizzes and flashcards at the finger tips. I even remember sitting down at a crowded hibachi table with my boyfriend doing a quiz on my phone, and explaining the answers to him. Someone at the table asked me if I worked for the Secret Service. That was pretty funny.
After falling flat on my face at the exam? Something in me shifted. It was different this time. I was having fun with this. I really enjoyed it. I joined a fantastic Facebook group and connected with wonderful people. I made some amazing friends on techexams.net. I became passionate about what being a CISSP is really about – to protect society and provide an ethical service that will never go out of style.
Test time – I decided to take it at noontime. Was I nervous? Absolutely. But I had some help. I reviewed my notes in my truck for about 30 minutes while fueling up with protein, watched Kelly’s 3rd video about the exam itself, called my boyfriend one last time and went in for the kill. When I got out of my truck, there was a Northern Mocking Bird singing in a tree. I was optimistic.
The test was NOT what I expected. I was expecting more technical content. It was the hardest exam I have ever taken. I went about 150 – 175 questions in and I needed a break. I was thirsty and I had to pee. When I sat down, I felt a little refreshed and went through the rest of the questions. I took a second break – 10 minutes this time. I ate some more food, went pee, chewed on some nicotine gum and guzzled a bottle of Diet Dr. Pepper. Whoops! I burped for about 30 minutes after that. That’s okay – it made me laugh. That detail is important – stay optimistic.
Then the dreaded realization of what I have done set it. I treated this exam like any of my other practice exams. I flagged every single little item that I had even a shred of doubt on. So this was well over 100 questions. I had about 2.5 hours to go. I tried to stay calm. I had about 50 minutes left and I started to panic. I still had so many questions to review. So I decided to take a break – that probably was the push I needed to actually pass the exam. I came back with more focus.
At the end, I had 3 minutes left when I had everything unchecked and reviewed to my somewhat satisfaction. I wasn’t sure how I did, but I was pretty sure that I failed. I called the exam proctor over and he walked me through ending the exam, which was pretty comical. He kept saying “Click yes. Click YES!” Me: “Argh! Alright…” I had tears in my eyes.
I jumped up out of my seat, pushed him aside and ran to the lobby of the test center. I saw the printer print out two pages and my heart just sunk. You see, I understand that if you pass you get the “Congrats you passed!” letter and that’s it. I know that if you fail – you get your score and an explanation of what you need to improve on. I thought the two pages was all that explanation.
Then I saw that I passed, and I screeched. I couldn’t believe it. I had to look at it again. Then I hugged the exam proctor and started crying. I literally felt like I won a Miss America pageant. It was over.
When I got back to my truck – that Northern Mocking Bird was still there, singing away in his tree. I could almost hear his song “I knew you could do it.”
Surprisingly, I was not exhausted. I was completely wired. I could hardly sleep that night. But, everyone’s mileage varies.
This whole process has been such an incredible experience of growth for me. I forgot that I have what it takes. I remembered how I can get so excited about learning something new. How giddy I got when I see what I am learning applied in real life, in my job, in the outside world. How that I really can accomplish ANYTHING that I pour my head, heart and soul into.
Thank you for taking the time to read my story. Now here is the summary of the training and studying (in chronological order):
::1:: One Week of CISSP live Boot Camp
If your employer or another source can provide this for you? This is the way to go. If not, I bet something like CBT nuggets or Cyber Kung Fu (YouTube) would be an adequate substitute. If you haven’t completely lived and breathed information security in the past few years, I highly recommend you doing this first before doing anything else.
::2:: Conrad’s 3rd Edition Study Guide
I’d say that this book probably covers about 80% of the CBK. While it is what I consider an easy read and straight to the point, I do not think it would have been enough for *me* to pass the exam on its own.
What I did: I highlighted every section that I wanted to review. And I made flash cards out of these. If I wanted to make a flash card on a topic, I wrote FLASH next to the section. I would then go back and make my flash cards. I have about 1000 hand written flash cards color coded by domain. Writing it out helped me retain information and I took my flash cards with me everywhere.
::3:: CCCure Practice Exams
I first found the community provided content extremely frustrating. What also left a bad taste in my mouth was all the Biz Con stuff in the first domain. Biz Con is NOT covered in the Conrad book as the first domain. Completely threw me off – I decided to table the CCCure stuff until I was done with the Conrad book – I don’t recommend doing that.
::4:: Transcender Test Engine
I was a fan of this because of my Microsoft background. This is not my first time at a rodeo like this – it’s just been a long time. However, I feel the transcender is extremely challenging, yet too technical for the CISSP.
::5:: Boson Exam Environment
I wish I gave this more of a shot than the Transcender. The exam questions probably fit a little bit better like the actual exam than Transcender did. Not only that, but it was cheaper and I had a coupon 🙂
::6:: Sybex Latest and Greatest
Man, I hated this book at first. It was big and dry, I didn’t like the newspaper-like paper, it made my highlighter run, the drama! But I stuck it out. If you have to pick one book? This is it. However, I never read the AIO.
What I did: This time, I dove deeper into concepts that I wanted to get down SOLID, such as IPSec, Kerberos, PKI and how SSL works on a browser, etc. I went back and wrote out these highlighted concepts in my own words in a notebook.
::7:: Kelly’s Cybrary Videos (new ones only)
I actually donated money to Cybrary after I passed the exam. Kelly is phenomenal. I highly recommend her videos – she really pulls everything together. I binged-watch these videos both weekends before both of my test dates.
::8:: Shon Harris’ audio lectures from the 10 domains
If you have a longer commute to work, these would be perfect. The would be perfect on your lunchbreak, too. They are long and she is very thorough. She knows her stuff inside and out. But be warned, she has a very soothing voice. It can drift you into a nap if you really need one.
::9:: That 10 dollar Sybex Mobile App
What a cool little tool! Very handy, very convenient and fun.
To sum up, I probably spent over 300 hours over about 10 weeks. But that’s everything – reading, lectures, practice exams, etc.
Some other tips – Take care and be kind to yourself. Eat well – ditch the processed and fast foods and make something from SCRATCH. Drink plenty of fluids (water), and cut back on the alcohol for a while – it doesn’t do your brain any good. Get plenty of rest and know when to take a break when you need it. Get some exercise/activity and keep in enough touch with people so they know that you are still alive 🙂
I would recommend that you schedule your exam on a Monday or Tuesday. Take Friday and Monday off to tie up loose ends that you are still shaky on, watch Kelly’s video, and maybe take one more practice exam. But be careful – a solid practice exam will take a lot out of you, so do it at least 48 hours before your real exam to rest appropriately.
When you take the exam, a lot of the times you will find yourself down to two possible answers. Remember this one thing when you are in that situation – “How would ISC2 WANT me to answer this question?” Keep in mind – you are not there are a technician, an engineer or an architect. You are there as a RISK ADVISOR.
If you are on your path to obtaining your CISSP, or any certification for that matter…I wish you the best of luck. If the path that you are on is an honest and ethical one, then I have the highest respect for you. Just remember that this is a marathon, not a sprint. And yes, if you are open enough – it will change your life.
I’d like to thank my very amazing boyfriend for being so incredibly supportive. The day he first kissed is the day my life started to change. He is my rock and my best friend. I hope to live the rest of my days by his side.