The wait is finally over. After nearly 18 months of study, two CISSP seminars, and a few thousand dollars, I finally passed the CISSP exam on September 26th. It was brutal, taking me exactly 5 1/2 hours to complete, with only one break. I was sick on drive home, convinced I had just blown more than $1300 for the hotel stay and exam, not to mention 40 hours of leave from my job.
But, I felt much better after I got home and went through the material to check on some of my answers. Still, the CISSP exam is one of those things that very few people feel good about when they are done. It is unlike any other test you may take, it's rare to find a question you can just open the book and find a direct answer.
In fact, it's quite common to read a question and say to yourself "oh, I know the answer to this one", only to find none of the given answers fit. The moral of the story is that in a perfect world you get a perfect answer. Information Security Security, though, is not a perfect world, especially when you have a business to run, a finite budget, and long list of things to do with that budget. On the exam, it's rare to get a question and the optimal answer is one of the choices.
As a person with a IT technical background this was particularly hard to grasp. In the Microsoft world, the answer to an exam question is always whichever is the Microsoft best practice, and you can usually point it to one of Microsoft's textbooks for a direct answer. CompTIA and Cisco are much the same.
To be honest I was shocked when I got the email, I read it several times to make sure I read it correctly. After I finish the application process, which involves and endorsement by another CISSP and submitting a resume with all relevant experience, in a month or so I'll get the certification.
Mamas Best Recipes
The Cartouche - Science Fiction Reviews
Add to Technorati Favorites