Saturday, January 8, 2022

Thoughts on taking the CISSP exam

There are a lot of sites, articles, and videos with lots of useful and helpful information on how to prepare for the CISSP exam, including why you should (or not) consider getting this certification to begin with.

This is not one of them.

Everyone has a study strategy -- watching videos, reading books, taking a live/online class -- so I will not comment on that. What I did after is where I want to focus on, namely taking practice exams. Short version is learn from my mistakes. Long version is that there are

  • Known knowns: what you already know from your experience and previous study.
  • Known unknowns: what you know that may be in the exam but you have never studied or dealt with. For many, that would be binary math and cryptography.
  • Unknown unknowns: what may be in the exam and you have no idea it even exists to begin with.

What you know, you know so no need to spend much time on that besides refreshing. What you know you do not know, you can study/practice/figure some way to learn. But, if you do not know that you do not know something that may be in the exam, it will bite you. You need to convert the unknown unknowns into known unknowns so you can work with them. To find them, focus on those practice tests at least for the last two weeks before the exam. You are using these exams to probe were you need to work on. Examine the results and explanations associated with the questions you did get wrong. In my case, they could be grouped as:

  1. Rushing to read and missing a keyword. Read the entire question and all the answers. I know that sometimes the question starts with 5 sentences of story time before getting to the point, but take your time to read it all. Then read it again to identify the key points in both question and answers. Slow is fast, fast is slow. But, there is too slow; don't be James May.
  2. Choosing an answer, second guessing, and then finding out the original answer was right. This is specially true for those questions you are not really 100% sure of the answer, and was how I missed most of the practice questions by far. Train and trust your gut.
  3. Not eliminating the answers you know for sure are not right. As mentioned above, you will face questions that you are not sure of the right answer for some reason, like some encryption detail, but you may be able to deduce it. To do that, remember a Sherlock Holmes quote, "once you eliminate the impossible, whatever remains, no matter how improbable, must be the truth." First thing you need to do then is get rid of all the answers that could not possibly be true. Sometimes that will leave you with two answers, which means you have increased your chances of getting the right answer from 1 in 4 to 1 in 2 (it might be even better depening on how you want to calculate it).
    NOTE: this may not work with questions you need to select 4+ answers from a list. In one of the practice questions I took, it turned out I needed to select all of them. I read the explanation, try to understand the thought process, and then add to my study notes.
  4. Trying to solve it as an engineer instead of as manager. This is reference to the famous "think as a manager" quote associated with this exam. Technical me may want to write my own solution while managerial me would refer to policy, buy a tool, or contract someone. If both technical and managerial questions are listed, pick the later for this exam.
  5. (last but not least) you may be missing some knowledge. When I find those, I look at the explanation, add what I think will help me to my notes, and then check for futher info (in a book or online).

Full Disclosure: Items 1-4 were where I needed to work on.