SecurITyCerts dot Org

       Navigating Security Certifications

Subscribe to SecurITy, our free newsletter

My Experience taking the CISSP Exam

I was ready to take the CISSP exam in March, but the Navy suddenly decided they wanted to me to visit Jacksonville Beach, Florida. Hmmm, get paid to consult at the beach in Florida, or take an exam in 3 feet of snow; I postponed my CISSP exam and jumped on a plane. I postponed for a $100 fee to an "open date," which gave me 365 days to reschedule. I eventually rescheduled four months later to July.

The exam was given in a Courtyard by Marriott hotel in Cambridge, Massachusetts, and the hotel wanted over $350 for a room. Since I was paying myself, and I could get a free hotel room in a full service Marriott hotel just a few miles away using frequent stayer points, I elected to stay there and reasoned that traffic should be light on Saturday, the day of the test.

I arrived at the hotel around 5PM, and drove the route to the test location to make sure there wasn't anything unexpected such as road construction. I got back to the hotel at 5:15PM, and was severely tempted to go to the nearby Cambridge Brewing Company, an old haunt, for a beer and dinner, but made myself stay in the hotel. The kid's babysitter, recently of legal drinking age, had also joked she was going to show up and take me out drinking, but although it was a joke I didn't tell her or anyone else where I was staying. Old friends in the Boston area were also NOT told I was in town for the night! I ordered room service, studied a little, and went to bed early.

The next day I was up around 6AM, had a good breakfast and some coffee, and packed some snacks into a small cooler to have during the test. I also had a thermos I planned to fill with hot coffee at the last minute so that it would be as warm and fresh as possible. There was a Starbucks downstairs in the hotel, so I could easily fill on my way to my car.

I killed time in the hotel, briefly reviewing the flash cards I had made, and generally trying to relax. I didn't want to show up too early and waste time before the exam room opened when I had a comfortable hotel room. I eventually left, giving myself extra time.

I needed the extra time! There was suddenly a long line at Starbucks, which I endured as I wanted coffee during the exam. I normally have some coffee during the day and it made no sense to disrupt my routine caffeination schedule for the test. The drive also took longer than expected as there was an accident on the way, and I had trouble finding a parking spot at the hotel too.

I still had plenty of time when I registered for the exam. I picked a decent end seat near the door and fidgeted for a while, arranging and rearranging my pencils and generally waiting for the time to pass. Immediately I noticed it was cold in the room and wished I had brought a sweater, but at least the cold would help keep me awake.

I was done studying, although not nearly as well prepared as I had been four months before when I had originally planned to take the exam. The woman next to me was still studying, using her hand written flash cards. She was reviewing crypto, and I noticed she had several errors on her flash cards.

I wanted the damn exam to start! Here I was waiting with a bunch of very unhappy looking people and the proctors. No one was smiling but me. Hey, I was happy. It was almost show time!

Eventually the proctors did their song and dance and let us start at 9AM. I expected more information on food and drink, but they basically said nothing. I thought they would tell us that only drinks with covers were allowed on the tables, and that you could go to the back of the room to eat any snacks you brought, but they didn't. I ended up drinking and eating wherever I wanted during the exam.

The first question was horrible, or rather had all extremely bad answers. I wasted about 5 minutes on it, and eventually skipped it and found the next 15-20 questions to be simple. I wasn't 100% sure I had the right answer on every question, but was confident I was getting most of them right.

About 15 minutes into the test, a gentleman with a strong Indian accent arrived and launched into a long discussion/argument with the head proctor as to whether he should be allowed to take the test. He was insistent, and I was shocked when the head proctor said he would file an "exception report" and allow him to take the exam. I always thought if you were late there was no way you could take the exam?

I plowed through the first 75 questions, and raised my hand to go to the bathroom. I didn't really need to go to, but thought I should get up and walk around. I had to wait a few minutes as only one person at a time was allowed to "go potty." When I returned I also had a snack at my table and a swig of water from a bottle.

I was going through the questions very slowly - and I'm a speed freak. I was forcing myself to read the question and every answer TWICE in an attempt to control myself from racing. I did want to finish the exam and go for a bike ride, even though I found the exam pretty interesting. I'm not trying to brag, but the SANS Security Essentials bootcamp I've been teaching for years has an enormous overlap, so I knew much of the material absurdly well.

Right around the 150 question mark, people started leaving. A few of them were taking the SSCP exam, which is "only" 3 hours long, but most of them were taking the CISSP. Some of them looked like they had just given up, while others had raced through the exam and probably failed.

I took a couple of other breaks, going to the bathroom, drinking coffee and eating snacks. The breaks were more for keeping me mentally fresh than anything else. Six hours is a LONG time and the test is a marathon. Hey, some world class marathon runners can literally run two back to back marathons, 52.4 miles, in less than six hours!

I finished the last exam question at 2:30PM, after 5 1/2 hours. I quickly reviewed about 8 questions I had found difficult and left at 2:45PM, 15 minutes early. Plenty of people were still left and I estimate approximately half the people had left before me. One of the proctors commented that I was the only one smiling.

I knew I passed - although supposedly no one feels confident after the exam. About 3 weeks later I received "official" confirmation. I wasn't a CISSP yet; there was still paperwork to complete, and I'm admit I procrastinated for months before finally dealing with it.

Ted Demopoulos, CISSP

Two excellent and recommended CISSP study guides are:
CISSP Certification All-in-One Exam Guide, 4th Ed by Shon Harris
The CISSP and CAP Prep Guide: Platinum Edition by Krutz and Vines

Official (ISC)2 Guide to the CISSP CBK ((Isc)2 Press Series), the "official guide" is a good reference, but don't plan on studying from it. It's like eating cardboard or reading a dictionary. Good fiber and educational, but not a "study guide."

CISSP Self Study Resources

Ted Demopoulos at Caesars Palace
Ted Demopoulos,  Caesars Palace