Let's talk about my own situation first. I have about 4 years of information security work experience. I have done security testing, half-baked front-end development, and sdl. Therefore, the security assessment and testing and software development security in 8 domains are still Calculate to understand.

This article is divided into the following parts

  1. What are the review materials to see
  2. How long does the learning cycle take?
  3. What level of mastery Can take the exam
  4. How different is the new version of the syllabus
  5. Exam experience

I. What are the review materials to see h2>

In the beginning, I mainly focused on AIO (All In One Seventh Edition), supplemented by OSG (Official Study Guide), and read both books twice. Later, I felt that OSG was more organized, so I mainly looked at OSG. Shangmoubao bought an electronic document, and the mind map in it is helpful for sorting out knowledge points.

The exercises are mainly post-book exercises, in conjunction with the official CISSP Official Practice Tests. Later, I borrowed a colleague's account of an institution to brush 3 sets of comprehensive practice questions. In fact, most of the questions are also in the Official Practice Tests. Since the new exam syllabus was launched in May, the knowledge points of the syllabus were checked and filled before the exam.

Second, how long does the learning cycle take?

It took me 7 months to prepare, but looking back on my review process, I personally feel that it took 4 months Appropriate. Why do you say that? I made an appointment in December for the exam in May of the following year (because all other appointments are full), I believe many people are like me. If the time is too long, there will be no motivation, and I usually work very tired. I often fish for three days and two days. drying the net. Only when the exam is approaching, think about the $699 ocean, grit your teeth and start serious review, this time is the most efficient. And my effective review time is about 4 months. My review time is 1 hour early in the morning, 1 hour after get off work, 4-5 hours a day on weekends, and 7-8 hours a day on weekends in the final sprint period.

How to use these 4 months? I think a more reasonable arrangement is as follows:

  1. Read through the OSG once, and know what the 8 domains of the exam are about. After completing the after-class exercises, I also have a vague concept of which test sites are (3 weeks)
  2. Intensively read OSG and take notes while reading (4 weeks)
  3. Read AIO once , and add the contents of AIO into the notes. Because some content is available in AIO, but not in OSG (3 weeks)
  4. Start frantically brushing questions! By brushing the questions, on the one hand, you can check and fill in the gaps, and on the other hand, consolidate the existing knowledge points (4 weeks)
  5. Pre-exam preparation: review the wrong questions, review the notes, go through the mind map, and go through the exam syllabus (1-2 weeks)

Although I didn't follow this plan, I read AIO at first, and the notes were also made for AIO. After reading it twice, there are many Can't remember the content. Later, I found that OSG is more organized, and AIO has a lot of content that is too detailed and cumbersome, and I am not very good at exams, but it increases my burden. Therefore, an OSG-based review plan is more recommended.

What are the notes?

  1. All the bold words on the book, write down its concepts
  2. Knowledge points that I don't know
  3. Knowledge that I think may be tested Points
  4. The knowledge points that you will not encounter when doing the questions

Three, to what extent can you take the test

Let's talk about the types of exam questions first. I classify the types of test questions into the following categories:

  1. Concept questions: To know the concept of the test site. For example, there are four types of fire ABCD, which fire extinguishers are used for each.
  2. Sort questions: To understand the steps of each process and what each step does. Such as BCP process, data classification process
  3. Understanding questions: think about the problem from the perspective of the CISO. For example, why a risk assessment is necessary is to reduce the risk of the organization to an acceptable level. Or give you a scenario that lets you choose what to do in the first step

How much do you want to master?

1. The first is to understand all the conceptual knowledge points in the book. A question must be able to read the meaning of the question and know what its test site may be. At least 90% of the questions must be able to see the test site at a glance. Being able to know the respective concepts of the 4 options, because there are many interfering options, if you know what they mean and where they are used, you can directly eliminate them. Most of the exams are concept questions. After you have brushed more practice questions, you can directly select the corresponding answer for the concept questions.

2. Followed by the knowledge points of the process, you must know the general process, say what each step does, and often test what needs to be done in the first step of a certain process. For example, the steps of data classification, the steps of BCP, the steps of incident response, the steps of electronic discovery, etc.

3. For comprehension questions, there are basically no original questions to refer to, but many questions can directly eliminate 2 wrong options. In the remaining two options that seem uncertain at first glance, think more about it, if you do, will there be any bad consequences? For example, data center fire extinguishing, halon substitutes and pre-action seem to be fine, but if the title tells you that someone is on duty, it is not appropriate to use halon.

If you can do all the above, you will basically pass the exam.

4. What is the difference between the new syllabus

5. Exam experience

What to bring in the exam , Pay attention to what there is actually nothing to say, you can find it online. Here we mainly share the examination process.

I arrived half an hour earlier, and the test started immediately after completing the formalities in more than ten minutes. At the beginning of the exam, of course, I was very nervous. The questions in Chinese and English had to be confirmed word by word several times. Even if the correct answer was chosen at once, it was necessary to confirm it repeatedly. After reaching 100 questions, the attention was somewhat reduced. After doing 150 questions in about 170 minutes, I encountered two questions. Another question and the answer were completely incompatible. I watched it for several minutes and wondered if I didn’t understand the meaning of the question. Later, I raised my hand to find the invigilator. The teacher said that I could only write down the question number and write an email to the official feedback. At this time, because I was too careful with the previous questions, I felt hungry and dizzy, so I applied for a rest, drank some water and ate a few pieces of chocolate. After continuing to return to the exam, I changed my strategy later, because the longer the time, the worse the concentration will be, so the original English questions will not be carefully read for the questions that are certain. Only for comprehensible questions, you will see the options of the original English question. When you do the last 30 questions, you basically relax, because most of the previous questions are more certain. In the end, it took 260 minutes to complete all the questions.

In retrospect, there are still some points worth noting:

  1. It is very important to keep a clear head. Repeatedly confirm, according to your own situation, just follow the steps. Don't think that the test has been completed for 6 hours. After the test mechanism is changed, you can't go back and modify it at all, so just keep moving forward!
  2. Don't be superstitious about the question, there are really wrong questions! At that time, because the options of the question were completely wrong, I was entangled for a long time whether I didn't understand the meaning of the question, so that my mind was not clear. . So you still have to believe in yourself, raise your hand boldly, write down the question number, and you can give feedback later.

If you wish to make you career in network, to jump-start your career. You should try the ExamClub ISC CCSP Dumps that help you successfully.


Leave a comment