Carlin Withers | Blog Post

Writing My CISSP Exam

02/12/2024

A Valuable Certification

I learned the value of the CISSP certification when I was interviewing for a new project with Wipro. I was asked for it, I didn't have it, and the first thing I did after the interview was the research it. The CISSP teaches a wide variety of general IT security skills, and is highly regarded as the certification to have if you want to work in IT security. In the case of the project I was interviewing for, they were interested in the ability to thoroughly test an application for security vulnerabilities, which was something I did not understand well at the time.

A Notoriously Difficult Exam

The CISSP exam is notorious for being more difficult than most certification exams. It's format is cutting edge, often involving experimental new designs in questions themselves. ISC2 prides themselves in evolving the exam with the latest innovations in questions. It also tests knowledge from eight domains, making for a very wide scope of questions and concepts that must be learned and understood to answer the questions.

My Study Process

I was recommended to read through the official study guide cover to cover. You can find a copy of this book here: https://www.wiley.com/en-ca/%28ISC%292+CISSP+Certified+Information+Systems+Security+Professional+Official+Study+Guide%2C+9th+Edition-p-9781119786245. I did read through it cover to cover, and found it did teach me a lot.

The second thing I did was to work through practise questions. I find this helps with all certification exams, however with the CISSP I had a hard time finding good questions online. Luckily there is a book available for that as well: https://www.wiley.com/en-ca/%28ISC%292+CISSP+Certified+Information+Systems+Security+Professional+Official+Practice+Tests%2C+3rd+Edition-p-9781119787648. I've been through these practise questions many times, and it's helped me a lot to build the confidence I needed to write the exam.

Registering For The Exam

Registering for the exam was not much different from other certifications I've taken, the price is larger than I'm used to, however. If you pay attention to what ISC2 is doing, you can see why this exam comes at a premium. It's value is higher, but so also is the amount of work that the organisation is putting into the exam. It really is cutting edge. I am required to take a palm vein scan before writing it, something I've never done before.

Writing The Exam

Writing the exam went well, I passed! The exam was 125 questions long for me, I know sometimes it can run as long as 175 questions. The palm vein scanning wasn't quite as high tech as my imagination led me to believe, I swear they must have scanned my palms a dozen times when I was checking in. The next phase after passing the exam is to verify job experience, which shouldn't be very hard for me to do.