[CCCure CISSP] My cissp exam experience

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

[CCCure CISSP] My cissp exam experience

cissp_student_01
My journey of studying cissp started 15 months ago i spend lot of time stuyding. The primary reference guide i used was Shon Harris AIO Guide and did not refer to any other document. I did follow what Clement said in his introductory video about the domains, He ask to focus more on
1) Access Control
2) Security architecture
3) BCP/DRP
4) Telecommunication and networking
5) Information security and risk mgmt
Clement said the other domains are less important than the other. However, i  Finally decided to take up the exam but i scored 649.

my experience

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation
2) All domains are equally important - Here i don't agree with Clement
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea
   non of the books had a sample or atleast relevant details
5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can atleast identify the concept but exam questions it is diffcult to find even the concept
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

Regards
abid

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

pete
<base href="x-msg://97/">Dear Abid, 

Thank you for your benevolent feedback - much appreciated. 

Best, 


Peter 


On Feb 20, 2014, at 10:07 AM, abid James wrote:

My journey of studying cissp started 15 months ago i spend lot of time stuyding. The primary reference guide i used was Shon Harris AIO Guide and did not refer to any other document. I did follow what Clement said in his introductory video about the domains, He ask to focus more on 
1) Access Control 
2) Security architecture
3) BCP/DRP
4) Telecommunication and networking
5) Information security and risk mgmt 
Clement said the other domains are less important than the other. However, i  Finally decided to take up the exam but i scored 649. 

my experience

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation
2) All domains are equally important - Here i don't agree with Clement
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea
   non of the books had a sample or atleast relevant details 
5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can atleast identify the concept but exam questions it is diffcult to find even the concept
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe   

Regards
abid
_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

clementdupuis
Administrator
In reply to this post by cissp_student_01
Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

Marouane
Thank you for sharing your story, and I am sorry to hear that you were almost there.

I couldn't agree more with Clement -

From my experience, I can tell you I spent more time studying BCP/DRP, Information Security Governance and Risk Management, Access Control. These topics are VERY important. Do not forget about cryptography as I also think it is as important. Telecom is also important as well but I did not study it much (that's what I have been doing for a living for a while, so I was good there).

What I would say is that approach the exam as a risk advisor (as I have stated many times in this mailing list), do not try to solve the world hunger in the exam meaning do not try to configure things and be very technical. Do not over think the questions. Yes,you will probably have your head hurts by the end of the exam (it happened to me, and I actually slept for 16 hours after the exam - was very tired preparing in the days/nights before the exam ), it is OK. Just do the best you could, and try to finish it off as early as you could, so you can go back and do a review. I caught MANY questions in my second review round that I missed in my first round (just because I re-read the question at least two times or more). Try to only mark the questions that you are NOT entirely sure about. (so you can go back and review them). If you try to mark too many questions, you may get lost  (especially if you do not have enough time to go over all the possible marked questions).

At the end of the day, there is no secret sauce or a perfect strategy to pass this exam. I think passing the test is based on a mufti-factor of things such as (in order) - based on my own view:

1) Experience - Scenarios that you learned through experience are not often described in paper and soft books.
2) Knowledge - understanding of the fundamentals and how things work together (and not simply remember just definitions), good preparation and hard work ....but you can only know enough.
3) Study, Study, Study ....but you can only study enough.

P.S. I have taken countless many exams before, and I have many other security security certifications in the field. This is certainly one of the exams that I can say it  has its own style, own charm and can really be confusing (e.g., when sometimes all the questions are right, but you have to pick the best or worst possible answer) and a bit cryptic (e.g., too much wording which make you loose the big picture, very little wording which make you think that it can't be that easy to answer).

Best of luck, and keep the discussions going -

Marouane



On Thu, Feb 20, 2014 at 6:37 PM, Clement Dupuis <[hidden email]> wrote:
Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

cissp_student_01
In reply to this post by clementdupuis
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience

Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

clementdupuis
Administrator
Good day Abid,

A while back I have posted a few link to some of the content that may not be covered in enough depth by both Shon Harris and the ISC2 books.

See below

Clement

Good day to all,

A while back I posted some study modules for new topics within the CBK.  You can find them at:

 I have uploaded a couple of modules from my Security+ class which talks
about IPV6 you will find it within my TCPIP module at:
http://www.cccure.org/cbk_jan_2012/tcpip/player.html


Cloud Computing (Nice module based on the NIST standards)
http://www.cccure.org/cbk_jan_2012/cloud/player.html

Virtualization  (Overview of VM's and features)
http://www.cccure.org/cbk_jan_2012/virtualization/player.html


Feel free to share the links above with your friends and peers.   I have
uploaded these modules specially for the members of the list as a thank you.

Best regards
 
Clement

Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 7:46 AM, abid James <[hidden email]> wrote:
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience


Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

nrasool
Clement,
   I hope you are doing well. I was not able to these links.  I am getting a 403 Forbidden link.  Are these the correct links?
 
Nabil

On Fri, Feb 21, 2014 at 7:51 AM, Clement Dupuis <[hidden email]> wrote:
Good day Abid,

A while back I have posted a few link to some of the content that may not be covered in enough depth by both Shon Harris and the ISC2 books.

See below

Clement

Good day to all,

A while back I posted some study modules for new topics within the CBK.  You can find them at:

 I have uploaded a couple of modules from my Security+ class which talks
about IPV6 you will find it within my TCPIP module at:
http://www.cccure.org/cbk_jan_2012/tcpip/player.html


Cloud Computing (Nice module based on the NIST standards)
http://www.cccure.org/cbk_jan_2012/cloud/player.html

Virtualization  (Overview of VM's and features)
http://www.cccure.org/cbk_jan_2012/virtualization/player.html


Feel free to share the links above with your friends and peers.   I have
uploaded these modules specially for the members of the list as a thank you.

Best regards
 
Clement

Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" target="_blank" value="+17035358600">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" target="_blank" value="+14074336444">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 7:46 AM, abid James <[hidden email]> wrote:
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience


Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




--
Nabil Rasool
_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

clementdupuis
Administrator
Good day Nabil,

I have just tried them and they are all working fine.

Is there anyone else who have problem in accessing those links?

Best regards

Clement


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 9:33 AM, Nabil Rasool <[hidden email]> wrote:
Clement,
   I hope you are doing well. I was not able to these links.  I am getting a 403 Forbidden link.  Are these the correct links?
 
Nabil

On Fri, Feb 21, 2014 at 7:51 AM, Clement Dupuis <[hidden email]> wrote:
Good day Abid,

A while back I have posted a few link to some of the content that may not be covered in enough depth by both Shon Harris and the ISC2 books.

See below

Clement

Good day to all,

A while back I posted some study modules for new topics within the CBK.  You can find them at:

 I have uploaded a couple of modules from my Security+ class which talks
about IPV6 you will find it within my TCPIP module at:
http://www.cccure.org/cbk_jan_2012/tcpip/player.html


Cloud Computing (Nice module based on the NIST standards)
http://www.cccure.org/cbk_jan_2012/cloud/player.html

Virtualization  (Overview of VM's and features)
http://www.cccure.org/cbk_jan_2012/virtualization/player.html


Feel free to share the links above with your friends and peers.   I have
uploaded these modules specially for the members of the list as a thank you.

Best regards
 
Clement

Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" value="+17035358600" target="_blank">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" value="+14074336444" target="_blank">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 7:46 AM, abid James <[hidden email]> wrote:
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience


Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




--
Nabil Rasool

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

Marouane
No. For example third link gives me the following. 



There seems to be a problem with the MySQL server, sorry for the inconvenience.

We should be back shortly.

Marouane

On Feb 21, 2014, at 6:07 PM, Clement Dupuis <[hidden email]> wrote:

Good day Nabil,

I have just tried them and they are all working fine.

Is there anyone else who have problem in accessing those links?

Best regards

Clement


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 9:33 AM, Nabil Rasool <[hidden email]> wrote:
Clement,
   I hope you are doing well. I was not able to these links.  I am getting a 403 Forbidden link.  Are these the correct links?
 
Nabil

On Fri, Feb 21, 2014 at 7:51 AM, Clement Dupuis <[hidden email]> wrote:
Good day Abid,

A while back I have posted a few link to some of the content that may not be covered in enough depth by both Shon Harris and the ISC2 books.

See below

Clement

Good day to all,

A while back I posted some study modules for new topics within the CBK.  You can find them at:

 I have uploaded a couple of modules from my Security+ class which talks
about IPV6 you will find it within my TCPIP module at:
http://www.cccure.org/cbk_jan_2012/tcpip/player.html


Cloud Computing (Nice module based on the NIST standards)
http://www.cccure.org/cbk_jan_2012/cloud/player.html

Virtualization  (Overview of VM's and features)
http://www.cccure.org/cbk_jan_2012/virtualization/player.html


Feel free to share the links above with your friends and peers.   I have
uploaded these modules specially for the members of the list as a thank you.

Best regards
 
Clement

Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" value="+17035358600" target="_blank">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" value="+14074336444" target="_blank">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 7:46 AM, abid James <[hidden email]> wrote:
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience


Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




--
Nabil Rasool

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

clementdupuis
Administrator
Hum....

I am puzzle as I am not getting those errors.

Could you try using https://  instead of http://

Clement


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 6:22 PM, Marouane <[hidden email]> wrote:
No. For example third link gives me the following. 



There seems to be a problem with the MySQL server, sorry for the inconvenience.

We should be back shortly.

Marouane

On Feb 21, 2014, at 6:07 PM, Clement Dupuis <[hidden email]> wrote:

Good day Nabil,

I have just tried them and they are all working fine.

Is there anyone else who have problem in accessing those links?

Best regards

Clement


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" value="+17035358600" target="_blank">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" value="+14074336444" target="_blank">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 9:33 AM, Nabil Rasool <[hidden email]> wrote:
Clement,
   I hope you are doing well. I was not able to these links.  I am getting a 403 Forbidden link.  Are these the correct links?
 
Nabil

On Fri, Feb 21, 2014 at 7:51 AM, Clement Dupuis <[hidden email]> wrote:
Good day Abid,

A while back I have posted a few link to some of the content that may not be covered in enough depth by both Shon Harris and the ISC2 books.

See below

Clement

Good day to all,

A while back I posted some study modules for new topics within the CBK.  You can find them at:

 I have uploaded a couple of modules from my Security+ class which talks
about IPV6 you will find it within my TCPIP module at:
http://www.cccure.org/cbk_jan_2012/tcpip/player.html


Cloud Computing (Nice module based on the NIST standards)
http://www.cccure.org/cbk_jan_2012/cloud/player.html

Virtualization  (Overview of VM's and features)
http://www.cccure.org/cbk_jan_2012/virtualization/player.html


Feel free to share the links above with your friends and peers.   I have
uploaded these modules specially for the members of the list as a thank you.

Best regards
 
Clement

Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +<a href="tel:703%20535%208600" value="+17035358600" target="_blank">703 535 8600
Mobile: <a href="tel:%2B1%20407%20433%206444" value="+14074336444" target="_blank">+1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 7:46 AM, abid James <[hidden email]> wrote:
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience


Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




--
Nabil Rasool

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
Clement Dupuis, CD
CCCure Founder and Owner
CLO @ SecureNinja.Com
Reply | Threaded
Open this post in threaded view
|

Re: [CCCure CISSP] My cissp exam experience

Rogelio O'Farril
Clement, to clarify, the PHP Nuke MySQL issue is just with http://www.professionalsecuritytesters.org/.

CCcure and freepracticetests.org are perfectly fine.



On Friday, February 21, 2014 10:56 PM, Clement Dupuis <[hidden email]> wrote:
Hum....

I am puzzle as I am not getting those errors.

Could you try using https://  instead of http://

Clement


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 6:22 PM, Marouane <[hidden email]> wrote:
No. For example third link gives me the following. 



There seems to be a problem with the MySQL server, sorry for the inconvenience.

We should be back shortly.

Marouane

On Feb 21, 2014, at 6:07 PM, Clement Dupuis <[hidden email]> wrote:

Good day Nabil,

I have just tried them and they are all working fine.

Is there anyone else who have problem in accessing those links?

Best regards

Clement


Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 9:33 AM, Nabil Rasool <[hidden email]> wrote:
Clement,
   I hope you are doing well. I was not able to these links.  I am getting a 403 Forbidden link.  Are these the correct links?
 
Nabil

On Fri, Feb 21, 2014 at 7:51 AM, Clement Dupuis <[hidden email]> wrote:
Good day Abid,

A while back I have posted a few link to some of the content that may not be covered in enough depth by both Shon Harris and the ISC2 books.

See below

Clement

Good day to all,

A while back I posted some study modules for new topics within the CBK.  You can find them at:

 I have uploaded a couple of modules from my Security+ class which talks
about IPV6 you will find it within my TCPIP module at:
http://www.cccure.org/cbk_jan_2012/tcpip/player.html


Cloud Computing (Nice module based on the NIST standards)
http://www.cccure.org/cbk_jan_2012/cloud/player.html

Virtualization  (Overview of VM's and features)
http://www.cccure.org/cbk_jan_2012/virtualization/player.html


Feel free to share the links above with your friends and peers.   I have
uploaded these modules specially for the members of the list as a thank you.

Best regards
 
Clement

Clement Dupuis, CD

Chief Learning Officer (CLO) and Security Evangelist
GCFW, GCIA, Security+ 301, CEH V7, CCSA, CCSE,  + 12 others

SecureNinja
Office : +703 535 8600
Mobile: +1 407 433 6444

Email: [hidden email]

Web: www.secureninja.com

Connect with me on LinkedIn | Follow me on Twitter


Description: Secure Ninja @ LinkedinDescription: See Us @ YoutubeDescription: Like us on FacebookDescription: Fallow us Twitter

901 N. Pitt Street, Suite 105
Alexandria, VA  22314

Description: Description: sn_logo

In Cyberspace:

[hidden email]
Clement Dupuis, CD
President/Founder/Chief Security Evangelist
The CCCure Family of Portals
----------------------------------------------------------------------------------------------
Maintainer of :

The CCCure Quiz Engine
https://www.freepracticetests.org/quiz/index.php?page=home

The CCCure Family of Portals
http://www.cccure.org

The Professional Security Testers Warehouse
http://www.professionalsecuritytesters.org/

Knowledge sharing and giving back to the community

-------------------------------------------------------------------------------------------------------
>>  Call me to get the best CISSP, Security+, or other Security related training  <<
-------------------------------------------------------------------------------------------------------


On Fri, Feb 21, 2014 at 7:46 AM, abid James <[hidden email]> wrote:
Clement, You are a very knowledgeable  teacher.

Please do not misunderstand me . When i said that all domains are important because after seeing the result the first impression was that domain legal, compliance  was hit badly i was frustruated. It's my opinion that all domains are important.

I agree with there has to be no word to word questions quiz. but what i was looking something similar examples if we read cloud computing  for example it is just 2 or 3 pages but in the exam the questions they are asking something which i had not seen in any of the books

I read NDA i am very much aware we should not share any of the questions. However, i am just saying like many of the teachers like shon Harris says that  you might get a question on DES what is the name of the algorithm used : Lucifer

No doubt your cccure website is the best i have seen the feedback even today people say

Please help direct me clement i am very disappointed i had spend day and night hours togather.

What domain to focus on.

regards
Abid .




From: [hidden email]
Date: Thu, 20 Feb 2014 18:37:24 -0500
To: [hidden email]
Subject: Re: [CCCure CISSP] My cissp exam experience


Good day Abid,

Thanks for sharing your experience and lots of details with the mailing list.  

It is great that you do not agree with me,  if everyone would always agree then it would be a boring world with no need for discussions.

However, I can tell you that even thou you disagree what you are saying below is exactly what I have been saying as well.  Your view is simply different than my view.   I have been at this stuff for the past 14 years, I have trained and helped thousands of people, and I have seen more than one exam results, this is the view I am presenting in my presentation.

1) Just relying on Shon Harris you will not be able to pass the exam. The books has its own limitation

Agreed 100%, I clearly mention at the beginning of my presentation there is no single resources that will allow you to pass the exam.  It has to be a mix of experience, study, quizzing, and lots of dedication.  The effort required will vary according to your overall professional experience.
 
2) All domains are equally important - Here i don't agree with Clement

This is where I must humbly disagree with you completely.  See below my explanation.
 
3) The questions were so confusing that i was thinking that did i book the right exam. During the exam after 45 minutes i found a question which i had read in the book

None of the book or practice exams will have the same questions word for word.  This is called theft and this is what TestKing, Pass4sure, and other website offer.  We are not into selling exam questions.  We cover key topics that you will most likely run into on the exam.
 
4) There were question related to Bella-Lapadula which i had not seen any of the books the question they had given contains 2 tables of clearance and file permissions which i had no idea. None of the books had a sample or atleast relevant details

Hum... that is bizarre.  Was it simply a new drag and drop or really something completely new?    Please be careful not to discuss any specific of the real exam, that would break you NDA.  However, you can discuss topics on the CBK.

5) The Shon Harris practice exams for which i spend lot of money  were not related to exams in her book we can at least identify the concept but exam questions it is diffcult to find even the concept

I always say that READING is a mandatory skill for this exam.    I totally agree with you on this one, the question complexity is fairly high and there is a bit of trivia that I really do not like.
 
6) I was thinking that i would not even 100 points but i manage to score 649 may be the wild guess has given me the marks

But the reality is that ISC2 gave true feedback my weakest domains were


THIS IS WHERE I TOTALLY DISAGREE WITH YOU


The ISC2 feedback is nothing but TRUE, it is a joke at best and totally misleading for people like you who does not understand what it really means.

All ISC2 is giving you is a list of domains from the worst to the best which is totally insignificant if you don't know the percentage of questions or number of questions within each of the domains.    You can study the three domains you listed below as domains you did not pass enough time on, however I do believe your approach would be totally flawed.   It is not any of the first three domains below that made you failed this exam and they will not make you pass in the future as well.   

It is Access Control and BCP/DRP that made you failed this exam.   They are two of my top five domains.  They are the one that really affected your results not the other domains.   As I have said on my presentation,  anyone who does badly on two of the top five domains are most likely going to fail their exam.    Being the maintainer of CCCure I had the opportunity to review exam from dozens of people who have failed their exam,  every single person who failed in the past did badly on two or more of the top five domains.  It is a patter repeating itself over and over again over the past many years.

Let me give you a concrete example of this.   Let's take you third domain below which is Physical Security.  Physical Security is about a VERY VERY small percentage of the exam.  It is insignificant.   Most likely you had anywhere between 8 to 12 questions about physical security.   Even missing only a few out of 12 would make this one of your worst domain but in the big scheme of things it is insignificant.

1) legal , compliance- i did not spend as much time i did for other domains
2) Operation security-i did not spend as much time i did for other domains
3) Physical security---------i did not spend as much time i did for other domains
4) Access control
5) Bcp and drp
6) information security and riks managemen
7) crytography
8) Security architecture
9) software development
10) telecommunication

I don't know what to do now. Please guide me what resource i have to refer. Which teacher to believe  

The only entity you must believe in is yourself.   It is up to you to spend all your time on the top three domains above or not.   I have nothing to gain and nothing to sell.  I am just sharing more than a decade of experience with you and it is up to you to take it or ignore it.

I have a proven track record with the highest passing rate of any instructors at our school, there must be something I am doing right somewhere or it is just pure luck and i have students who are smarter.       

I wish you all of the best but I would sincerely recommend you consider reviewing your strategy and walk away from this false impression that you got the TRUE FEEDBACK from ISC2 based on feedback that is incomplete and misleading.  If ISC2 wanted to really help you they would do the same as any other certification body,  they would tell you the exact percentage per domain and they would also tell you what sub topics you did the worst.  Then it would really help you and it would mean something.    This type of feedback is available and can be produced from the VUE testing engine, it is not  being used by ISC2.

Best regards and once again thanks a lot for your feedback.

Clement



_______________________________________________ You can find the list archive at: http://cissp-study.3965.n7.nabble.com/ CISSPstudy mailing list [hidden email] To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below: http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org




--
Nabil Rasool

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org


_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org

_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



_______________________________________________
You can find the list archive at:
http://cissp-study.3965.n7.nabble.com/

CISSPstudy mailing list
[hidden email]

To UNSUBSCRIBE, SUBSCRIBE, or MANAGE your accout visit the link below:
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org