Ik heb vorige week mijn CISSP examen gehaald

jeej!. Endorsment is al binnen, nu nog wachten op het ellenlange acceptatieproces bij (ISC)2. Ze gaven aan dat het tot 8 weken kon duren vanwege de drukte...
Anyway, voor iedereen die dezelfde uitdaging in gedachte heeft; ik heb op de reddit/r/cissp even kort mijn ervaringen uiteengezet. Schaamteloos hieronder gekopieerd, dus in het Engels, maar als mensen vragen/info/hulp nodig hebben, schroom niet een PM te sturen:
Ok, so I passed the CISSP Exam today and it wasn't as hard as everyone here makes believe in my opinion.
First, my history. I'm a Master of Science in Biology (so yes, non-IT related) and have 3,5 years of experience as a Information Risk Manager at a large financial institution in the Netherlands. I passed my CISA exam last year and have worked at an Apple Store during my studies where I certified as an Apple Certified Support Professional. So I have a bit of technical knowledge but not a lot.
Second, the exam. It took me 75 minutes to get to the 100 questions after which I was done. I did not notice getting more or less questions about specific domains, but not one question I got was similar to the practice exams (eather Wiley, CCC or Boson). Sometimes you really need to pick a BEST option, because more answers are correct. In that case, think about security, not practicality.
I notice that I have a different opinion about the exam than most people here. It's not hard, but really tests your limits. It's to bad that you don't get your percentage if you passed though, because I have absolutely no idea how I did... (71% or +90%)...
I did notice that around the 70 questions, the questions got really technical and difficult, like, crazy difficult about specific parts of protocols in more detail than even Boson. At that point I knew I was doing well, which was nice. The final questions were pretty easy and by the time I got to 100, the loading began and took about 20 seconds before kicking me out. I was so happy when I got the congratulations letter... phew.
Compared to CISA, CISSP is a lot harder. You need to know a lot more technical stuff.. CISA is probably only 25% of knowledge of what you need for CISSP and way more about the audit process (duh) than technical knowledge.
I used a lot of materials from here to study, but was lucky that my employee payed for a classroom course.
If you live in the Netherlands and have an employee that wants to assist, takethis classroom course from FOX-IT. It's 10 days, spread over 10 weeks and is superb. You get different teachers with real practical knowledge and it's focused on understanding the materials, not just knowing them, which is key. 11/10
After the course my studying was pretty straightforward.. I used practice questions and exams as a basis and worked from there. Just try to answer questions and if they are wrong, try to understand why. I used the following resources:
CCCure (7/10): mostly knowledge material
Sybex (8/10): more focused on management answers and understanding
Boson (9/10): the best resource and most closely related to exam (but not really comparable)
When I knew I had to develop in specific areas (for me Domain 3/4/5), I used the following resources
Kelly Handersan Cybrary Course. (10/10) This one is gold. I used it to look up specific subjects (like Kerberos or Radius)
Elevent Hour. Great repository and summary (8/10)
Youtube. Just look up specific things like ARP vs. RARP and stuff like that (9/10)
I never read the Sybex book or CBK (I'm not the reading-everything-type), but basically just practiced questions.. a lot. Not only helps it to understand the wrong answers (which is also learning!) but it also helps you to concentrate for a long time staring at a screen!
Finally, the best tip I can give is that knowing the stuff is not enough, you really need to understand it.
Good luck everyone!