Dec 6, 2019, 11:09 PM

Confession.

I'm stressing the fuck out about this CISSP exam.

I've got a 1000 page book filled with test questions and material, done about 40 hours of online videos, and the test requires you hit a 70% or better in 100 to 150 questions. From 8 months ago to now I've watched my pre-test scores go from the 60s to the 80s. Haven't hit 90 yet but OMG WHO THE FUCK CAN REMEMBER THE DIFFERENCE BETWEEN NIST800-64, ISO12007, and ISO12207 and THAT AES128 uses 10 rounds of encryption and AES256 uses 14. I imagine most people in the IT world have about 30-45% of those "number and acronym salad" terms memorized and use other resources for the stuff they forget. (Which one was 10 again? Oh yeah, 128.)

Danger zone? Every. Reddit. Thread. Says stuff like "oh the test is nothing like the pre-tests on any sites and this resource (one I didn't buy) is the best."

Probably going to cram hard on this for the next week or so, continue test runs, flash cards, etc. The test is not as crazy as some others, but what it does is that it will seek to run you through 100 questions in 3 hours with the following caveats:

  1. If it detects with 95% accuracy that there's no way you can pass 70%, it will stop you early. YOU SUCK. GO HOME LOSER
  2. Minimum 100 questions, all weighted with secret weights. 25 of the questions aren't scored and are designed to collect aptitude information. So the acronym salad stuff may or may not be weighted more by questionably (or more immediately) critical concepts like evidence gathering, core integrity concepts, and infosec logical thought questions.
  3. If you hit question 101 (it hasn't stopped you because it detects you may still not hit 70%) you have until question 150 to get to 70%

However, if I pass I have the highest sought infosec certification in the current IT world and become a member of ISC(2). So...that would be sweet, right?

Anyway. Sigh. No pressure. The time is coming.