The CISSP CAT Exam Experience

I wrote a blog post in the month of December where I detailed about the new CISSP CAT format being launched by the (ISC)2. The post gave details about the new exam – what would it be all about, what does the new exam mean for you and important points to consider. Well, since I had passed the exam way back in July, there was no way, I would decide to sit for this difficult exam again. Luckily, few of my friends gave the CISSP CAT exam and passed it, so I spoke to them to understand their experience with this new exam format and decided to write about it. So here it goes…

The Study Material

The first question that comes to everyone’s mind is – Do I need to look for a new study material since the exam format has changed. The answer is NO. The CISSP study material remains the same. My friends referred to the following material, but this is not an exhaustive list in any way. My recommendation would be to stick to one particular book and get to know every word and line of it. It is extremely important to understand the concepts rather than focus on gathering 50 different books or videos and getting confused in the end.

Choose whatever suits you best in terms of understanding, writing style.

The Preparation

The new format does not bring any changes to the preparation for this exam from a course material or study perspective. You would have to read, understand and revisit every concept of information security. Yes, the new format may affect some candidates mentally. Study well and take time and learn at your own pace. One of my friends took around six months to prepare for this exam, while the other one just gave it a shot within 5 weeks. So take your time as everyone is different.

Revise every concept again and again. We generally tend to focus on concepts which we are comfortable with. Remember, CISSP has 8 domains and you cannot be an expert in all of them. So make the strong concepts stronger and the weaker ones as strongest. Another piece of advice during preparation is to practice as many questions as you can. Well, you will never be able to get the same difficulty level quotient as the real exam, however, the practice tests, as well as the mock exam, will help give direction to your grey cells to understand as to how could a concept be questioned.

The Exam Time

The formalities remain the same as the previous exam format. You can refer the details in the blog post “Quick tips for the CISSP exam”. Let’s focus on the exam experience. All of the people to whom I spoke to assured me that the exam is a difficult one. The difficulty level has not been compromised with. When you sit in front of the computer screen, you are presented with an NDA which you need to sign within the next 5 minutes. Failure to sign the NDA will result in the cancellation of the exam. Noticeably, there are a few changes – the timer for the exam now shows 180 minutes instead of 360 minutes. Some of you may really feel disappointed that the “Review” & “Review & Flag” options have died in this shift which has occurred.
There is no option to go back and hence you would need a strategy change. Most of them followed a simple strategy – Focus on getting the answers right early in the exam. This is because your estimated ability is shaped significantly by early questions. If you perform poorly on initial questions, your estimated ability will drop below the passing threshold. When that happens, it will be difficult for you to raise your estimated ability above a passing level.

So even if you spend an extra minute early in the exam and get your answer right, you would be able to gain an extra edge early in the exam and it would be worth the time spent. There are 180 minutes and say 100 questions, so you need around 1.8 minutes for each question. So plan accordingly.

You may find it strange, but all my friends ended with a different number of questions in the exam. You will be presented with a maximum of 150 questions and a minimum of 100 questions. Some of them received 112 questions while another one’s ended with a century. Irrespective of the number of questions you receive, there will be 25 questions which will not be graded. You will find all types of questions in the exam – drag and drop type, multiple choice, scenario-based, so be ready for all.
As per Infosec Institute, to receive a pass/fail result, the candidate must answer a minimum of 75 scored questions and a maximum of 125 scored questions. You will get a score the moment you finish the exam.

I’m tired and I need a break, Oh yes! you can. You will be able to take a break whenever you want during the exam, however, the timer will continue its run. 
Well, if it’s your first time for the exam and you are stressed out, you may like to read “How to pass the CISSP exam in first attempt”.

Final thoughts.
  1. Never lose hope. Everyone finds the exam difficult. You may find it too. But that does not mean, you will lose hope and falter wondering whether you would be able to clear it or not.
  2. Read the questions as well as the choices very carefully. Either the question is extremely difficult or the choices are.
  3. Calm yourself by taking a break if you feel things are out of hand. Take a deep breath and go back.
  4. No one is sure about the result. I have spoken to so many of the test takers. Not even a single one claimed that he was 100% sure that he/she would pass the exam. So fight it out, give it your best and leave it to luck too.
  5. Even though you may find the choices to be inappropriate to the question asked, pick the best choice. 
Finally, all the best for the future exam takers. Hope this post helped. If you have given the exam recently, do post your comments to make this post an experience repository in itself.

If you really like the post, do share it as sharing is caring :)


  1. Hi, Can you please suggest best CISSP question bank... Again I am not expecting exam dump... But realistic practice questions answers


  2. Hi Vinay, honestly speaking, there is no mock or practice exam available in the market which has the same difficulty quotient as the real exam.

    Still, I would suggest trying Sybex Practice Questions. They will surely help you.Practice as many as you can.

  3. Wow, thank you for this article.It is Very useful and increase my knowledge about certification it help me to Learn More About exam dumps candidates Like me Can prepare Easily with the Help of your Article.


  4. Wow, thank you for this article.It is Very useful and increase my knowledge about This certification help me to Learn More About exam dumps candidates Like me Can prepare Easily with the Help of your Article.

  5. Thank you for your kind words David.

  6. You can ask more questions about CISSP Cat exam from students and experts teachers at Q&A. This is the best platform for students to collect more information.

  7. Thanks, for sharing this post with us.


Post a Comment

You may also like to read...

Identification, Authentication, Authorization, and Accountability

Access Control Models - DAC, MAC, RBAC , Rule Based & ABAC

How to Pass SSCP Exam in the First Attempt

Understanding Security Modes - Dedicated , System high, Compartmented , Multilevel

Cloud Computing - The Logical Model