Well, I have not written anything in a while. Been concentrating on passing the CISSP exam. Well this morning I received the email that I passed!! What a relief. Some folks have told me that the CISSP exam was easy, some told be that when they were done they felt good about what they did. Some said that they were able to complete the exam in three hours and some have told me that they did it using a two pass method. I did not experience any of these as for me it was a hard exam and used all bit maybe five minutes of the time that was allowed. In the event that someone else that in interested in obtaining a CISSP stumbles across this post, this is what I did and my experiences.

1. Attended the SANS MGT414 course taught by Eric Conrad. Eric is very knowledgeable and the same high quality type of instructor as you would expect from SANS.
2. I went through the SANS MGT414 OnDemand class. This is self paced and an excellent value for the money, especially when bundled with a class. IMO, attending a live class is the best experience, but by doing the OnDemand class, I was able to learn at my pace and thus comprehend much more. The class is done by the author of the MGT414 material, Dr. Eric Cole who is of course an awesome instructor. I really like the assessment questions at the end of each section. You can take it with a passing grade three times and as the questions are randomized, each assessment is different. On sections that i was not confident in, I purposely failed it many times just to be able to take the assessment over and over.
3. I also did a lot of questions from cccure.org. I did all 1000 that I was allowed to for free, 25 at a time. I took each quiz at the "Pro" difficulty level. I never felt that I scored as well as I should have, but it did give me a better understanding of the material and helped hammer home key points.
4. When you sign up for the GIAC GISP exam, you also get access to a complete recording of a previous class in the way of MP3's. Again, these are a class done by the author of the MGT414 material, Dr. Eric Cole who is of course an awesome instructor. I put the MP3's on my phone and then when ever I was out walking or even at night when I was not able to sleep, I would fire up an MP3 and I do not think that there a was a single time when I listened to the MP3s and did not learn something that I had previously missed. The class just covers too much information.
5. I purchased Eric Conrad's book CISSP Study Guide. I wish I could tell you that I read the whole thing, but I cannot. I mainly used it for reference when I can across something in the SANS MGT414 course material or off the cccure.org site that did not make sense to me.
6. On the Wednesday before the ISC2 exam, I took and passed the GIAC GISP exam. This exam was open book, 250 questions with a five hour limit. Even thou I took nearly the whole five hours to take the exam, I did well and at the time thought, how many ways can they ask about any of the particular subjects in each of the domains. Well in hind sight, I did not realized how wrong I was as the way that GIAC asks questions and the way that ISC2 ask questions, are not even close. GIAC will ask you what something is in a nice one liner, ISC2 will ask what something might be in a paragraph. On the ISC2 question, you will spend a fair amount of time eliminating the distractors and then trying to relate whats left with one of the answers. In the MP3 recordings, Dr Cole suggested that you take the ISC2 exam first and then the GISP exam. I asked some other students that had gone through the process and they said that they thought it helped to take the GISP first. Now that its over, I could be convinced ether way. It is nice to have the extra questions leading up to the ISC2 exam, but the type of questions that you get from the GIAC exam did not help me prepare for the ISC2 questions. But after taking the ISC2 exam, I do not know if I would have had the energy to take the GIAC exam and am fairly sure that I would not have done as well. Also, worth noting is that with the GIAC exam, you also get two free practice exams, so 500 additional questions to practice with in addition to the 250 on the GIAC exam itself.
7. So after the GIAC GISP exam, I spent the remainder of my time doing quizzes off the cccure.org site. On Friday night before the exam, I stayed at the hotel that was hosting the ISC2 exam. This was well worth the expense as I was able to get there and chill out before having to go through six hours of torcher. I also recommend taking a couple of five hour energy shots. They will help you stay alert and not make you have to visit the restroom. I am not the type of person that needs any breaks for a six our stretch and so I did not worry about snacks or anything like that, the soft drink that I did bring, I did not even open.
8. Taking the exam was not a bad experience, you get the exam booklet and scan tron all in sealed plastic. The proctor reads his instructions and you just do what he says. When I first started, I felt overwhelmed with the types of questions that I had. I was expecting some analytical questions, but not 250 of them. Once I got to question 50 or so, I was able to just accept it for what it was and settle down. As I read each question I would underline anything that I though was important to the question and try to focus on just those things when choosing an answer. Generally I was able to eliminate two of the four answers right off the bat and then somehow reason what I thought was the best answer of the two that remained. Usually the question did not seem to be asking something that I did not know about, I just was not confident that I knew what they were asking or how the answers related to what they were asking. I got to question 250 when the proctor announce that there was one hour left. At that point, as my goal was to do a second pass to verify my answers, I started all over again. at the five hour and fifty five minute mark, I was about a third of the way through the second pass. I had changed some answers, but was exhausted and unsure if I was doing myself any good or making things worst. I decided that basically I was not going to save myself in that last five minutes and handed it in.
9. After the exam I felt done. Luckily I had the foresight to put a few cool beverages in the car on ice. I felt like I was way under prepared for the exam, felt like none of the practice questions that I had done helped. I felt like all of the preparation of the MGT414 class was for nothing, I just felt like everything I did missed the mark and I had failed. Both Eric Conrad and Eric Cole said that that was normal and they were both right. They were also right about giving me the knowledge that I needed to pass the exam :)