CISSP’s New Adaptive Format: Why It Should NOT Change Your Studying Plan

February 19, 2018 at 7:58 am | Posted in (ISC)2, Study hints, study tips, Technical Tips | Leave a comment
Tags: (ISC)², adaptive testing, CAT, CISSP, long boring explanations

By now, many of you have heard about the move to Computerized Adaptive Testing (CAT) for (ISC)²’s Certified Information Systems Security Professional exam — or as we call it, the CAT CISSP. (If you haven’t, we suggest that you read this article from our sister company, CyberVista: December 18th, 2017: Happy CAT Day.)

Now, adaptive testing is nothing new. At various periods, almost every test vendor I know of has tried this method as a means to protect their valuable intellectual material. There are basically two different ways to make a test adaptive: choose-your-own-adventure, and sink-or-swim. In the first kind, the content runs along a choice decision tree where your answer to an initial question determines which subset of related questions you’ll see (an example was Cisco’s old TSHOOT exam). Alternatively, the content can scale up or down based on how well you answer “easy” or “hard” questions—in other words, your test will get shorter or longer based on how well (or poorly) you’re scoring.

How to sit for the adaptive CISSP exam

But we aren’t writing this article to talk about adaptive testing. We’re writing this article to ensure that you understand what the CISSP exam entails and how you should study for it. Our advice applies whether you plan to take it in the next couple of months or wait for the new edition that’s being released in April 2018.

First of all, let me clear up a few misconceptions you may have.

1. The domains covered in the exam have not changed. (They also are not changing in the new edition.)
2. The topics covered in the exam have not changed. (They will be changing later this year, but that will be the subject of another blog post in April, so be sure to subscribe to our blog for updates.)
3. The format of the questions has not changed – you still may see multiple choice, drag-and-drop, and hotspot questions.
4. The domain weighting has not changed. You’ll see the same percentage of questions per topic as before. (They will be changing later this year, which of course, will be covered in my April blog post.)
5. Finally, the passing standard has not changed.

Now, let me give you the vital statistics.

1. The number of items in the exam HAS changed. The non-CAT version had 250 questions. With the CAT version, everyone will see between 100 and 150 items. That’s right — the exam is SMALLER.
2. The maximum time for the exam is now 3 hours instead of 6 hours, including whatever breaks you need (not including medical exemptions.) That’s right — the exam is SHORTER.
3. Of those 100-150 items, 25 will be non-scored beta questions.

It won’t be possible to tell which items are scored and which ones aren’t, so you should do your best to answer every question. Also, (ISC)² is adamant that due to the design of the test, test-takers at all levels of mastery will subjectively experience the test as “difficult.” In fact, they state that the adaptive nature means that “both high and low ability candidates will think the items at the end of the exam are challenging.”

But there are two very important points you should remember going into the exam: if you don’t answer at least 75 questions you will fail by default, and once you’ve answered a question, you can’t go back to change your answer.

Because the CISSP CAT exam is a variable-length computerized adaptive examination and the difficulty of items presented to a candidate is based on previous responses, item review is not permitted. Once a candidate finalizes an answer, it may not be reviewed or changed. (from (ISC)²’s FAQ)

Have you ever guessed at the answer to a question on a test, found a later question that gave you the exact information you needed to answer the first question, and then run back to correct your earlier answer? This is a common weakness in a standard “linear” test design, and it’s a loophole that the CAT eliminates completely.

But – and I am putting this in bold font, because I feel it’s the most important takeaway – you should NOT burn time fretting over a particular question just because you can’t change your answer later. If you do not answer at least 75 questions in those 3 hours, you will automatically fail the exam with the Run-out-of-time (R.O.O.T.) Rule. That means you should  keep and eye on the clock and keep moving forward.

How to preapare for an adaptive CISSP exam

So with that said, what does studying for the adaptive CAT exam really mean for you? Basically, your studying is even more important than before, because you can’t rely on standard test-taker tricks to bluff your way through material you aren’t certain about.

The actual pool of questions is the same as for the original exam. With CAT exams, you receive a medium or hard question on the topic first. Based on your answer, you will continue to receive questions on that same topic (easier if you missed the first question; harder if previous answer was correct) until the algorithm determines that you know (or don’t know) the topic. So that means you will not see as many questions in each domain as with the old format.

We do not feel that you should focus on the method of delivery of the questions because there is no way to know which topics you’ll see. For example, if I miss a cryptography question, then I may see more questions about a particular cryptography topic until the engine decides I do (or don’t) know the topic, while someone who answers it correctly may not see any more questions on that topic — although we will both receive the same proportion of questions from each domain, based on the domain weighting that is published by the vendor. So it is next to impossible to predict TOPIC-WISE what you are going to see.

With that said, remember that our practice test is a study tool. We provide very robust explanations that go well beyond the original surface of the question. Very often, our explanations provide examples whereby the INCORRECT answers would be correct in another scenario. Because of this feature, our explanations are the MOST important part of our tool.

To pass the CISSP exam (or any other test), we have always told students to read all our explanations thoroughly. Here is a blog post that goes into more detail: https://transcender.wordpress.com/2011/05/31/the-anatomy-of-a-good-item-or-why-the-heck-should-i-read-those-long-boring-explanations/

(I find it kind of funny that a blog post from 2011 is still just as relevant today!)

So that is my big study suggestion: read those explanations and try to absorb any extra details we provide there, then follow the reference to make sure you thoroughly understand the concept. We write those explanations to help you learn. Don’t just read our questions and expect to pass the exam! You REALLY need to LEARN the material — and that means ALL of it!

Happy CATting,

-Robin Abernathy