Kenneth F. Belva

CISSP-squared: Passing the Exam a Decade Later

Exam day comes and I wake up at 6:30 in the morning head to downtown NYC to make sure that I’m at the testing center at 7:30, a half an hour before the exam starts. I brought all natural organic energy bars for my break as well as my passport and license for identification. The testing company made every exam taker put all their belongings in a locker. The only things to be brought into the testing room were my passport for identification and the locker key. The exam controls at the testing center were excellent. I can’t give away details but they included photo verification, biometrics, physical controls and separation of duty staffing controls. It seemed to me that these heightened controls were due to recent scandals such as the 2012 SAT cheating debacle but I could be wrong and it’s purely a conjecture. In true security fashion I did find two control weakness during the exam but that’s a totally different essay (and one which I probably shouldn’t and won’t write).

Similar to 2003 I took the exam twice and at the three hour mark took a break to use the facilities and grab a snack. During this break I began to do some calculating about the exam questions and the probability that I might pass. The more I thought about it the more I felt I had a good chance as there were only a few that I truly did not know the answer and there were only a few more that I was “on the fence” regarding the correct answer. It took another 2 hours to check my answers. Despite warnings by professional exam prep professionals not to change answers, I made a few changes the second time around. My criteria was that I needed to have a very clear and justifiable reason for an answer switch as well as clear justifications why my current answer was most likely not correct. There were a few I considered changing but decided to leave them. At about 5 hours I finished the 250 questions, said a quick prayer and clicked finished on the exam button. My slight nervousness led directly to elation when the exam administrator at the front desk handed me a printout that said, “Congratulations.” I passed. Twice. About a decade apart. It was a great feeling. Even better than passing the exam was celebrating that night, talking security and having a few drinks with my infosec colleagues. So, now it’s back to being Ken Belva, CISSP. As I regain the footing that once slipped, I realize this is what it’s like to be a phoenix rising from the ashes.


  1. Larry Timmins May 12, 2016 at 10:38 am | Permalink

    Hi Ken,
    I realize this is an old article, but I like how you positioned the CISSP certificate in the job market and how even well documented experience will not get your resume, etc. past job requirements that are often digitally verified by scrapping a online / submitted resume and going through a key word search.

    QUESTION. To your point, did you maintain your CISSP with adequate CPE this time? A useful article would be to show how you gathered enough CPE credits to maintain your 2nd CISSP past December 2015.

    All the best,

  2. Kenneth F. Belva Jan 29, 2018 at 8:07 am | Permalink

    Hi Larry,

    One way to maintain CPEs is to volunteer as a leader in cyber security organizations such as ISC2, OWASP, ISSA, etc. The time spent volunteering may be used towards CPEs.

    There is currently a protected page on ISC2 that addresses this under the Member Section:

    Hope that helps.


Post a Comment

Your email is never published nor shared. Required fields are marked *