The CISSP exam is not an easy exam. First of all, to become officially certified, you need 5 years of working experience. Then, the domains the exam covers is very broad, so you need to have a deep understanding of all of the domains. The mindset required is of that of an information security manager. The questions the exam asks may have more than one answer that is correct, and you need to be able to distinguish the best answer. The exam is adaptive, meaning it seeks to find your weaknesses. If you get one answer wrong, you could very well get another question that is similar. My journey took 6 years if I’m honest, the first 5 were spent very casually studying. I spent a full year buckling down hard on studying to prepare, and I passed it in my first attempt. It got to the point where I wasn’t feeling I could be any more ready to take the exam (I still felt like I wasn’t ready enough). Here’s my study method.
1. I got in a study group. I liked FRsecure’s group, but I know there are others popping up. The pace was a bit quick for me, but that’s okay. The Youtube videos of the stream were available for me so I could catch up or review later.
2. Books. I used the Syngress CISSP Study Guide that was recommended by FRsecure. I also got the 11th Hour book, but I highly recommend the audiobook version. Put it on in the car and study while driving around. Lastly, I used the Think Like a Manager book to help get the mindset correct for the exam.
3. Video content. I really liked ThorTeaches class. Print off his notes and scribble thoughts in the margins. Use the notes to cram for the exam a few days before and touch on subjects you need to brush up on.
4. Practice questions. I used Thor’s question and also Boson NetSim. You can get them bundled with Thor’s class.
This is kind of how I prepare for a lot of certification exams. I’d throw labs in as well if it’s a technical exam.
The CISSP is no joke. Inches deep and a mile wide. You have to know a lot about a lot of dry topics. Don’t let that deter you. Stick with a plan and execute. Good luck getting CISSP certified!
References: