CISSP Exam Study Strategy Guide

Welcome to my CISSP (Chief Information System Security Professional) exam strategy preparation guide and congratulations on your decision to pursue the CISSP certification. Preparing for the exam is not an easy task (John C. Maxwell says, "Everything worthwhile is uphill") and takes personal sacrifice to put yourself in the best position to pass on exam day.

I was first certified as a CISSP back in 2006 and held the certification for six years before allowing it to lapse, which I regret even to this day. Last year I chose to pursue the certification once again and attended a one-week boot camp thinking I could use my years of experience along with a boot camp to pass, and a week after the course, I failed. Needless to say, I was disappointed, but it made me realize that I have to dedicate myself to the learning process to give myself a fighting chance. Going the bootcamp route and short study time could work for some, but I highly recommend a minimum of 4-6 months of heads down preparation.

After I failed, I chose to go through 8 weeks of dedicated study and take another shot. It paid off and I passed the exam in May and was validated in early June. I decided to document the methods and resources I used to help lift others along the way. I wish you the very best on your journey, you will be amazed at the person you will become along the way!

If you're not sure what the CISSP certification is, then I suggest you go to this link and learn more about the certification. Cybersecurity Certification| CISSP - Certified Information Systems Security Professional | (ISC)2 (isc2.org)

CISSP Study Preparation Guide

Key Takeaways:

• My intention with this guide is to simply share with you the organized methods and resources I used over an 8-week period to prepare for the exam. Using this guide does not guarantee a passing grade on the exam.
• Make sure you talk to your family about your dedication to completing this task. You will need to make sacrifices in the evenings and weekends, and need their support, accountability and understanding.
• Find an accountability partner. Have a buddy system and define a study plan which everyone should be accountable for.
• Schedule the exam, this way it gives you a date/goal to work towards.
• Dedicate time every day, even when you do not feel like it. To pass the exam, it takes full immersion across many resources. Read books, watch videos, take many practice exam questions, create flash cards and use diverse resources.
• There are 8 domains, you will be strong in some areas and weak in others. Spend time in all domains, but extra focus on your weak areas.
• When you do any quiz/practice test – I strongly suggest that you answer the questions without looking at the answers. After taking a specific domain practice test, re-read that domain, retake the test and now you can look at the answers.
• The exam has recently changed to 175 questions (25 research questions that do not count toward your score) with 4 hours to complete. In the last month of your study, practice taking test questions with a timer so you can learn to pace yourself.
• Review all resources below. These are the resources I used to prepare. Again, you want to use several diverse resources, so you get a few from different angles. This exam requires full immersion daily, especially the last 8 weeks prior to your exam.

Resources:

Books: (Links provided to Amazon, but these can be purchased on other sites)

• (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests , Mike Chapple (Read this book cover to cover) (Search for the latest version on Amazon, etc.)
• How to Think Like a Manager for the CISSP Exam - great short book, with questions and explanations on how to approach exam as a manager - Luke Ahmed
• CISSP All in One Guide by Shon Harris - I read this as another resource to get another point of view.

Review Portals/Materials:

• Used the certmike.com - CISSP last minute review guide - great summary, take this with you everywhere and study (Mike Chappel), many other great resources on this site.
• Used the site Study Notes and Theory portal , by Luke Ahmed. Many great videos on this site and other study resources. Some are free, some are behind subscription wall, but worth it.

Video Course:

• Cybrary.com (Monthly subscription you can cancel at any time) and completed the CISSP course by Kelly Handerhan (15 hrs) - Started 4 weeks prior to exam.

YouTube Channels:

• Inside Cloud and Security - They have great drill down videos on concepts.
• Study Notes and Theory - Luke Ahmed, great videos on various topics.
• Destination Certification - Rob Witcher, great mindmap videos.
• Prabh Nair – @Prabh Nair – great study videos.

Practice Exam Questions:

• Boson CISSP exam test questions (Fee) (50-150 questions per day) (Should complete 2-3k questions prior to taking the exam and average score of 75+%, which means you are ready for the exam.
• IT & Security (CISSP) Mobile App - you can take practice questions anywhere, anytime. (Download from the app store to your mobile device)
• Use official Sybex CISSP Official Practice Test. You can purchase this book with the Sybex official study guide (Mike Chapple, etc).

The final 8 weeks I completed the following strategy:

• I studied 3-4 hours per day/early mornings/lunch/evenings (includes weekends)
• Read book(s) every day, took notes every day, watch videos every day, practice questions every day.
• Completed the Cybrary CISSP course (15 hours) - Take plenty of notes/reflect – Started 4 weeks prior to exam.
• Completed 2k+ exam questions in Boson - helped me identify weak areas. - Take the questions, lookup concepts you missed in the book and write it down.
• I watched YouTube videos outlined above – specific topics: Encryption, Kerberos, etc.
• Created over 40+ flashcards for all weak areas and for all process steps - BCP/DR, Incident Response, Risk Management, SOC Audits, Software development lifecycle and threat models. Know these processes in order.
• Purchased 11th hour CISSP book on audio and listened to it on walks and driving in my car each day, especially the weak areas.
• The last two weeks, you need to study at least 4 hours a day and more on the weekends - Read, Take Test, Watch, Study Flash Cards.

Few Days before Exam

• Completely disconnect from social media, news, and streaming sites. Limit your mobile phone use and rest your mind. Meditate/pray, take walks, do breathing exercises, limit caffeine, no alcohol, drink plenty of water (hydrate) and get at least 8 hrs of sleep the night before the exam.

Day of the Exam

• My exam was around 2pm, so I had a lite lunch at noon and hydrated. On the way to the testing center, I listened to the Kelly Handerhan YouTube video on “Why you will pass the CISSP exam .” It is about 10 minutes long, I listened to it 3 times.

During the Exam

• When I sat down at the computer, I took a few deep breaths before starting. I relaxed myself and did not panic. ?
• At one point I felt like as was not as prepared as I thought, this is normal, stay focused.
• Think like a manager, not like an engineer. There will be questions on the exam where every answer is correct, always look for the answer from a management perspective, not the technical answer.
• Have a positive attitude, you will pass this exam!

Best Wishes!