Five tips for you to pass on the CISSP exam in 10 weeks

Portuguese version here

Yes. I passed the CISSP  (ISC)2 exam on my first attempt and with only 100 questions. It was a journey of hard work (10 full weeks, +1500 pages, +30 hours of videos and +2000 practice questions — phew!), but I want to share with you the tactics and materials I used to survive this marathon of studies and achieve this result.

First of all, it is worth a quick explanation of why this certification is so celebrated. CISSP  is recognized as a safe path for experienced professionals who are seeking to move into senior information security management positions. It is also a reliable reference for companies seeking professionals qualified to manage their areas of Information Security. 

The broad spectrum of subjects covered and its particular way of applying practical and challenging cases to their questions make it a prestigious and recognized professional certification worldwide. Informally known by employers as a 'Master Degree' in Information Security, it was recently formally recognized as such by a renowned education European organization.

Just one more thing. It is worth giving a summary of my background before we talk about the exam. I have a technical background in infrastructure and networks, but I have been working with sales in technology for 20 years. During this period, I had the honour of being part of large companies and working for five years directly with Cybersecurity. 

That being said, let's go for the tips.

Tip 1: Create your own plan (and follow it)

Well, by now, perhaps you should already know that the contents of the exam covers the eight domains below:

• Security and Risk Management
• Asset Security
• Security Architecture and Engineering
• Communications and Network Security
• Identity and Access Management (IAM)
• Security Assessment and Testing
• Security Operations
• Software Development Security

To cover this vast content, you need to create your own study plan and follow it anyway. Yes, there will probably be a few months dedicated (including weekends) to this study, and hours and hours of tiring and often uninteresting reading. Don't give up! Go ahead and always think about the result you will get when you pass the exam.

Some people are more visual; others prefer reading. Depending on your learning style, you can resort to books, videos, instructor-led courses, podcasts or a whole of it all.

I divided my study time into a 50% study of the material and 50% practice tests.

Later in this article, I will talk about the materials that were useful to me.

Tip 2: Learn from community experiences

Thousands of professionals are seeking this certification worldwide. Join groups on social media and immerse yourself in successful (or not) experiences of candidates. Don't try to copy what they did, it may not work for you, but try to follow in their footsteps. Oh! And follow all the groups you can. Here are some of the groups that helped me a lot:

1. Facebook: CISSP Exam Preparation — Study Notes and Theory
2. Reddit: https://www.reddit.com/r/cissp/
3. Discord: https://discord.gg/certstation

Tip 3: Think like a Manager

While many cybersecurity certifications will require you to provide technical knowledge, and although CISSP content is also quite technical, the mindset needed for the exam is of a senior manager, advisor in Information Security. You are not there to fix things but to look at the big picture, solve processes and give the best guidance to protect the people, business and assets of the company.

I think the biggest trick of the exam is in our heads and not in the questions. Before starting the test, I wrote "think like a manager" in my draft and forced myself to read this before each question. It sounds silly, but it helped me a lot.

Tip 4: Read each question 2x

I am not a native English speaker, and yet I can state that this is an English test. If you know how to interpret the questions thoroughly, understanding precisely what is being asked (and not what you would like to be asked), your chances of success will be enormous. I adopted the tactic of reading each question twice. The first reading was just to know what it was about, with a screening by the answer options, and the second reading trying to identify precisely what was being asked, with particular attention to keywords like MOST, LEAST, NOT, etc.

Tip 5: Choose a favourable exam time and rest well before

Each person works better at a different time. In my case, I produce much more in the morning than at night. That's why I scheduled my exam for the morning when my attention is sharper, and my ideas are more precise. A great suggestion I received was to sleep well the night before. You're going to need to be 100% for the exam. Being 90% may not be enough. Therefore, try not to study the night before the exam. Sleep early and have your 'battery recharged' to do your best.

The Resources I used

There is an ocean of preparatory materials for CISSP. Below are the ones I used:

1. CISSP Official Study Guide 8th Edition — Book (8/10) — 2 weeks - For me, this was a precious resource and the theoretical basis of all the content. My suggestion is to read it cover to cover at least once to gain the base needed for the exam. The book also comes with 750 practice questions to test your knowledge. Available on Amazon.
2. CISSP Cert Prep —  Videos (8/10) — 2 Weeks - This is a series of videos from the author of the book above, Mike Chapple. He is very smart, gives excellent examples and is very clear in the explanations. I found that despite this, the videos are insufficient to cover all the essential content with details. I watched these videos twice. Available on the Lynda.com platform.
3. CISSP Review — Online Course (9/10) — 3 days - This was a resource I used that is not very popular in the community. This is a review of the content. Don't think you'll learn the content there, but it will introduce you to the (ISC)2 way of thinking. I enjoyed it! Enjoy that it's free now!
4. Boson Exam — Practice questions (10/10) — 1 Week - Practice questions are a vital part of your preparation. And among all of them, in my opinion, this one is the best. My highlight is for the great explanations in each question. Overall it is a little more technical than the exam questions, but they give a good idea of what you will face in the test. Oh! And none of the questions you're going to study from are going to show up on the exam. If you have a terrible score on Boson, don't be sad! My maximum score on it was 69%, and I passed the exam.
5. (ISC)2 CISSP TESTS — App (9/10) — 1 Week - Very good practice and available for your mobile. I found it very similar to the types of exam questions. I recommend it.
6. (ISC)2 CISSP Official Practice Tests, 2nd Edition — Practice questions (8/10) — 2 Weeks - This is a book of practical preparatory questions to the exam (750). It gives you access to an online platform where you also have access to the practice questions of the Official Study Guide (that I mentioned earlier) as well. Usually, you buy it in a combo with the first book on my list. Available on Amazon.
7. McGraw-Hill CISSP Exams Practice —Practice questions (8/10) — 1 week These are older material and references the previous version of the exam. It was still very useful to help me think like a manager—available online and free.
8. CISSP Practice Questions of the Day from IT Dojo — Video (10/10) — 2 days - More than 200 questions very well answered, and that helped me prepare for the exam. If you want to be ready for what's ahead, you need to watch these videos—available online and free.
9. CISSP Mind Maps- Videos (9/10) — 2 days - This guy should receive an award. The material is outstanding and made everything very clear in my head. I watched the videos twice. I gave it a nine just because they’re still releasing some of the videos, so there are some gaps over there. But I'd rather watch these videos than read Sunflower, for example. It worked best for me—available online and free.

I believe you will also pass this exam

Yes. It's a matter of dedication and determination. I advise you to always think about the final result. The keyword is focus, and I'm looking forward to seeing you as happy as I am feeling right now.

Excellent luck with your CISSP journey!

And if you found this article helpful, leave a comment below for me to know.

Success!