Roadmap to CISSP Certification: Must-Know Tips and Essential Resources

CISSP, offered by ISC2 , is considered the gold standard in cybersecurity certifications. The exam is challenging—arguably the most difficult certification exam you will ever encounter. However, with adequate preparation, success is possible. It is never guaranteed, but it is achievable.

This article provides recommendations for resources to help you prepare for the exam. It also highlights some tips to be aware of and red flags to watch out for.

Is the CISSP certification right for you?

If you're unsure, start by watching the webinar hosted by the ISC2 Cape Town Chapter called "Ask a CISSP." It will answer most of your initial questions. https://www.youtube.com/watch?v=vIOv4xuHqqw

Also read this article: https://www.dhirubhai.net/pulse/cissp-why-i-would-recommend-grant-hughes-dhqkf/?trackingId=pm9gQVDeTkmdlTdtlXBsNA%3D%3D

Preparation Options

• Official ISC2 Resources

This training material was developed by ISC2 and can be considered the purest content you will find. As it is by ISC2 for ISC2, you can rest assured it is 100% aligned to the exam objectives. Review this URL for more info: https://www.isc2.org/certifications/cissp/cissp-self-study-resources

• ISC2 Official Training Partners

Following official ISC2 training, an equally aligned and authorized option is training via an Official ISC2 Training Partner. Important to note: Both the training partner and the instructor must be authorized. If not, the training is considered grey-market and not permitted. You risk being trained with unofficial or outdated materials, and the trainer might not have the necessary experience and expertise to teach the concepts. You must validate the trainer and organisation before purchasing training.

One reputable organization in South Africa and beyond is NIL Africa . Engage with Shannon Gueffroy-Fourie if this is something you want to explore. Review this URL for more info: Home | NIL Learning | Learning

• Study Guides and Textbooks

There are several books and study guides on the market. The three listed below are widely popular and have a good reputation among users:

1. ISC2 CISSP Certified Information Systems Security Professional Official Study Guide by Mike Chapple & James Michael Stewart
2. CISSP All-In-One Exam Guide, Ninth Edition by Shon Harris & Fernando Maymi
3. Official (ISC)2 Guide to the CISSP CBK, also known as the Green Book from ISC2

Tip: Always check the publication date of a book and the exam refresh date. The book must be published after the last exam refresh to ensure you are consuming content aligned to the current exam objectives.

• Unofficial Online Video Courses

This is not official ISC2 training and, on its own, is not sufficient to prepare you for the CISSP exam. However, it is useful for explaining complex concepts and can assist as part of your overall preparation journey for the certification. I personally found the offering by Thor Pedersen - Lead trainer at ThorTeaches very good and would recommend this to be part of your preparation. The current version on Udemy has been updated for the 2024?CISSP?curriculum. Review this URL for more info: https://www.udemy.com/topic/cissp/

?

• ISC2 Cape Town Chapter Study Groups

The ISC2 Cape Town Chapter , upon request from 10 or more delegates, can facilitate study groups. These groups will consist of 8 virtual sessions, each covering a different module. Sessions will be held weekly and serve as accountability check-ins. Key topics and questions will be discussed, and guest speakers will be invited as needed. This option carries a nominal fee for the facilitator's time.

Note: Study groups are not to be confused with instructor-led training. Reach out to [email protected] if you interested to join a study group.

?

Watch Out for These Red Flags

1.?????? Promises of High Pass Rates: Trainers claiming 90% pass rates are misleading. Your success depends on your understanding, execution, and retention of the material. No one can guarantee a pass rate, but some may falsely promise it.

2.?????? Claims of “Teaching” the Exam: ISC2 certification exams are rigorous and frequently updated to reflect the evolving cybersecurity landscape, aligning with the ISC2 Common Body of Knowledge (CBK?). No company can prepare you for specific exam items. Your understanding will be tested, not your ability to memorize things.

3.?????? False Deals on Bundle Purchases: Only Official ISC2 Training, through our exclusive relationship with Pearson VUE, is authorized to offer training and exam value bundles. Don't confuse a "certificate for completing the exam prep" with an actual ISC2 certification. Be cautious of misleading offers!

Best of luck as you approach this crucial exam! Embrace the challenge with confidence, and let your perseverance guide you to success. Good luck!