Today I passed the Certified Information Systems Security Professional (CISSP) ISC2 exam after 2 weeks of studying. One of my priority goals during this funemployment period was to become certified to help further cement my expertise in cybersecurity and I will share all of the resources I used in this post to help me get there this fast.
Preamble: I have 5 years professional experience working in Cybersecurity from Google, where I originally started as an IT Support lead before moving internally to become a Security Engineer.
Time commitment: I spent between 8 to 12 hours a day studying for this test over a period of 2 weeks (July 1 to July 14). I took 2 days off in between for a break on weekend days.
- Every day I completed between 50-110 questions, either via chapter domain quizzes or by using the free DestCert App on the iOS store.
Important items to consider
- Actual work experience in the field I felt to be invaluable for this exam. Many questions were related to items I had come across before in my Cybersecurity role.
- The breadth of the CISSP exam is huge and the official study guide I used to study is ~1900 pages long.
- CISSP exam is not only a technical domain test but heavily focuses on scenario based “think like a manager” style questions. Keywords like “BEST”, “LEAST”, “MOST” and “GOAL” often are indicators that your multi choice options are all likely valid answers but paying extra attention to what the question is really asking is critical for success.
My study resources and my personal rating on them:
- BOOK (9/10): ISC2 CISSP Certified Information Systems Security Professional Official Study Guide (Sybex Study Guide) 10th Edition
- 1900 pages long, pretty dense.
- My focus was reading each chapter summaries, at the end of each chapter there are between 100 to 150 questions specific to the security domain/chapter covered.
- Each quiz I took I tracked on a spreadsheet with the answer I selected after skimming through chapters or watching video training content.
- Any quiz question that I failed or got wrong, I took time to understand why I chose the wrong option on my first attempt and then I focused on understanding the correct answer from the answer key at the end of the book.
- FREE Youtube (10/10): Peter Zerger 8 hour CRAM of all CISSP domains and topics.
- My first day studying I chose to watch close to 12 hours of video training to “set the stage” before taking the quiz questions from the study guide.
- He focuses on the vast majority of things you need to know, but because of how condensed each domain is, some minor concepts and things I felt were missing from this… lucky for me another training course I took filled in some gaps (more below).
- FREE Youtube (10/10): 50 CISSP Practice Questions. Master the CISSP Mindset.
- Watch this video the day before the exam to make sure your headspace on how to evaluate questions is in the right place. Remember, think like a manager based on how the question is propositioned.
- LinkedIn Learning video training and practice exams:
- Mike Chapple (same guy who authored the study guide!) https://www.linkedin.com/learning/topics/certified-information-systems-security-professional-cissp
- He covers some stuff I felt was missing from the CRAM videos; Chapple speaks slowly so I often played his videos at 1.25x or 1.50x speeds.
- FREE Crytography DestCert mini masterclass
- This video does a great job at explaining crypto for the exam.
- FREE Youtube (10/10): Peter Zerger Cyber Attacks & countermeasures
- Perfect dedicated video that covers all of the common attacks and the available countermeasures.
- (5/10) Cybrary CISSP Training by Kelly Handerhan 2024
- I tried to use Cybrary as a complement resource prior to finding out my library gave me free access to LinkedIn learning courses, I did the first 2 domains videos and wasn’t personally impressed.
How I hacked my study plan?
- I used AI / ChatGPT / Perplexity to help me understand certain topics or when I needed concepts explained to me in a different way or tone than the book or videos.
- I practiced every day. Domain quizzes using DestCert app while on the treadmill or when sitting down at the computer I would do more questions from the study guide book which are different questions than the DestCert app btw.
- I put a deadline to it and chose to go all-in (vs. studying for months). Pay the extra $200 to get “peace of mind” protection in case you may fail your first attempt, I passed on my first try but this exam is tough and things could have easily gone the other way had I not been studying this much.
- The most important thing during the test: TAKE YOUR TIME, READ THE QUESTION AND ITS OPTIONS MULTIPLE TIMES before committing to any answer.
Good luck!
You must be logged in to post a comment.