Here are a few examples and tips/tricks that I found to be useful and that can help you pass the CISSP. This is not an exhaustive list, but rather a great start for what you will need to know to prepare for exam. This article does not cover what material a test taker needs to know, rather these tips are good checks for exam day.
Although this is not a tip or trick for the exam, but a study tip is that a few days before the exam, write a cheat sheet with some of the mnemonics and high level information that you might be needing to memorize, as this will help you remember this information easier. And writing this information can also provide a reference for the exam.
Bonus Tip: Answer what the question is asking! Dont assume!
- You know what you know. After studying for many months, you only know what you know, and there isnt a way to know everything in the entire CISSP domain in a reasonable amount of time. Therefore, dont go crazy because you dont know the entire body of knowledge. The CISSP is an inch deep and mile wide. They tend to ask situational questions that tests if you know the high level details. This will lead us to the next tip quite nicely.
- Exam questions: If they ask questions in the weeds, such as what OSI layer is a Smurf attack, then that question is really in the weeds and you know that you’re doing really well. The only time that you would get in the weeds question is when you’re being asked by the CISSP how in depth you know a specific domain because the domain thinks you’re weak in the domain. The next tip will help you understand the type of questions you will get.
- Be prepared to know what type of questions you can receive. If you want to study test questions, use the Pearson Vue Athena to get a feel for the UI. Watch this video for a great understanding on which type of questions you could expect to reasonably receive. Knowing which types of questions and tricks to them, really helps you master the exam. Such as the tip of “for drag and drop questions, there are never 1 answer, so if you only have 1 answer chosen, then it’s probably not all of the answers.”
- It is crucial to have the right mindset going into the exam and handle the questions with a clear mindset. With the computerized adaptive testing, it is in the test takers benefit to answer the first few questions correct. Even if this takes a few more minutes, take the time to clear any nerves and answer the first questions well. Answering the first few questions correct, will improve your chances of passing enormously.
- When taking the test, it is crucial to have the right mindset. There are a plethora of great test taking strategies that are crucial to helping you pass. Tips such as reducing 1 or 2 answers will increase the probability of choosing an answer from 25% to 33% or to 50%. Having all of the questions be a 50-50 toss up will make it more manageable. Knowing what isnt the right answer will help you determine what is the correct answer. Some people say that reading the question 2x helps, which is something that is a great recommendation. Reading it 2 times helps understand what the question is and reduce ambiguity. It is crucial to think like a security consultant and like a manager. Do not be in the weeds and making changes. It is not possible for me to provide every test taking strategy, nor tell you what will work. But the key starting point is to try to reduce the number of possible answers and have the right mindset. Some great resources to help you on your journey can be found at:
https://www.youtube.com/watch?v=-99b1YUFx0A
https://www.youtube.com/watch?v=EVOMEYndcPM - When taking the test, do your best on every question. I might sound silly, but you dont know which questions are practice questions and which ones count. Therefore, consider every question as a scored question. Do your best, and if you cannot find know a clear correct answer, do your best. Dont freak out, just move on.
- It’s ok to use the restroom. If you use the restroom, use the restroom and come back. No checking notes or using the locker. Use the restroom and come back.
- Know where your test taking weaknesses are and find simple solutions to defeat them are. For example, if you read questions too fast and misread words, slow down by looking up for a few seconds, maybe do some breathing to relax and slow yourself down. If you notice that you answer questions too fast when you have to use the restroom, and you have time to use the restroom, you should go to the restroom. Know what makes you succeed, and know where you might start to not do well. The last thing you want is for something to get in the way of your success.
- Dont study the day before the exam/give yourself a rest. If you do study, make sure it’s just light studying to review the basics of the areas you dont understand. The last thing you want to do is study a complex topic that you dont understand and confuse your existing knowledge of the material. With 1 day left, it’s easier to get overboard and go crazy thinking that you have so much to study, while just the basics of the gaps will help.
- Make sure to study the processes, like the BCP or DRP or IR. You wont get questions directly about like “What is step X of the DRP?” Rather you might get questions like, “Bob found someone who installed a Trojan, what would the next step be?” If you have studied the Incident Response processes and steps, you would realize that the steps would be an answer related to confirmation and containment.
If you’re looking for some specific tips on studying, here is a good start. Make sure to incorporate different viewpoints to get different studying perspectives to ensure you do your best.
After you’re done studying, and if you dont have anywhere to resell the books or give them to a friend, donating to a library might be really helpful for others studying in the future. And it is more environmentally friendly to provide to a library or local hackerspace than just throwing the books away.