Passing the CISSP

Recently I passed the CISSP and want to describe my journey so that others can learn from it. This will cover a few different sections such as considerations, practice tests, bootcamps, notes, how you should approach the exam, free resources, and resources I used to pass. Please realize that there are a wide variety of people who pass the CISSP, with a wide variety of study and experience considerations. You can do this!

Considerations:

1) No 2 paths are the same to the exam. Therefore, while person A might use resources X, Y, and Z to pass, person B will use BK, P, and X.
2) Everyone is strong in different areas. Therefore, what is important to note is to ask others who are strong in an area to figure out how to improve.
3) Dont measure yourself against other people. Just because someone passed after 2 months of studying only using the study guide provided by Sybex, it doesnt mean that you wont pass after studying for 4 months.
4) The CISSP test bank has thousands of questions, therefore, 1 exam will be different than every other exam taken by every other person.

What should I score on {Insert Name of exam bank}?

As it is said on the Certification Station Discord, “Just because you score 70% on X or Y exam does NOT automatically mean that you are ready for the exam. There are people who have gotten 100% on the practice exams and dont pass, whereas, there are people who get 50% on the practice exams and pass. The key is to study the areas that you get wrong and improve upon them.”

Know why the answer is correct, dont just know that it is the right answer because it is the best of the 4 provided.

Retaking questions and exams is not necessarily recommended as you will get questions right because you remember the questions, not because you know why they are right.

Practice Tests

Please be aware of 4 things with practice tests:
1) No questions are going to be exactly like the questions on the exam. If there were 1 set of questions that were best like the exam, they would be the one source of knowledge that everyone uses. P
2) Just because you got 70%+ on this 1 exam, it doesnt automatically mean tat you’re ready. Take as many tests as you can, learn from what you got wrong, and go from there. Always learn what you got wrong and improve upon that!
3) There is no hard set number of the number of questions to take, but take around 1,500 questions minimum from a variety of sources. The typical saying goes, there really are no bad sources, but always use a variety of test options.
4) Not all tests are made equally. As said by the Certification Station discord, “Some services as Boson are too technical, while others such as the Thor hard questions are too detailed and mentally challenging.” If you can sit for a Thor Hard exam in 1 sitting, then you will be able to sit for the exam is mentally challenging, but it isnt as mentally taxing necessarily for some as the Thor Hard questions.

How to approach the exam

Here’s how to approach the exam: Think of it as a mile wide and an inch deep. If you get a detailed question, then you’re deep in the weeds of the domain that the CISSP thinks you are weak in. And, if you get hard questions in the weeds, then you are doing well.
If the questions are getting easier, then it means you’re answering questions wrong. If the questions are getting harder, then you’re doing really well.

Here are a few tips:
1) With computerized testing, stay calm. The better you do up front, the better chance you have of passing. Dont be nervous, you will do great! Trust in yourself!
2) Know what types of questions you will get
3) Know the processes. They wont ask you straight up What is the Xth question not disaster recovery process. But they would ask you a scenario, with you to understand that the question is asking about
4) The more test banks you do, the better you may score IF you understand why you got what you got wrong and why the answer is correct.

More tips can be found here.

Resources:

I will break this into paid and free resources. The free resources are resources I would 1000% take advantage of, with you choosing to taking advantage of the applicable paid resources as necessary.

Paid Resources

1) Thor Videos–>Similar to the Original Study guide in video format. This is really good.
2) Original Study Guide–Reading 1 chapter a day and taking notes is a great strategy.
3) Boson–> These test questions were really good for 2 reasons. The first being that these were 175 questions long. This helped me understand how my stamina for a 175 question test will be. Do I need to take a break between questions 107 and 108 to refresh? Other exams are 125 questions, which is great, but with a 175 question test, expect to get 175 questions.
The second reason is that the questions are more technical than the exam. Therefore, it allowed me know how much I really knew and where my weak areas were. It helped me reinforce things.

Free Resources

Local Library–>Check to see if the local library has a copy of the Original Study guide and study material. If not, ask them if they could get a copy. This would allow you to get cheaper access to the material, with the only caveat being that it has to be returned. But if one is studying on a budget, this is a great option. Plus, one doesnt have to worry about what to do with the books after they pass.

1) Local resources
Often times there will be a local (ISC)2 chapter that you can attend to interact and work with CISSPs to find good resources. This isnt a guarantee that existing CISSPs will help, but this a great idea, as getting to know a CISSP from a local chapter can be a great way to get an endorser.
Local resources such as a library will often time have resources such as the most recent CISSP books that you can rent for free. Although this means taking time to get a library card, visiting the library, and not being able to write in the books, often times, getting the books from the library makes the price of the study cheaper.
2) Internet Study Groups
I used the Destination Certification Discord, which was a life saver. The community there is numerous and allows for asking questions on any topic and network with people who have passed the test that answer questions, and others who are studying.
3) Reddit CISSP
This is a great resource to help learn how other people have done. If you want to ask them questions, this is a good place to ask how a particular resource you’re using to study compared to their exam experience. But those who take the test cannot and will not reveal questions.
4) Youtube Study Videos
Channels like Destination Certification, Prabh Nair, and others have created great resources to help review. If you’re looking for a good reference of how to understand Kerberos, check out this video.
5) Youtube Why You Will Pass Videos Use a variety of these.
These videos will really help https://www.youtube.com/watch?v=-99b1YUFx0A, https://www.youtube.com/watch?v=Qw8sYsO153s and CISSP Test-Taking Tactics: Successfully Navigating Adaptive Exams

1 comment

Leave a comment

Your email address will not be published. Required fields are marked *