Guide Guide to Preparing for the CISSP Exam (Certified Information Systems Security Professional)

The CISSP (Certified Information Systems Security Professional) exam is a Computerized Adaptive Test (CAT) that assesses your knowledge across 8 domains of cybersecurity. Here’s what you need to know about the exam structure:

1. Computerized Adaptive Test (CAT):
   - The system presents questions with a 50% probability of being answered correctly based on your ability level.
   - You cannot revisit or change an answered question.
   - If you answer a question correctly, the difficulty increases. This is beneficial, as harder questions carry more weight.
2. Passing Criteria:
   - You need to score 700/1000 in the last 75 questions to pass.
3. Number of Questions and Timing:
   - The exam can have 100 to 150 questions.
   - The test ends early if the system determines a definite pass or fail; otherwise, it runs for up to 150 questions or 180 minutes.

I personally cleared the CISSP exam in 130 minutes, answering 100 questions, after a focused preparation of three months. Here’s a detailed breakdown of my approach and the resources I used.

---

Resources I Used

• CISSP Exam Cram (YouTube):
  Watch Here – An excellent starting point for an overview of the CISSP syllabus.
• CISSP Boot Camp (Udemy):
  Explore the Courses – Comprehensive courses covering all 8 domains in detail.
• Destination Certification eBook:
  Buy on Amazon – A concise resource for exam preparation.
• Cert Preps Practice Exams:
  Practice Here – Great for testing your knowledge and identifying weak areas.
• Learn Z App Practice Questions:
  Download Here – A convenient way to practice on the go.

---

Preparation Strategy: 12-Week Plan

Our brain thrives on spaced repetition and multi-source learning. This helps reinforce concepts and develop connections across topics. My preparation was structured as follows:

• Weeks 1–5: Core Content
  • Week 1:
    Watch the CISSP Exam Cram video for an overview.
  • Week 2:
    Complete Udemy Course for Domains 1 and 2.
  • Week 3:
    Complete Udemy Course for Domains 3 and 4.
  • Week 4:
    Complete Udemy Course for Domains 5 and 6.
  • Week 5:
    Complete Udemy Course for Domains 7 and 8.
• Weeks 6–12: Revision and Practice
  • Week 6:
    Read the Destination Certification eBook.
  • Week 7:
    Rewatch the CISSP Exam Cram video.
    Start practice questions using the Learn Z App.
  • Week 8:
    Revise Udemy courses for Domains 1–4.
    Continue practice with Learn Z App questions.
  • Week 9:
    Revise Udemy courses for Domains 5–8.
    Continue Learn Z App practice.
  • Weeks 10–11:
    Take Cert Prep practice exams.
    Focus on reviewing wrong answers and revisiting weak areas in the Destination Certification eBook.
  • Week 12:
    Watch the CISSP Exam Cram video again for final reinforcement.
    Watch “Think Like a Manager” videos to develop the mindset required for the exam.

---

Additional Tips and Recommendations

• Understand the Exam Mindset:
  CISSP is as much about managerial perspective as technical knowledge. Many questions test your ability to think like a security manager, prioritizing risk management and organizational goals.
• Tailor Your Plan:
  Create a personalized study plan. Here's a video that provides a detailed framework you can adapt: Create Your Plan.
• Regular Breaks:
  Avoid burnout by scheduling breaks between study sessions. Consistency over time is key.
• Mock Exams:
  Simulate exam conditions while practicing. Time yourself and stick to the no-revisit rule to mimic the actual test.
• Focus on Weak Areas:
  Use practice tests to identify and work on your weaker domains.

---

Exam Day Strategy: Don't study anything a day before the exam. The whole study plan is very mentally draining and you will find it hard to concentrate for 3 hours if you do not have adequate break in between.

With a well-structured plan, effective resources, and consistent effort, you can ace the CISSP exam. Good luck! If you have any questions or need clarification, feel free to ask.

I encourage fellow members who have attempted any certification to start a new thread sharing their preparation strategies. Your insights can serve as a valuable resource and a helpful starting point for others planning their own certification journey. It does not matter whether you passed or failed, the collective experience helps.


----

Ajish said:

Sorry to be so direct but how much salary bump can one expect after this certification? And is there any prior technical knowledge or qualifications that is required? I'm assuming this is an add-on to whatever computer degree one happens to hold.

Click to expand...

Personally I am not in a good position to comment on this as I did not need this certification. Just had the urge to do it just like the 3 AWS associate level certs which I did some years back. They did help me in flashing my badge, opening doors and establishing trust.

There are organizations that pay for the certification and also have clear communication on the type of hike that can be expected. Mostly consulting firms coz they want to flash their collective badge to their clients and demand higher rates. Helpful at the junior level for people to get jobs I suppose.

As for prior knowledge, you do need 5 years of experience in two or more of the 8 CISSP domains. If you dont, you get an associate level title and are allowed a few years to earn the required experience.