There are many articles already published on the Internet on this topic. As this is of interest to you, I will quickly share a few success mantras that I followed to help me pass my CISSP exam.
Read the ISC2 Fourth edition book. This book has eight domains and my approach onto reading the book is:
- Start with the domain in which you are most comfortable.
- Try to find a domain presentation from a training company or mentor and read the slides for this domain first. This will help you to establish the context in terms of domain coverage and expected learning.
- When you are reading the domain, please keep an eye on text marked in bold, italics, important, etc.
- There are a lot of topics in the book - examples would be CPU registers, TCSEC, assurance models, etc., which need a very high level understanding. The probability of exam questions on these topics is very low (approximately 1%). It is important you do a smart reading under guidance from someone who has already passed the CISSP exam. Study with a mentor who is with you until you write you exam.
- Follow a filter approach – my proven success approach. I recommend participants to convert the full CISSP ISC2 domain into a handwritten set of few A4 sheets of paper. This may appear painful but trust me, it helps you to write the concepts new to you. It will also help you with revision meaning you do not have to read the CISSP domain from the book again during revision time.
- Many students complain that reading the CISSP book is boring and they go to sleep. Give your best part of the day (just 1 hour) to CISSP. If you do not understand a topic, send us an email and we will try to help. Alternatively, look for some good videos or Google images on this topic to gain clarity.
- The key success mantra here is Ask and Ask – if you have a question, please do not hesitate to ask. Try the route below to answer your questions.
- Reach out to like-minded colleagues in your circle and clarify your questions.
- Post your questions on our LinkedIn group – CISSP Mentorship and Guidance Group. I am very active here and will respond ASAP. We have around 1,600 CISSP interested members.
- Email us your questions – We should get back to you within 24-48 hours
Read the Shon Harris Sixth Edition book – This book has ten domains and is more like the old CISSP syllabus. You may ask why I'm recommending you read a book of the old CISSP syllabus. The Rule of Thumb is that the syllabus of CISSP has changed little; a few topics added here and there. There is a major re-grouping of the domains, now reduced down to eight new domains and these are:
- Security and Risk Management.
- Asset Security.
- Security Engineering.
- Communications and Network Security.
- Identity and Access Management.
- Security Assessment and Testing.
- Security Operations.
- Software Development Security.
I recommend all my CISSP aspirants to scan (just a manual eye scan) the Shon Harris book after they have finished reading the CISSP domain from the ISC2 CISSP Fourth Edition book. The benefits are
- There are many pictures and diagrams in Shon Harris book and few topics (for example, Kerberos) explained in a much easier way.
- There is more text marked as important and bold – so, worth reading.
- The book has amazing recap points ("points to note") at the end of each domain – this is a must read.
Watching CISSP videos
There are CISSP videos available free from Shon Harris's YouTube channel, Youtube (general search) and other training companies/channels.
I strongly believe videos help a great deal in completing a CISSP domain quickly and efficiently. Before you start reading a CISSP domain from the ISC2 CISSP Fourth Edition book, you must watch a few CISSP videos related to this domain. In case you are looking for domain-wise full set of videos, I can share a few of these videos that are from my personal CISSP mentorship sessions. Please contact us for some links.
Completing CISSP question banks
I would recommend to all my CISSP class participants to complete 2,800 to 3,000 questions from various CISSP-related reputed sources before they go for the real exam. Some of these reputed sources could be:
- Questions at the end of each domain of the ISC2 Fourth Edition book.
- Questions at the end of each domain of the Shon Harris Sixth Edition book.
- Questions from the Shon Harris Question Bank book.
- Questions from various online sources (Logical Security, Sybex, CCURE).
Step - 5
A few days before the exam and exam time real experience:
- This will be a long post and I will cover this separately in a different blog. Please subscribe to our blog channel to read more on CISSP related topics.
- For your information, the CISSP exam will have 250 questions. Each question carries four marks and a passing score of 700 out of 1,000 is needed; this will be a relative score.
Contact us at firstname.lastname@example.org for any requests related to CISSP. Just click compose and send (No more thinking - its all free).
I hope this blog was an interesting read for you. Please do not hesitate to share your comments with us.
The author is a professional CISSP trainer within CMA training pool. He is CMA's CISSP/CISA/ISO 27001/SOX/Information Risk Management/SAP Cyber Security trainer. He has an MBA (Finance), Computer Engineering, CISSP, CISA, ITIL (expert), COBIT (foundations), and SAP security qualifications.
If you are interested in exploring our CISSP mentorship classroom program details – please follow below link.