For years, to pass CISSP Exam has ranked among the toughest certifications.
But don’t let that discourage you. It all comes down to how well prepared you are for it and the best way to prepare is by using the right study materials.
We’ve put together a list of resources to help you get certified on your first try! There are so many ways to prepare, and we’re sure you’ll be able to find what works best for you. Whether you’re looking for a classroom course, a self-study course, or online training, you’ll find what you need in this guide.
So let’s get started with it!
What is CISSP Exam?
Before we get into the study materials, let’s understand what CISSP is.
“Certified Information Systems Security Professional (CISSP) is a globally recognized certification program. The certification is based on a 2-part examination that covers eight subject areas: Security and Risk Management, Cryptography, Network Security, Identity Management, Architecture and Design, Communications and Network Security, Systems Security Engineering, Applied Cybersecurity and Computer Forensics.” (Wikipedia)
You will find the CISSP certification a popular certification among IT professionals, and it is quite well known because it is pretty difficult to pass CISSP Exam. It is trusted by more than 100 countries around the world.
To obtain the certificate, you need to take two exams: one that spans five hours and another that lasts eight hours. The cost of each exam varies depending on your geographic region. The cost range is from $400 to $1,100 in fee for each part of the examination (the cost for each part is also based on your geographic location). Some organizations offer a discount if you take both parts together at once instead of separately. In addition to the examination, you will need to complete a minimum of 40 hours of classroom-based instruction. However, the amount of time that you need depends on how many classes you are attending. For instance, in a 10-hour class, the minimum requirement is 20 hours.
CISSP Exam Requirements
CISSP Certification requires the completion of two examination components — the exam and the Skills’ Verification.
The exam covers eight domains, and you need to pass all eight domains to become a CISSP. This means that you will need to take two exams.
The first exam part covers four domains: Security and Risk Management, Asset Security, Security Architecture and Engineering, and Cryptography. The second exam part covers four more domains — Identity and Access Management (IAM), Security Assessment and Testing, Security Operations (SIM), and Software Development Security (SDS). The Skills’ Verification on the other hand is the proof that you actually have the necessary skills and knowledge to implement information security.
To obtain a CISSP certificate, you will need to attend an official training at a C|CISO Approved Training Provider. The training will cover all domains and the program will last for at least 10 hours. You can also take a self-study program, but it will not replace the in-person classes.
If you benefit from having someone tell you what to do, then classroom-based programs are for you. If you find self-study more exciting, then go ahead and choose one of those options. Both options are fine as long as they fit your learning style.
What are the topics of the CISSP Exam?
This exam consists of 8 topics, which will assess your knowledge on different IT concepts such as Cyber Security, Risk Management and Cloud.
The CISSP Exam Format
CISSP exam comprises 200 multiple choice questions that you need to answer in about 8 hours. It will comprise 4 domains namely Business and Enterprise Security, Telecommunications and Network Security, Information Security Governance and Risk Management, as well as Software Development Security. This is how the exam format goes:
Some of the above factors can be controlled while others cannot. The ones that are under your control are: your study time, amount of materials you can use for training, time management skills and test preparation strategies. The ones that cannot be controlled are: your intelligence level or IQ score, the number of hours you sleep on an average day and your ability to memorize specific material.
Once you have decided to attempt the CISSP exam, it is time for you to figure out how best to decide whether it is the right fit for you or not. Here are some pointers that will help you in making a decision on whether or not you should attempt your exam:
1) Are you prepared to study for your CISSP exam for several weeks at a time?
2) Are you an expert and do you have the experience necessary to pass your exam?
3) Are you good at solving problems and making decisions under pressure?
4) Can you pass all 8 CISSP exam domains easily? Do they match your career goals and objectives?
5) If yes, then go ahead with your CISSP exam preparation!
This exam is basically an international standard that is recognized in over 70 countries throughout the world. The exam itself is endorsed by the International Information Systems Security Certification Consortium or (ISC)2. Here are some of the reasons why you should consider taking your CISSP exam:
The above are just some of the basic reasons why you should consider taking your CISSP certificate and moving up to a higher level of professional growth. After all, having a CISSP certification cannot hurt your career prospects in any way!
Why should you get CSSP Certification?
CISSP is one of the most sought after security certifications. The CISSP certificate alone can get you a good job in IT security!
“The median annual wage for information security analysts was $92,550 in May 2015. The median wage is the wage at which half the workers in an occupation earned more than that amount and half earned less. The lowest 10 percent earned less than $52,410, and the highest 10 percent earned more than $147,120.”
Source: http://www.indeed.com/salary?q1=information+security+analyst
CISSP is also a recognized credential by the Department of Defense (DoD) and many other government agencies. “The Department of Defense (DoD) defines a Credentialed Protection Professional as “an individual who is recognized by a DoD Component or Agency (or an equivalent private sector organization) as being qualified to perform information assurance functions that are above the baseline.”
The Four CISSP Exam Frameworks
A good way to look at the exam is to see it as using a framework or a structure that essentially keeps the 8 topics under CISSP exam in check. Here I will be mentioning about the four exam frameworks for your CISSP exam preparation!
1) Common Body of Knowledge (CBK): The CBK is basically a list of all the general information you need to know to pass your CISSP exam. It is basically a foundation on which you can build other skills, knowledge, and experience. This is important since it gives you a broad base from where you can create your own unique body of knowledge that matches your career goals and objectives.
2) Domain-Specific Body of Knowledge (DSBOK): This refers to the knowledge regarding a specific information security domain. It is basically a list of all the necessary information you need to know for your specific area of expertise. The DSBOK is essential since it provides you with the sharp focus that helps in decision making and problem solving when handling each and every area under CISSP theory. It will also help in keeping you from looking at your exam subject as a whole which will only exhaust your limited resources!
3) Domain-Centric Body of Knowledge (DCBOK): This is basically a body of knowledge that includes all required components within each specific domain under CISSP theory. It is important since it will help in keeping your CISSP exam preparation within the four boundaries of all major areas under CISSP theory.
4) Access Requirements: This is a list of explicit access requirements that need to be met by an individual when working in a domain. It is also important since it helps you keep all access requirements organized and ensures that you become familiar with the process of gaining access to each and every area under CISSP theory to prepare for your exam.
What is the best way to prepare and pass CISSP Exam?
Even though CISSP exam covers a lot of IT concepts, some concepts may not be there in your day-to-day work life.
Here I am going to discuss the best resources that will help you pass CISSP exam without any major mistakes. That way, whatever mistakes you may have made will not cost thousands of dollars in retake fees!
Read ISC Official Study Guide
The ISC Official Study Guide (https://www.isc2.org/Training/Self-Study-Resources) is one of the best CISSP study guides that will help you pass CISSP exam.
The book is well organized and it will point out all the topics you should be aware of while taking the exams. Moreover, it also includes a lot of practice questions to test your knowledge on different topics. This is an ideal book for those who are not very familiar with IT security concepts. You can easily pass the exams after just a single reading of this study guide!
Free Online Training Courses for CISSP Exam
Youtube is a great place to learn a lot of things about IT security. Here is a list of the best CISSP training courses that you should watch on Youtube:
1) Kelly Handerhan videos are also very informative and best suited for CISSP exam preparation. Kelly specializes in Cyber Security and he has taught over 5,000+ students. He also contributes to the ISC2 official study guide.
You can check out his free videos here:
https://www.youtube.com/channel/UCpH4t8k7Nv6yivV0IyK8gYA/videos
2) IT Dojo also provides Daily CISSP Question Videos (https://www.youtube.com/channel/UCwUkAunxT1BNbmKVOSEoqYA) which are a great resource for those who are looking for quick CISSP study tips.
These questions are compiled by ISC Staff and ISC2 Certified Instructors in the following format: Answer, Explanation, Tips and Best Practices. This is a great resource for those who want to get an idea of what to expect on the CISSP exam. Additionally, they also contain links to each of the topic by IT Dojo. This way you can quickly review your weak areas before attempting the exam!
3) Larry Greenblatt (https://www.youtube.com/watch?v=TKuR9EAZ1gk) is another ISC2 instructor who has been awarded the prestigious CISSP certification. He regularly posts different CISSP video courses on YouTube which will help you to prepare for the exam.
4) SimpliLearn (https://www.youtube.com/playlist?list=PLEiEAq2VkUUId6PKW0fpJdBRJO5MFQ8VM) provides 25 videos CISSP Training videos on Youtube.
5) FRSecure (https://www.youtube.com/channel/UClMYYuIkextuYWBJD-9NfSg/videos) has a CISSP Training course which includes 50 videos on Youtube.
6) CISSP review/mind maps (https://www.youtube.com/playlist?list=PLZKdGEfEyJhKWyryIvx_jm1jn6ZMTi7gW) offer 30 video CISSP training on Youtube in which they review all major topics of all 8 domains of the CISSP exam.
7) SKillset CISSP (https://www.youtube.com/playlist?list=PLWqLeluv2Rq2jH70NFPYm0PB8sDMJ8gJR) training course is made of 15 videos and will help you learn all major concepts of the CISSP exam.
What are practice tests, and why are they important for CISSP exam preparation?
Practice tests are very important tools for CISSP exam preparation. Practice test materials enable you to improve your ability to solve problems under pressure since you will use these when attempting your CISSP exam. Practice test materials will prove to be very useful in your CISSP exam preparation as you can identify your strong and weak areas, and work on them accordingly. Practice test materials will also help you learn how to handle pressure. You can even use practice test materials to see how well you are able to manage your time during your exam. Practice test papers will definitely prove to be an extremely beneficial part of your CISSP exam preparation!
In my opinion, practice test materials are the best way to set yourself apart from the crowd and show them that you are a serious candidate. Practice Test Papers not only help you test your knowledge and understanding of the subject, but also help you practice your skills and techniques which will prove to be invaluable during your exam. After all, you cannot pass the CISSP exam in just one month. This is why it is very important for you to allocate enough time for your preparation process as well!
Practice Test Papers should be one of your top priorities when you’re attempting the CISSP exam. Practice Test Papers will keep you on track with your preparation and will help to identify any gaps in your knowledge which would otherwise prove disastrous during your exam!
Practice test papers should also be used to see where you are lacking and what areas of your knowledge require more attention and revision. For example, if you find that many questions on a particular subtest keep popping up in the practice test papers, then it is time for you to focus your exam preparation efforts on that subtest instead of spreading yourself too thin. Practice Test Papers are an extremely important part of any CISSP exam preparation process. So do not skip out on them!
Practice test papers give you the opportunity to emulates the real CISSP exam by putting you in a high-pressure situation. This will help you identify your strengths and weaknesses as an information security professional. This will also help you learn how to deal with pressure under a high-stress environment. At the same time, this will also allow you to learn how to handle various questions that may pop up during your CISSP exam. Practice test papers help you simulate the real thing!
In my opinion, practice test papers should be one of your top priorities when you’re attempting the CISSP exam.
The following practice test websites are some of the best resources you can use to prepare for your CISSP exam:
- David Mayer’s CISSP Dumps Practice Tests- This is a great tool for CISSP exam preparation since it provides you with detailed explanations, what each word refers to, their meanings, and the correct answers. It also includes tips, hints, and support on how to make the most out of your learning session. You will be able to identify your weak areas and work on them until you get them fixed. It also provides you with useful tips and instructions on how to use the practice test papers in order to improve your performance during the actual CISSP exam.
This is a great tool for CISSP exam preparation since it can greatly help candidates who are struggling with their preparation. They also provide mock tests and exam simulators for you to use in your CISSP exam preparation process. You will also find downloadable PDFs containing detailed and comprehensive CISSP questions which are important for exam preparation. It also contains answers and explanations to all the questions, which is extremely helpful while preparing for the actual CISSP exam! This tool will definitely prove to be an invaluable resource for you as soon as you enter the world of information security!
2 . Boson CISSP Practice Tests — This is a great practice test tool for CISSP exam preparation as it makes use of real questions and answers that you can use when preparing for your exam. It also includes detailed instructions and guides on how to identify your weak areas. You will get to know the proper way you should approach the test questions, how best to start the test and which method you should choose for solving the problem set.
Boson CISSP Practice Tests will allow you to attempt a real CISSP practice test in your preparation process. It includes comprehensive practice test papers, explanations, study guides and tips which can prove to be extremely beneficial for the preparation of your exam. The sample questions and answers are very detailed and comprehensive as they provide you with all the information you need regarding various concepts related to information security such as risk management, cryptography techniques, network security etc.
3. Thor Pedersen’s Practice Tests — This is yet another great practice test guide for CISSP exam preparation. It is well designed and provides you with tests that will cover all the overall aspects of the exam. It also includes tips and advice on how to use the practice test papers in order to improve your performance during the actual CISSP exam.
Paid Online Training Courses for CISSP Exam
If you want to study on your own, you’ll need a lot of time and dedication. But if you’re short of time and have to focus on other things like your current job and studies, then online training courses are the best option for CISSP certification.
There are many course providers out there offering CISSP courses from a $100 to over $1000 but I personally had no issues with any of them. All were simple and easy to understand. Here are my top recommendations:
1) Global Knowledge — CISSP Boot camp (https://www.globalknowledge.com/us-en/course/171661/cissp-certification-prep-course/) is an excellent training course that has been around for quite some time and has a great reputation in the industry. It will guide you through all the eight topics under CISSP theory and also helps you prepare for the real exam in a simulated environment.
They are providing CISSP Certification Preparation in two different ways, In classroom or in virtual class on the latest version of Adobe Connect.
In-Classroom Course: This is a four day in-person course that takes place eight times a year. Each class is limited to only 12 students and is designed for individuals who are interested in taking the CISSP certification exam. Students who wish to complete this course must apply prior to attending the course and will have to take all four sections of the course in order.
Virtual Classroom Course: For students who prefer to take this course from the comfort of their own homes, Global Knowledge offers the CISSP Certification Prep Course in a virtual classroom setting. This class is taught by Ron Ross (CISSP, CSSLP) and covers all of the required material.
2) Thor Pedersen’s courses (https://www.udemy.com/user/thorpedersen/) are also great CISSP training courses on Udemy. He is a Microsoft Certified Master and has taught over 10,000+ students.
Thor Pedersen has developed a CISSP certification prep course that can be completed in two months time and is designed for people who wish to get the highest score on the exam. The course consists of 21 modules.
In addition to the following resources, it also includes a flash drive of relevant materials for self-study. The course is very similar to “Security+” and emphasizes on the major regulatory requirements and standards. One of the best things about this guide is that it does not require students to be domain specialists. It also covers each domain with multiple examples from real life. In each module, you will find a review of important topics that are required for passing the exam as well as practice questions that will help you learn important concepts.
Thor offers three different levels of his CISSP prep course:
1) Level 1–4 (intermediate): This level covers everything from Domain 1 to Domain 8.
2) Level 2–8 (advanced): This level includes everything from Domain 1 to Domain 8 and also covers the Security Operations domain, which is a part of the CISSP curriculum but not a part of the regular exam.
3) Level 3–8 + SysAdmin (in person only): This level supports all aspects of the curriculum and also contains a course on how to become a system administrator in security.
You can check out his website here: https://www.thorpedersen.com/cissp/.
3) SANS: MGT414: SANS Training Program for CISSP Certification is a great course that covers all the required material for exam. The course is specifically designed for those who want to pass the CISSP exam. It covers all major aspects of the CISSP exam and is highly recommended if you are serious about your CISSP preparations.
If you are already a security professional and want to get a higher certification, then it is worth taking SANS course instead of spending on expensive boot camps such as “Global Knowledge”. It will also help you in your career development because the SANS course has more credibility than any other security training institute in the world. The course has been established and is being supported by U.S. federal government and is considered to be one of the best security training centers for CISSP certification in the world.
It covers all domains in detail. The course is divided into 5 days and each day consists of 4 modules, plus an extra bonus module. Each module includes a lot of hands-on exercises to develop your skills and to prepare you for the exam.
After completing this course, you will receive a certificate from the SANS Institute. Even if you do not plan on taking CISSP exam, I strongly recommend completing this course because it will help you improve your skills as a security professional and build your resume.
4) Cybrary: CISSP is a good course to prepare for the exam. The good thing about this course is that it covers all the required material and the course also includes practice questions for each domain. It also provides certification exam tips, which are useful if you want to get a high score in the exam.
This course is well-organized and can be completed in two to three months time. However, if you want better results then I would recommend following some other courses along with Cybrary’s CISSP prep course because this program mainly focuses on studying each domain specifically.
5) Master of Project Academy CISSP Certification Training Course is another good online training course to prepare for CISSP exam. You can find more about the courses here: https://masterofproject.com/p/cissp-certification-training
6) Kevin Henry CISSP Training Courses on Pluralsight can help you to clear concepts in all domains of exam. Kevin Henry CISSP Training Courses can help you to learn all major concepts of the CISSP exam. The courses are available at a subscription cost of $29 per month, or you can take advantage and get one full-year subscription for $149 which is good for three exams.
Read Books or Self-Study Materials
If you’re a bookworm, then you’ll have no problem studying CISSP exam as you wouldn’t be spending a lot of time on it. But if you’re too busy with your current work and studies, there is nothing wrong in using a self-study material. Just go through the reading and get all the required concepts to pass CISSP exam.
Here are my top recommendations:
- Eleventh Hour CISSP: Study Guide 3rd Edition: This book is an excellent resource for CISSP exam preparation. It will take you through each topic of the CISSP exam with clear instructions and great illustrations. It will also show you how to think like a CISSP when you’re approaching the exam concepts. This is in my opinion the best book for CISSP exam.
2) CISSP Exam Cram, 3rd edition: In this book, Donna C. Moore has incorporated real-world case studies along with her theoretical knowledge and practical experience to pass all eight topics under CISSP theory in your first attempt. Her signature style of writing makes this book very easy to understand and it is an excellent study guide for all learners, especially for those who have limited time on their hands!
3) CISSP Cert Guide (Certification Guide) 3rd Edition: A shorter book than Donna C. Moore’s book. It will help you by going through CISSP exam concepts in a very short time. Definitely not ideal for those who have limited time on their hands as it will take longer to cover all the eight topics under CISSP exam.
4) CISSP All-in-One Exam Guide by Shon Harris: Another excellent book that covers all the eight topics under CISSP theory in great detail, and by doing so it has become one of the most used and popular books among CISSP aspirants!
5) Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press): Another good self-study material to pass your exam. It will show you how to prepare for the CISSP exam and what topics are in each topic.
If you think that self-study materials are enough to prepare you for CISSP exam, then again, I would suggest you look for new study material once your old study material is used up. Here are my top 10 recommendations:
- CISSP: Certified Information Systems Security Professional Study Guide, Third Edition 3rd Edition: Once again the premier standard work on CISSP by Don Hutcheson! It will take you through all the topics under CISSP theory with step-by-step instructions and helpful illustrations.
2) CISSP: Certified Information Systems Security Professional Study Guide (Sybex): Another excellent book by D.C. Moore. This book covers all the eight topics under CISSP exam and has also made use of real-world case studies to enhance the learning experience.
3) CISSP For Dummies, 6th Edition: This is a great book for beginners who are looking to study for their first CISSP exam. It has been written in a friendly and casual style that makes it very easy to understand even complex concepts with ease. It will also guide you through 16 topics under CISSP theory.
4) CISSP: Certified Information Systems Security Professional Study Guid: This is another excellent study guide by Charles Daugherty. It offers step-by-step instructions on how to prepare for all 8 topics under CISSP theory while keeping everything simple and easy to understand. It will also show you how to approach each topic of CISSP exam.
5) Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press) 4th Edition: This book has all the eight CISSP exam topics covered in brief and is also written in a very friendly and easy to understand style. It is however not as detailed as other books on this list.
6) CISSP Study Guide by Eric Conrad: This is a book that also goes through all 8 topics under CISSP theory for CISSP exam preparation. It will show you how to prepare for each topic of exam and has also created a very easy and fast-track learning method to help you complete your study in record time. It contains a lot of tips and quick exercises to help make it easier in the long run, which are good for beginners as well.
7) Easy Guide: Certified Information Systems Security Professional (CISSP) by Austin Vern Songer: This is another book that goes through all 8 topics under CISSP theory and keeps everything very simple and easy to understand. It has been written in a casual style that is also very easy to read. It also offers you some quick tips to pass your exam.
This is another book that goes through all 8 topics under CISSP theory and keeps everything very simple and easy to understand. It has been written in a casual style that is also very easy to read. It also offers you some quick tips to pass your exam.
8) The Effective CISSP: Security and Risk Management by Wentz Wu: This book will take you through all 8 topics under CISSP theory. It will show you how to prepare for each topic of the CISSP exam, and also help you with some quick tips for passing your exam quickly too!
9) 70 Tips and Tricks for Mastering the CISSP Exam by R. Sarma Danturthi: A great book for beginners who are looking to study for their first CISSP exam. It will show you how to prepare for your exam and also has information about all the 8 topics under CISSP theory which will help you in passing your exam.
10) CISSP Guide to Security Essentials by Peter Gregory: A great book to pass your exam. It has all the eight CISSP exam topics covered in great detail. It is written in a very friendly and easy-to-understand style. It also offers you some quick tips to pass your exam quickly too!
Join CISSP Study Groups
Join the CISSP study groups on LinkedIn and get some serious assistance from various CISSP professionals! This is a great way to get your questions answered by people who have already gone through your same situation.
Here are the details of CISSP study groups on LinkedIn:
CISSP Study Group: https://www.linkedin.com/search/results/all/?keywords=CISSP%20groups&origin=GLOBAL_SEARCH_HEADER
Join the CISSP study groups on Facebook and get the latest CISSP news on Facebook!
CISSP Study Group: https://www.facebook.com/search/top?q=cissp
Conclusion
The CISSP exam is one of the most difficult tests for security professionals. You will have an intensive period of studying before you can attempt to write your exam. The problems in the exam are non-linear, and you may not find it easy to understand how they are going to be solved. It is important to practice and understand the different types of questions that may be asked in your actual exam. You should understand the different logical terminologies that are commonly used in the security field. The best way to prepare for the CISSP exam is to practice problems as many times as possible. David Mayer’s CISSP Practice Tests materials are very useful in preparing for your examination because they enable you to improve your time management skills and approach towards problem-solving.
You need to start preparing now! You do not want to wait until the last minute since you may actually be risking your career by waiting too long in order to take the CISSP exam. CISSP exam preparation is not an easy task, but if you follow my advice, you should have no problem to pass CISSP exam. Good luck, and study hard!
