CISSP hopeful

E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
Hello everybody!

I just began my CISSP studies using the 6th edition Shon Harris book and would like to know what other study materials you guys recommend.

I didn't bother getting the ISC CBK 3rd edition because the AIO book has better reviews on Amazon. But I will reconsider if people here feel it was useful (and if my boss reimburses for it :)).

I'm only on the 3rd domain so far, but I feel I understand the material. I've been in IT for a decade now with 5+ years of networking and 2 years of security.

I'm new here so I'm looking forward to hearing from you all.
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
«1

Comments

  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    Welcome aboard. Make sure you search for the "passed CISSP" threads as many of us have fully documented our study plans and resources.

    Best of luck!
  • TheProfezzorTheProfezzor Member Posts: 204 ■■■□□□□□□□
    There are 3-4 resources, that have been recommended by different test takers. Here is the list of the resources:

    1- AIO Guide to CISSP CBK 6th (Shon Harris)
    2- ISC2 Official Guide to CISSP CBK 3rd
    3- Guide to CISSP CBK 2nd (Eric Conrad)
    4- CISSP for Dummies 4th
    5- CISSP Study Guide 6th (Sybex)
    6- CISSP 11th Hour 2nd (Eric Conrad)

    Now, people have their reasons for going for a particular resource and not opting for the others. Some say AIO is too verbose and full of things that aren't even required, others say Eric Conrad's book is too precise and leaves out some important information. What I've learned from many people who have already taken the test is, not to go for only one resource and try to mix authors to get a good, comprehensive understanding. People say that the official guide is too difficult to understand.

    My suggestion to you is to finish AIO from cover to cover and then choose either Official Guide, Eric Conrad 2nd or the Sybex 6th. All of these books are good. Then get your hands on a lot of practice questions and see where you lack. Hopefully, you will be prepared in a few months.


    Good Luck.
    OSCP: Loading . . .
  • jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
    I'd recommend highly the 6th edition Sybex CISSP guide. Didn't read too much of the All in One (did I really need to know how a key and tumbler work exactly...?) but the summaries, end of chapter reviews and bullets, and practice questions were good.

    11th Hour is great for when you're getting close to the test.
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
  • MSP-ITMSP-IT Member Posts: 752 ■■■□□□□□□□
    How long until you sit the exam?
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    Thanks for the feedback guys! I will look into those other resources when once I've completed the Shon Harris book.

    Taking my family to The Netherlands on August 23rd so I'm hoping to complete the exam before then so I can completely unwind while on vacation. The cert isn't required for my position so there is no deadline. I'll schedule the test when I'm tired of studying like I've done with Cisco exams :D
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
    What study plans do you have in mind?
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
  • NimrodHunterNimrodHunter Member Posts: 42 ■■□□□□□□□□
    E Double U, I used SH AIO 6th ed, EC CISSP Study Guide 2nd ed and 11th hour, and Michael Gregg Exam Cram. I also viewed the CBT nuggets video series. I unfortunately did pay for cccure and transcendar based on others post, but I personally did not find them helpful whatsoever. That's just me, I cannot speak for anyone else.

    This test truly did my experience in IT and nothing you read or practice with will truly prepare you for what will be on the test. You must use the knowledge you are about to learn and your experience in order to be able to answer correctly. I don't mean to scare you, but it was a difficult test and I hope to never have to take it again and to use CPE's from here on out.

    Also, one thing that I read which made a world of sense, Shon Harris, Eric Conrad, Michael Gregg, or any other author does not decide what is or isn't on the test. ISC2 does and perhaps purchasing their book may help you on your quest. I didn't purchase it, but if I happened to fail, that was going to be the first and only other thing I purchased in preparation for the retest... Thank god it didn't come to that.

    Good luck to you.
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    I did download CBT nuggets so I'll get started on those soon.

    So far I've just being reading a chapter, answering the questions at the end, and then going through all of the questions for that domain on the Total Tester disc that came with the AIO book. I didn't plan on purchasing practice exams (I'm so frugal), but I have been using the quizzes on freepracticetest.org.

    I think I just might order the ISC2 CBK book as well. I already printed out the sunflower pdf someone else mentioned.

    I'll just have to remind myself to think like a manager when I take the exam as I've seen several of you mention in other threads. I've been such a Cisco guy for the past few years all I think about is technical stuff. I prefer jumping on equipment and learning by trial/error, but that is not an option with this.

    Thanks for all of the replies guys. It is very much appreciated.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • LionelTeoLionelTeo Member Posts: 526 ■■■■■■■□□□
    I would recommend a hybrid. A precise books like Conrads type and then a very verbose book like Shon Harris or Official Book. In this way, you get the best of both, an in depth understanding in each chapter and a precise area to focus on so you do not have lost in the thousands of words on the verbose books.
  • NimrodHunterNimrodHunter Member Posts: 42 ■■□□□□□□□□
    @E Double U, the hardest part about thinking like a manager is ... no one will teach you to think or react like a manger. This comes from experience and working with people. Just make sure you know the ISC2 code of ethics and in the order they are stated, this will help you also.
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    Thanks for the info!

    Just completed chapter 4 and now off to Physical & Environmental Security.

    Random: I just saw that my company has an internal course in the catalog for Security+ SY0-301. Is it even worth my time to look into it since I already have CCNP Security and I'm working on CISSP?
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
    I wouldn't bother with Security+ if you're going to go for CISSP.
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    Finished reading AIO 6th & ISC2 Official Guide to CISSP CBK 3rd.

    Took a 250 question practice exam from the disc in the Shon Harris book and got an 80%. How close are these questions to the real deal?

    I really need to work on Software Development Security (12 out of 21 - 57.1%) and Cryptography (10 out of 21 - 47.6%).
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • victor58victor58 Member Posts: 25 ■□□□□□□□□□
    Buddy, When are you planning to take the exam?
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    I'm thinking a few weeks.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
    Not sure about your area, but I'd recommend scheduling a few weeks out (about a month) because there are never any seats available on short notice at the two testing centers that offer CISSP here. A coworker of mine had to drive 2 hours to the testing center to take the test on short notice.
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
  • DaBumDaBum Member Posts: 5 ■□□□□□□□□□
    11th hour for the last few days of study only AIO and CBK were my primary study guides.
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    Took it today and didn't pass icon_cry.gif. Oh well, I'll try again in a few months. Guess I switch up the study material. I went through Conrad's 11th Hour over the weekend, but I guess now I'll try his study guide and the Sybex as I've seen other people mention.

    After years of Cisco I guess I have a hard time transitioning from technical thought to thinking like a manager.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • ExpectExpect Member Posts: 252 ■■■■□□□□□□
    sorry to hear, don't give up.

    what was your study plan? and what score did you get? weakest domains?
  • TechGuy215TechGuy215 Member Posts: 404 ■■■■□□□□□□
    I'm sitting this on September 13th (this will be my second attempt). Last go around I got killed in domains 4 and 7, although I still came close.

    Keep your head up, its a tough exam I'm sure you'll nail it next time! icon_thumright.gif
    * Currently pursuing: PhD: Information Security and Information Assurance
    * Certifications: CISSP, CEH, CHFI, CCNA:Sec, CCNA:R&S, CWNA, ITILv3, VCA-DCV, LPIC-1, A+, Network+, Security+, Linux+, Project+, and many more...
    * Degrees: MSc: Cybersecurity and Information Assurance; BSc: Information Technology - Security; AAS: IT Network Systems Administration
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    I would read a domain in the AIO + end of chapters questions then read that same domain in ISC2 CBK + end of chapter questions. Then I would go through all of the questions on that domain using the Total Tester disc that came with AIO. After completing that I went through the comprehensive questions at the end of AIO. Then I reviewed both books again taking notes on what I thought was most important and went through as many questions as I could each day on Total Tester. Over the weekend I went through 11th Hour and compared that to my notes. I'll need to switch it up this time since that didn't work. I'll get Eric Conrad's study guide

    My weakest domains were (in this order) physical/env sec (this surprised me), sec architecture/design, info sec gov/risk mgmt, and software dev sec.

    Too embarrassed to tell my score lol. I want to try again in early November.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    Failed my 2nd attempt yesterday (676 score). Hurts to get so close and not pass, but oh well. I have to wait 90 days to take it again so spring it is.

    My weakest domains were software development security and cryptography. What sucks is I as got close to the test date I knew I wouldn't be able to complete all of the material I had planned to go over. So I focused on my weakest domains from the previous test (physical/environmental security, security architecture & design) and of course I did well on those. My score reports are basically reversed lol.

    Sucks to throw another $599 down the drain (plus $50 for rescheduling), but at least I'll continue learning since I'll keep on studying icon_smile.gif
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • dinhtqdinhtq Member Posts: 24 ■■■□□□□□□□
    E Double U wrote: »
    Failed my 2nd attempt yesterday (676 score). Hurts to get so close and not pass, but oh well. I have to wait 90 days to take it again so spring it is.

    My weakest domains were software development security and cryptography. What sucks is I as got close to the test date I knew I wouldn't be able to complete all of the material I had planned to go over. So I focused on my weakest domains from the previous test (physical/environmental security, security architecture & design) and of course I did well on those. My score reports are basically reversed lol.

    Sucks to throw another $599 down the drain (plus $50 for rescheduling), but at least I'll continue learning since I'll keep on studying icon_smile.gif


    Hiii E Double U,

    I same you , but i fail 4 times , and will try again ....
    I'm vietnamese may be my english not very well to exam . When i read alot of question that i dont translate to my language to understand , so may be i check mistake answer .

    Hey, we try agian ....

    Merry christmas!
  • CyberscumCyberscum Member Posts: 795 ■■■■■□□□□□
    Sucks balls man but keep your head up, I hate to see people fail this test.

    1. What is the test taking strategy you are using?
    2. How/What materials are you using?
  • H3||scr3amH3||scr3am Member Posts: 564 ■■■■□□□□□□
    I'd really like to suggest the Certified Exam Cram CISSP book to add to your study materials, if nothing more, it comes with a great CISSP **** sheet that you can review prior to placing all your things in the locker at the testing center. It's one of the 2 resources I used and I passed, so I highly suggest it. I've used exam cram materials for multiple certifications now and have never found issues with them. Best of luck on your next attempt :D
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    @ H3||scr3am - I can check out Exam Cram. I have to do something different lol.


    @ dinhtq - Wow 4 times man! You are definitely a trooper lol.


    @ Cyberscum - This time around I used Eric Conrad's study guide. Reviewed the areas I marked in AIO and ISC2 CBK. Did the McGraw-Hill online practice exams and Total Tester questions. Also 11th hour.
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • RocketBetaRocketBeta Registered Users Posts: 4 ■□□□□□□□□□
    I second the use of Sybex's CISSP study guide, 6th ed. Although I used Conrad's book primarily, the Sybex guide comes with 3 full practice exams in addition to the end of chapter tests for roughly 1,000 sample test questions. I think the key was that the test questions are roughly comparable in difficulty to the actual exam.

    Good luck bro, you got this!
  • E Double UE Double U Member Posts: 2,239 ■■■■■■■■■■
    Sybex and Exam Cram it is!
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • chickenlicken09chickenlicken09 Member Posts: 537 ■■■■□□□□□□
    hey, could you post a link to the exam cram book? Cant seem to find it.
  • jvrlopezjvrlopez Member Posts: 913 ■■■■□□□□□□
    And so you touch this limit, something happens and you suddenly can go a little bit further. With your mind power, your determination, your instinct, and the experience as well, you can fly very high. ~Ayrton Senna
Sign In or Register to comment.