2018 CISSP Study Guide question

tedjamestedjames Scruffy-looking nerfherdrPosts: 868Registered Members ■■■■□□□□□□
I've started preparing for the CISSP exam. I'm planning to take it later this year and definitely after they update the test in April. No problem. I've downloaded the exam objectives and am using that as the basis for my study plan. I've compared the new objectives with the old and found there's not much difference. I'm using some free sources such as Cybrary and FedVTE, and I have access to the Eric Conrad book on Skillsoft (paid for by my agency). I would like to have yet another point of view, so I've started looking at the official guide. Many of the reviews state that this guide is crapola.


However, the Sybex book, written by Darril Gibson, et al, has glowing reviews. And honestly, if it's anywhere close to being as good as Gibson's Security+ book, I'm sold.


The only thing is that these guides were written for the 2015 test. I realize that not much will change. So, my question (finally!): Should I wait for the Sybex book to be updated or just buy the 2015 version?


  • SteveLavoieSteveLavoie Posts: 551Registered Members ■■■■□□□□□□
    I think that 90% of the exam will be the same. CISSP is mostly a concept exam and those don't change every 3 years. Sure they will add few cloud and IoT material, but you can begin to study with the 2015 book.

    I saw on CCure the comparison between both exam, and it is not taht big
  • CingularCingular Posts: 81Registered Members ■■□□□□□□□□
    In my opinion it is definitely worth buying the Sybex OCG 2015 version. Don't waste your time with the Official CBK...I bough the hardcover off Amazon last year to begin my studies with it and couldn't make it past 20-30 pages before looking at other options. The CBK is just wayyyyy to dry and full of too much garble that isn't all that necessary.

    I recently passed the new CAT exam last Friday and I used the following resources:

    1. Eric Conrad's CISSP Study Guide (3rd Edition)
    2. 11th Hour CISSP by Eric Conrad (Recommend reading this ~1 week before exam)
    3. Sybex ISC2 Official Study Guide 7th Edition
    4. ISC2 Official Practice Tests (100 domain focused exam prep questions)
    5. Sunflower CISSP PDF

    EDIT: I also used Kelly's Cybrary CISSP series in MP3 format on my phone to cram while commuting to/from work every day.

    Enjoy the journey to becoming a CISSP. Good luck! :D
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 868Registered Members ■■■■□□□□□□
    Thanks! This is all great advice!
  • NEODREAMNEODREAM Posts: 116Registered Members
    tedjames wrote: »
    Thanks! This is all great advice!

    Passed the CISSP yesterday and received the confirmation earlier this morning. I see you have your SSCP as well, I also have mine and would say it provides a good basis for the the questions that are more technically oriented.

    CISSP is more policy heavy for sure than the SSCP but I can echo others in the thread by confirming that 11th Hour book is a great resource. I'd also recommend going through various testing engines...I used the CISSP iOS App along with the Transcender engine. The questions are worded similar and will be provide you a feel for how to think about them.

    Good rules to follow during the test:
    1. Read the questions at least 3 times and eliminate at least 2 of the answers
    2. Apply CIA/AAA concepts when you can
    3. Human life is ALWAYS the #1 concern
    4. Try to think like a manager and get out of technician's mindset
    5. When solving for a problem think about:
    - Why did X happen?
    - How can we make sure it doesn't happen again?
    6. Always try to implement a solution that will save the company money while solving for the problem
    7. Fix problems permanently and not temporarily!

    Good luck to you, and remember in the CAT format once you answer a question you can't go back to change it.
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 868Registered Members ■■■■□□□□□□
    Excellent advice, Neodream! And congrats on your pass today!

    I plan to include the 11th Hour guide in my study plan. What I've studied so far is mostly review from SSCP and what I've learned on the job. I will definitely use your rules.

    I am under no pressure from work to earn CISSP. The boss is cheering me on. The only pressure is from myself. I want to get this out of the way so I can get back to learning penetration testing.

    Thanks again!
  • beadsbeads Posts: 1,403Registered Members ■■■■■■■■□□
    From what the ISC(2) board moderators have said April update appears to be a bit more on the side of housekeeping and clean-up and less any material or factual changes.

    We'll understand more when the next question writing weekend happens.

    - b/eads
  • tedjamestedjames Scruffy-looking nerfherdr Posts: 868Registered Members ■■■■□□□□□□
    Cingular wrote: »
    5. Sunflower CISSP PDF

    You can find this here along with lots of great CISSP-related resources: https://www.studynotesandtheory.com/
  • anthonxanthonx Member We the NorthPosts: 75Registered Members ■■■□□□□□□□
    27 days to go before April 15, 2018. So anyone here registered for the new exam format? So many resources and not have enough time to go through all of them. Planning to take the CISSP exam this year but got sidetrack with another ISACA exam.

    EDIT: Just found out it starts April 15, 2018.
    My signature
  • laurieHlaurieH Posts: 86Registered Members ■■□□□□□□□□
    As others have suggested I would recommend getting hold of the current version of the Sybex Official Study Guide. That's what I used along with some of my own study materials and I passed first time.

    Much of the concepts in the syllabus are decades old and don't really change so although it's worth knowing which areas are new it probably isn't going to be a massive change.

    Good luck and let us know how you get on. :D
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
  • hawklhrpakhawklhrpak Posts: 3Registered Users ■□□□□□□□□□
    I recently passed the exam CAT based in first attempt. My feelings about exam preparation is, you must understand the concept whatever is written in ISC2 Course Outline.
    I totally deny the quote about CISSP (Its two inches deep and 1 mile wide). No SIR; its miles deep and miles wide. You can read any book which covers the course content proposed by ISC2 and try to understand deeply and thoroughly. Don't just skim over, ISC2 ask questions from anywhere.
  • greeneongreeneon Posts: 40Registered Members ■■□□□□□□□□
    Thanks all for the advice!
  • sameojsameoj Posts: 366Registered Members ■■■□□□□□□□
    Good advice.
  • NavyMooseCCNANavyMooseCCNA Stand-up Philosopher ZZ9ZZAPosts: 513Registered Members ■■■□□□□□□□
    I would love it if they got rid of the crap that is legacy...like token ring networks, caesar ciphers, how many rotors on X....for a management level exam there is a ton of minutia.

    'My dear you are ugly, but tomorrow I shall be sober and you will still be ugly' Winston Churchil

  • franziskanerfranziskaner Posts: 20Registered Members ■□□□□□□□□□
    I would love it if they got rid of the crap that is legacy...like token ring networks, caesar ciphers, how many rotors on X....for a management level exam there is a ton of minutia.

    Exactly, I've been thinking about this a lot as I sit the exam in 2 weeks. I don't really want to have to memorise the different properties of network cables, distance of the various wifi signals, bit length for all the different ciphers etc

    Seems at odds with the idea of this being a management exam.
Sign In or Register to comment.