nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Diving Into CISSP

deathbatcountry

I planned to start this after the new year, but things out of my control have pushed me to start it now.

Last Summer I obtained my Sec+, then at the beginning of 2018 I got CySA+, and this past September I conquered CASP. So the next logical step is CISSP.

I'm currently reading the Sybex 8th edition book. Fortunately, so much of this is a mix of the previous 3 certs I've already got, that I feel relatively good going into it. Although the sheer size and scope of CISSP are a bit intimidating.

I will say the CISSP section on Cryptography is FAR more in-depth than anything covered in Sec+, CySA+, and even CASP, which has me a little worried.

I do well on the chapter review questions and passed the assessment test at the beginning of the book. I also plan to watch the Cybrary CISSP series by Kelly Handerhan. I watched her CASP series and enjoyed it.

I've downloaded some CISSP apps on my phone and do pretty well with those practice questions. I've seen some people who have taken CASP and CISSP say they thought CASP was a bit more challenging because of its heavy technical aspect.

I will say I've heard that the CISSP questions are worded so poorly that you almost need an English decoder ring to understand what they're asking. Actually, a few of the questions in the Sybex book are worded awfully too.

I feel good going into CISSP, but there is just so much stuff to take in (although most of it I've already covered). I think I'm psyching myself out some.

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

CyberJosh95

Don't psych yourself out. Its all repetitive. There's only so much you can know about the CIA triad, OSI model, etc. I would say to just focus on your weak areas. For the CISSP mine was the SDLC, so I didn't focus too much on the other domains.

Keep on pushing, it doesn't have to be a sprint to get the cert, can be a marathon if that makes you feel better about grasping the information.

COBOL_DOS_ERA

Good Luck with the exam, try to do lots of exam questions from different sites to get a different kind of feel. I believe the biggest complaint with CISSP is how ISC2 words those question in a convoluted way. As they say while answering CISSP questions, think like a manager and ask questions like a lawyer to answer those convoluted questions.

deathbatcountry

Wow. I figured the knowledge I have picked up from my 3 other certs would help me out with CISSP (and some of it has) but holy heck the Sybex book is INSANELY overwhelming.