Diving Into CISSP

deathbatcountry

I planned to start this after the new year, but things out of my control have pushed me to start it now. 

Last Summer I obtained my Sec+, then at the beginning of 2018 I got CySA+, and this past September I conquered CASP. So the next logical step is CISSP. 

I'm currently reading the Sybex 8th edition book. Fortunately, so much of this is a mix of the previous 3 certs I've already got, that I feel relatively good going into it. Although the sheer size and scope of CISSP are a bit intimidating.

I will say the CISSP section on Cryptography is FAR more in-depth than anything covered in Sec+, CySA+, and even CASP, which has me a little worried.

I do well on the chapter review questions and passed the assessment test at the beginning of the book. I also plan to watch the Cybrary CISSP series by Kelly Handerhan. I watched her CASP series and enjoyed it. 

I've downloaded some CISSP apps on my phone and do pretty well with those practice questions. I've seen some people who have taken CASP and CISSP say they thought CASP was a bit more challenging because of its heavy technical aspect. 

I will say I've heard that the CISSP questions are worded so poorly that you almost need an English decoder ring to understand what they're asking. Actually, a few of the questions in the Sybex book are worded awfully too. 

I feel good going into CISSP, but there is just so much stuff to take in (although most of it I've already covered). I think I'm psyching myself out some. 

CyberJosh95

Don't psych yourself out. Its all repetitive. There's only so much you can know about the CIA triad, OSI model, etc. I would say to just focus on your weak areas. For the CISSP mine was the SDLC, so I didn't focus too much on the other domains.

Keep on pushing, it doesn't have to be a sprint to get the cert, can be a marathon if that makes you feel better about grasping the information.