The Journey Begins - CISSP

ConflagrateCarl

Well, like most others in this sub-forum, I've decided to take the leap. More out of boredom than anything else, as I don't need the cert for my job and I'm not sure I'll ever need it. As far as experience, I've been working in IT for about 14 years, and doing security for about 8. I have Sec+, CEH, and CASP.

I started studying about a week ago and plan to take the test in about 6-8 weeks. So here's what I got and what I'm going to do:

1.) Sybex 8th Edition CISSP Study Guide

2.) 11th Hour Study Guide

3.) LinkedIn Learning CISSP Prep Course by Mike Chapple

4.) Android Pocket Prep - CISSP

5.) Sybex 2nd Edition CISSP Practice Tests (Just using the book for the wiley access) (1300 QUESTIONS)

6.) Boson ExSim CISSP Practice Exams (I bought the labs too [as a kit], but am most likely not going to use them) (750 QUESTIONS)

To get an idea of where I was starting out, I did some tests:

1.) I've taken 2 tests with Boson (150 questions each), and got a 72% and 73% respectively.

2.) I took 2 tests from the Sybex / Wiley website exam (150 questions each), and got a 78% and an 81%

I feel like the Boson is a lot harder and feels a bit more "conceptual"/"look inside yourself young padawan" based. That said, Boson has TONS of questions about databases and database security in it. The tests I have taken for Sybex/Wiley didn't have nearly as much focus on that. I would say that's one of my weaker areas, and that's definitely contributing the lower scores on the Boson exams. Guess I know what I need to study! Boson also gives you exam scores by domain, whereas Sybex/Wiley does not. So that's something I really like about Boson.

At this point, I've listened to all the LinkedIn Learning videos once, and am starting on a second run. I often just have it playing in my headphones at work, which means I can probably get through everything 5-6 times before I take the exam. I've also started going through the Sybex 8th Edition front to back, highlighting things I'm not familiar with and making flash cards. I should be done with my first read-through next week. After that I plan to focus on the flash cards and areas I need more work, and then start the 11th Hour Study Guide. When I'm not able to work through the books, I'll use the Android Pocket Prep. I'm going to keep doing this for the next 4-5 weeks, using fresh exams and questions on the weekends here and there (but not enough to just memorize answers). Then, about a week out, I'm going to start burning through all the exam questions I haven't seen to see if there are any that throw curve balls with regards to concepts/scenarios I haven't yet seen or had to think through.

Then I'll come back and say whether I passed or not. It seems like some people just need a sit-through to really grasp how the CISSP is structured, and I might be one of those people. The only thing I'd be out is the cash.

Best of luck to all who are currently studying, and congratulations to those who have passed!!

medic

Good luck!

The explanations Boson provides is where the value is.  I would take their tests set to always show the answers and read the full explanations, even if I got it right.  I would screenshot ones I felt I needed to review.   

ConflagrateCarl

Hey all, holy goodness bacon. The last 6 months have been insane. I started studying for the CISSP back at the end of January. I had the resources listed above and thought, I'll study for 4-6 weeks and knock this cert out. However, less than 2 weeks out from test day...all exams were cancelled due to COVID. I was so frustrated, and I just stopped studying. Fast forward to June, and my test center says they will be opening back up the 2nd week of July. So I decide to start studying for 2 weeks at the end of June. 

Because I had already gone through most of the above rotation, this time I just crammed as hard as I could for about 9 days, for about 8 hours a day. Long story short, I (provisionally) passed the CISSP yesterday. Let me give a quick overview of the materials and my experience with them. 

1.) Sybex 8th Edition CISSP Study Guide - This book was great. You have to have it. Maybe you can replace it with the CBK, but you need one or the other IMO. (10/10)

2.) 11th Hour Study Guide - Didn't really use it. Too high level, nothing really stuck out to me as great, and honestly I decided to use other resources during the cram phase. (3/10)

3.) LinkedIn Learning CISSP Prep Course by Mike Chapple - Great course, good high level overview of the domains, which complimented the Sybex book nicely. (8/10)

4.) Android Pocket Prep - CISSP - Honestly, I only did about 200q of the total questions and only during the cram phase. I loved the questions though. Definitely recommend for on-the-run tests. (8/10)

5.) Sybex 2nd Edition CISSP Practice Tests (Just using the book for the wiley access) (1300 QUESTIONS) - Honestly, you don't need this. I did all the questions, and they didn't seem to help much. (3/10)

6.) Boson ExSim CISSP Practice Exams (I bought the labs too [as a kit], but am most likely not going to use them) (750 QUESTIONS) - This is a great resource, not just for the questions, but for the explanations they provide. Hugely popular, and there's a reason for that. Between this and the Sybex book, these 2 resources can probably get you where you need to be! (10/10

As for the exam itself...like everyone and their uncle before me have said, it's an English test. They are seriously trying to gauge your understanding of business/legal terminology, as well as concepts to both secure and benefit your organization from a high level. It's that simple...but it's not easy. Hopefully that makes sense. I wish everyone the best with their studies, and I hope that you all can achieve whatever goal you set for yourselves! 

Stay safe everyone and take care!