CISSP - How to study and prepare?

AlwaysLearning2023AlwaysLearning2023 Member Posts: 1 ■■□□□□□□□□
I've got 20 years of experience in the IT field, 5 of which have been spent working in the networks, security and identity space. I've got a CompTia Security + certification, multiple Microsoft certs and a CCNA. I've got a reasonable awareness of information security, but I am not a dedicated security professional.

I'm looking at obtaining a CISSP certification over the next 12 months to improve my career prospects. I've had a look online and was wondering how feasible it is to pass the CISSP exam by doing self study and practice tests at home?

Some general advice and tips are much appreciated. 

Also, are there rules around failing the exam? E.g. If you don't pass the first time, then you can't sit it again for x months?



  • Options
    E Double UE Double U Member Posts: 2,229 ■■■■■■■■■■
    Check the (ISC)2 retake policy here https://www.isc2.org/Exams/After-Your-Exam

    Retake Policy

    For each of the CC, CISSP, CAP, CCSP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and SSCP certification programs, there are two independent rules that govern exam retake attempts:

    Test-free days between retake attempts:

    • If you don’t pass the exam on your first attempt, you may retest after 30 test-free days.
    • If you don’t pass the exam on your second attempt, you may retest after 60 test-free days from your most recent exam attempt.
    • If you don’t pass the exam on your third attempt and for all subsequent retakes, you may retest after 90 test-free days from your most recent exam attempt.

    Regarding feasibility, I do not know enough about you to determine 'how' feasible you are, but will say that your experience should be enough to give you the proper foundation going into the exam. Just study enough to fill the gaps. My CISSP journey began in 2014 and I passed on my third attempt in 2015 (see my thread here https://community.infosecinstitute.com/discussion/100032/cissp-hopeful#latest). Hopefully some more recent passers can chime in with tips and tricks.

    Good luck!

    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
  • Options
    wiredtitanwiredtitan Member Posts: 14 ■■■□□□□□□□
    I'll be following this. I'm starting the CISSP this week. 

    I'm thinking read a book, watch video content, and memorize ISC^2's flashcards. Which is free btw.
    CCNA, Security+ and other certifications that haven't been worth mentioning
  • Options
    srothmansrothman Member Posts: 75 ■■■□□□□□□□
    You can absolutely do self study and practice questions at home. I have a similar experience to you, with around two decades of enterprise IT experience, of which about half of which is cloud and about 6 years security. I passed CISSP two weeks ago using three primary sources (coupled with experience) :

    - Kelly Handerhan's course on Cybrary
    - Luke Ahmed's book "Think like a manager for the CISSP"
    - Destination CISSP : A concise guide <- this was my primary study reference and I highly recommend it.

    This was my second ISC2 exam, and honestly, this is unlike any other technical exam you've done. Don't underestimate it, but don't overthink it either. I found it easier than the CCSP, and when you figure out how best to approach the format of questioning, it's not too bad.
    Build stamina to sit a 150q exam, which is the maximum questions under the new exam format. It's a long one.
Sign In or Register to comment.