CISSP - How to study and prepare?

AlwaysLearning2023

Hi,
I've got 20 years of experience in the IT field, 5 of which have been spent working in the networks, security and identity space. I've got a CompTia Security + certification, multiple Microsoft certs and a CCNA. I've got a reasonable awareness of information security, but I am not a dedicated security professional.

I'm looking at obtaining a CISSP certification over the next 12 months to improve my career prospects. I've had a look online and was wondering how feasible it is to pass the CISSP exam by doing self study and practice tests at home?

Some general advice and tips are much appreciated.

Also, are there rules around failing the exam? E.g. If you don't pass the first time, then you can't sit it again for x months?

Thanks,

Find more posts tagged with

cissp

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

E Double U

Check the (ISC)2 retake policy here https://www.isc2.org/Exams/After-Your-Exam

Retake Policy

For each of the CC, CISSP, CAP, CCSP, CSSLP, HCISPP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and SSCP certification programs, there are two independent rules that govern exam retake attempts:

Test-free days between retake attempts:

If you don’t pass the exam on your first attempt, you may retest after 30 test-free days.
If you don’t pass the exam on your second attempt, you may retest after 60 test-free days from your most recent exam attempt.
If you don’t pass the exam on your third attempt and for all subsequent retakes, you may retest after 90 test-free days from your most recent exam attempt.

Regarding feasibility, I do not know enough about you to determine 'how' feasible you are, but will say that your experience should be enough to give you the proper foundation going into the exam. Just study enough to fill the gaps. My CISSP journey began in 2014 and I passed on my third attempt in 2015 (see my thread here https://community.infosecinstitute.com/discussion/100032/cissp-hopeful#latest). Hopefully some more recent passers can chime in with tips and tricks.

Good luck!

wiredtitan

I'll be following this. I'm starting the CISSP this week.

I'm thinking read a book, watch video content, and memorize ISC^2's flashcards. Which is free btw.

srothman

You can absolutely do self study and practice questions at home. I have a similar experience to you, with around two decades of enterprise IT experience, of which about half of which is cloud and about 6 years security. I passed CISSP two weeks ago using three primary sources (coupled with experience) :

- Kelly Handerhan's course on Cybrary
- Luke Ahmed's book "Think like a manager for the CISSP"
- Destination CISSP : A concise guide <- this was my primary study reference and I highly recommend it.

This was my second ISC2 exam, and honestly, this is unlike any other technical exam you've done. Don't underestimate it, but don't overthink it either. I found it easier than the CCSP, and when you figure out how best to approach the format of questioning, it's not too bad.
Build stamina to sit a 150q exam, which is the maximum questions under the new exam format. It's a long one.

t3chl3ad3r

Hey everyone, I'm reading through this thread as I am also very interested in how you all approached studying/prepping for the CISSP.

I have the official CISSP study guide from Sybex, however, I would like some good video courses to accompany the text. Any platforms you all would recommend? I have used Udemy, PluralSight, etc. for previous certifications but haven't done much research yet.

dinger68

It has been awhile, but the only resources I used for both of my attempts (just missed it first time which was my fault as I didn't prepare well) I only used Sybex book and the Kelly H. videos on Cybrary.