What is not in the official CISSP study guide, is not on the exam?

student415student415 Member Posts: 10 ■□□□□□□□□□
Is it safe to assume, that what is not in the official CISSP study guide, will not be on the official CISSP exam? I think that's a safe assumption, right?


  • cyberguyprcyberguypr Mod Posts: 6,927 Mod
    I wouldn't assume that for any test. Many exams from different vendors cover topics that are not fully discussed in the official guides. ISC2 is not the exception. If it is related to the test objectives, then it's fair game.
  • JDMurrayJDMurray Admin Posts: 12,866 Admin
    The OIG is not the only resource used to write CISSP exam items. Therefore, I would assume that material not found in the OIG, but related to the ten CISSP CBK domains, can appear in the CISSP exam.

    I understand that you want to reduce the pile of information that you must study and memorize for the CISSP exam, but using only a single source of study material is rarely a formula for success. Also keep in mind that you don't need a score of 100% to pass the exam.
  • cdupuiscdupuis Inactive Imported Users Posts: 32 ■■□□□□□□□□
    I would not take for granted that if it is not within the ISC2 it will not be on the exam.

    You could get questions related to your five years of professional experience. The Candidate Information Bulletin is listing hundreds of references that are use within the CISSP exam.

    Books like the ISC2 book, the Shon Harris Book, and the Eric Conrad book are doing a great job at creating a summary. However, limiting yourself to what is in the official book might be a mistake.

    It is better to use the holistic approach and succeed with your exam.

    Best regards

  • student415student415 Member Posts: 10 ■□□□□□□□□□
    Thanks for clarifying. As JDMurray mentioned, I'm trying to reduce the amount of things I need to memorize. I've been studying the ISC2, Shon Harris, and Eric Conrad books. Many times, a topic covered in the Eric Conrad or Shon Harris book will not be mentioned in the ISC2 book. This made me ask myself the importance of these topics, if they are not even in the official study guide.
  • HumbeHumbe Member Posts: 202
    Memorizing is not a good thing for the CISSP exam.

    Hopefully you will get to understand the concepts.
  • student415student415 Member Posts: 10 ■□□□□□□□□□
    When you learn something, you probably want to remember what you learned. Remembering is a good thing. Obviously, I want to understand the concepts. When you are learning many new concepts, it tends to get more difficult to keep it all there.
  • ssehgssehg Member Posts: 69 ■■□□□□□□□□
    Understanding concepts is real important. You should read from couple of sources and do attempt questions. May be you can also attend a seminar or boot camp.
  • student415student415 Member Posts: 10 ■□□□□□□□□□
    I agree. Understanding the concepts is important. There are concepts not covered in the official CISSP study book that apparently you need to understand, such as SDLC/HDLC.
  • the_hutchthe_hutch Banned Posts: 827
    When I took the official ISC2 course for CISSP, our instructor gave us a link to a list of approximately 100 different resources (this can be found somewhere on ISC2's site, but I don't remember where). Anyways, all of these resources are where the questions can be drawn from. The official guide does as best it can to summarize the topics and hit the high points, but unless you memorize every single one of those resources, you will most likely see things on the test that you haven't seen in your studies.
Sign In or Register to comment.