Confused about the requirements of CISSP

npsoni · June 2018

Hi guys, I have a couple of really noob questions about CISSP and I'd appreciate you helping me out here.

1. I have been working as a Linux system administrator for over 8 years that transitioned into DevOps role since about 3 years. Am I eligible for CISSP without anyone endorsing(?) me?
2. I see a lot of materials around and I've gone through a few reddit threads where people basically outlined how are they gonna study for the test.
3. Does it mean we're supposed to study ourselves and use the available apps (I read about a couple) for mock tests and then just appear for CISSP?

Basically, do they provide any book / video that you're supposed to learn from and then appear for the test or you just do it on your own and take the test?

Thanks!

Info_Sec_Wannabe · June 2018

npsoni wrote: »

1. I have been working as a Linux system administrator for over 8 years that transitioned into DevOps role since about 3 years. Am I eligible for CISSP without anyone endorsing(?) me?

Chances are you already meet the 5-year cumulative experience requirement given the roles and responsibilities of a system administrator. However, the endorsement process requires that a CISSP in good standing should endorse you or if you don't know one, you can have ISC2 endorse you instead.

For more info, I would refer you to the ISC2 site - https://www.isc2.org/Certifications/CISSP

npsoni wrote: »

2. I see a lot of materials around and I've gone through a few reddit threads where people basically outlined how are they gonna study for the test.

There are indeed lots of materials to choose from and I've seen a bunch of posts here in TE where they used the Sybex, Shon Harris AIO, 11th Hour, CBK books, etc. There are also available videos from Cybrary.it, ITPro.TV, PluralSight, Larry Greenblat, etc. If you are asking for a recommendation, I would suggest you to check for CISSP passed posts to give you an idea on how to prepare and what resources to use.

npsoni wrote: »

3. Does it mean we're supposed to study ourselves and use the available apps (I read about a couple) for mock tests and then just appear for CISSP?

Depends on how you learn stuff, I personally prepared for the exam through self study as I'm a bit slow when it comes to absorbing and understanding concepts and thus preferred to study at my own pace. I supplemented the 11th Hour book with Kelly's CISSP course in Cybrary.it, Google, practice exams and so on. There are also those who attended boot camps, joined study groups, etc.

npsoni wrote: »

Basically, do they provide any book / video that you're supposed to learn from and then appear for the test or you just do it on your own and take the test?

If what you're asking is whether the exam fee includes books or any other study / training materials, then it's a no. You have to purchase or obtain these separately.

cyberguypr · June 2018

OP, are you new to certification? Only asking because your questions sound very basic and lead me to believe you have never taken a cert. No problem with that, just making sure how much background we should provide so our answers make sense.

In regards to prep I want to clarify that the exam covers a wide common body of knowledge. No one book that you can find will cover everthing that you need to know for the test since it assumes you have working experience in some security areas. Your point about the Reddit posts is that we here call the "passed CISSP" threads. These provide excellent insight on the study regime members used to pass the test. This should give you an idea on the most common study resources around.

laurieH · June 2018

Certainly sounds like you should be ok with the experience requirement. However, you would still need someone to endorse your experience (or else get the (ISC)2 to do it (less preferable)).

Other than that passing the exam is the main hurdle - as you would expect that involves a fair bit of study and practice!

Confused about the requirements of CISSP

Comments