Certified Information Systems Security Professional (CISSP) is one of the leading well-known vendor-neutral challenging certifications that can prove your cybersecurity expertise. Once you start preparing for CISSP, you will quickly realize that it covers a huge list of topics spread across 8 domains as shown below.
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communications and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Personally, I started preparing by using the Official CISSP version 7 Study Guide. I quickly realized that reading the chapters and taking the practice questions is not enough for me as there is so much to cover and I tend to lose focus. The book itself is an excellent resource and it covers every single objective in depth. I checked the newer version 8 of the book and the differences are minimal so I didn’t consider to get the new book. However, I am a visual learner so I started searching for online training videos to complement the official study guide.
The main resource that I have used is the Complete CISSP Video course by Sari Greene available on Safari Online. This course offered a detailed overview for every objective and the flash card challenge at the end of each module helped me to remember the topics. It is really an excellent course.
The second resource that I have used is also available from Safari Live Online Training and offered by Sari Greene as well. I joined her 2 days / 4 hours sessions titled “CISSP Crash Course“ and it gave me a proper structure and refresher for each domain. Also, the shared PDFs were very useful while reviewing in the last days before the exam. These sessions are recorded and are available every few weeks.
The third resource that I have used is also available from Safari Live Online Training and offered by Sari Greene as well. I attended one of her sessions titled CISSP Certification Practice Questions and Exam Strategies and I found it to be useful. However, I still felt I needed more practice.
I decided to buy the official practice tests from CISSP which was my fourth resource. I registered the book online and I started doing practice tests at Wiley ACE . By taking some practice tests, I quickly determined the topics that I didn’t master yet. This helped me know which topics to review or study again. Once I reached a level of passing the exams with 75% or more, I decided to book an appointment for the exam.
Few days before the exam, I decided to review using Kelly Handerhan CISSP 8 Domain Slides which acted as my fifth resource. These 508 easy-to-read slides summarized the whole CISSP course and were very helpful for final content review. Kelly offers as well a complete free training course at Cybrary which I used for specific topics as well. Her course is as well a great resource that can be used and it is for free!
Finally, 2 days before the exam, I used this excellent CISSP Cheat Sheet written by Maarten de Frankrijker and revised by Christian Reina and Steve Warnock. This sixth resource had every single detail about CISSP exam properly documented in 36 pages!
On Sept 17, I took the exam and managed to pass it on my first attempt. I felt it was a reasonable exam with an acceptable difficulty level. On Sept 24, I completed the application and endorsement and on Oct 25, I got the news that my application was accepted. I then had to pay 125$ again for annual maintenance fees which surprised me knowing that the exam cost alone was 700$ without VAT! I was expecting these fees after the 3 years certificate validity!
Finally, as I always say, certification is a journey not a destination itself. The most important thing is to focus on learning and gaining knowledge while preparing for any certification and not focus on attaining the certification itself. The more you will learn the more you will realize how much you don’t know. So keep on learning and moving forward in your career!