Certified Information System Security Professional (CISSP) – The World’s Premier Cybersecurity Certification. Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program.
I first got interested in pursuing the CISSP Certification two years ago after completing my CCNA Cyber Ops Certification but couldn’t bring myself around to undertake the task due to…. well I dont know….
I have completed my CISSP exam and been Certified recently and I would like to share my process which I am confident will help you complete the certification in a period of 60days or less.
Rules of thumb
The only reason to start something is to finish it. Its in this light I recommend that the first task you undertake is to start with the end goal in mind. Register for the exam before you start reading, put your money on the line, set a deadline and your mind will work to accomplish the task.
Determine the desired date for the exam by estimating the time it will take you to cover the content required to pass the exam depending on the volume of the content and your speed of study.
Study Tips
To study effectively in a short period of time and remember what you studied, you need to understand how the mind works under the hood when it comes to the study process.
Study Less Study Smart: After about 25 minutes of study your ability to absorb content drastically reduces making no difference on your knowledge. To circumvent this limitation make sure to take a short break before your mind hits a slump as a way of resetting your minds ability to retain information. (For more on this watch Marty Lobdell – Study Less Study Smart https://www.youtube.com/watch?v=IlU-zDU6aQ0 I insist you should watch this, it will be worth your time)
The Pomodoro Technique: I use the Pomodoro Technique to solve this problem, basically you set a timer of 25 minutes to study when the alarm rings, you take a 5 minutes break. After 4 iterations you take a long break of 30 minutes then repeat the process. You can use this Pomodoro Timer on your phone for this task https://play.google.com/store/apps/details?id=com.tatkovlab.pomodorolite
(If interested you can read the original Paper on The Pomodoro Technique by Francesco Cirillo)
How to study
You will need to put in the work to study there is no shortcut for this.
You will need to cover three books in preparation for the certification exam and one online free course provided by (ISC)2.
- CISSP Official Study Guide, Eigth Edition by Mike Chapple, James Michael Stewart, Darril Gibson
- CISSP Official Practice Tests, Second Edition by Mike Chapple, David Seidl (A companion Question Answer book of book number 1)
- The Official (ISC)2 Guide to the CISSP CBK Reference, 5th Edition by John Warsinkse
- Official (ISC)² CISSP® Review https://enroll.isc2.org/product?catalog=ISC2-CISSP-RVW-PUB
- Read the prescribed Frameworks and Standards
Note: Set a timeline that you are comfortable with, I set these timelines as a benchmark to register for the exams before studying so that I would force myself to stay on schedule and not be sidetracked along the way.
I recommend you start with CISSP Official Study Guide by Mike Chapple the 1001 pages took me 10days to read at a rate of approximately 100pages a day.
Next review the questions in the companion book CISSP Official Practice Tests by Mike Chapple, do the questions without looking at the answers and record your score using the marking scheme in the appendix this took me about 5 days to complete.
Now read The Official (ISC)2 Guide to the CISSP CBK Reference, 5th Edition paying close attention to the chapters that you didn’t perform well in the Question Answer book. The 1600 pages took me 15 days to complete at a rate of about 100pages a day.
Complete the free Official (ISC)² CISSP® Review Course, this course helped me know where my strength and weaknesses were after my studies and also shared some important information on the standards and frameworks that you need to be familiar with before the exams.
Frameworks/Standards required;
- ISO 27000
- NIST FIPS 140-2
- NIST SP 800-53
- NIST FIPS 199
- NIST SP 800-37
Exam Tips.
Read question, read answers, read question again before answering.
The CISSP exam does not test how much content you remember from the book, it test your reasoning, your logic and deduction skills. You will mostly find that your ability to start by elimitating the wrong answers first till you settle on the correct answer is more reasonable because you wont know the answer up front.
Follow your instincts, after all that reading trust your mind to select the right answer. Usually you can eliminate the two wrong answers first, then for the remaining two answers ask yourself what your manager would do.
Pick the managerial answer, even though it was going against my instinct to answer with the technical answer since I have a technical background. This was REALLY hard to do and felt wrong but I kept hearing Kelly’s voice in my head. Remember, technical people are much more likely to fail because of this mindset which is bad for the exam itself.
Remember, a lot of people fail the CISSP exam by approaching it from a technical point of view instead of a managerial point of view. Therefore set aside your long experience in technical execution and think like your manager.
Use the Code of Ethics to help answer questions as well. Remember safety/well-being is the number one priority in Security.
Conclusion
The only reason to start something is to finish it, therefore start with the end in mind and work backwards.
I cannot stress enough how important it is to have a short deadline and start with the end in mind…. you are more likely to succeed when you do that.