How to pass the Certified Informations Systems Security Professional (CISSP) from scratch

Jan 17, 2020·
Jacob Larsen
Jacob Larsen
· 4 min read
Image credit: Unsplash

Introduction

Wow, what a journey. I am pleased to share that on the 27th December 2019 I successfully passed my CISSP exam, and I have now been awarded the Associate of (ISC)2 status.

This exam was incredibly difficult and required 3-6 months of preparation. I attempted the exam without the requirement of 5 years working experience which made it significantly more challenging.

The CISSP was my first attempt at completing a certification, with my background experience including a Bachelor’s Degree in Counterterrorism, Security and Intelligence, and one year experience as an Information Security Consultant.

I created this guide based on multiple requests from aspiring CISSPs. I hope it helps those beginning their journey towards CISSP certification and can provide some new insight.

Study Resources & Routine

  1. CISSP Subreddit For those beginning their journey to CISSP certification, I recommend exploring the CISSP subreddit. It contains a wealth of information and first-hand stories of those who have completed the certification, from absolute beginners to those that have been working in IT and security for 20+ years. You can also find discount codes for other study resources here.
  2. Kelly Handerhan’s Video Series Next I recommend watching and taking notes during Kelly Handerhan’s video series on Cybrary. She covers the basics in terms of the structure of the exam, the process of the certification and the domains included. If you are like me and struggled to read the official study guide (900 pages long), this is the best replacement as she makes the content quite engaging. I adjusted the speed of her videos to 1.5x to get through them faster.
  3. Derek Smith’s How To Pass The CISSP Exam Video Whilst this video is quite short and basic, it is very beneficial to watch before starting any practice tests. Derek teaches 5 exam tips and methods for deciphering the correct answer on questions that you might feel stumped on.
  4. Skillset Practice Tests Skillset’s practice tests are good to complete at the midway point to understand which domains you are above or below proficiency in. However, some of the questions asked do not seem to be applicable to the CISSP content which can be a little frustrating. However, I would still recommend completing them. If you sign up for 1 month of Skillset Pro and get your “readiness” score to 100%, which requires you completing ~2400 multiple choice questions, and you fail your first CISSP exam, you are eligible for a full refund and a replacement exam voucher valued at $699 USD or $1025 AUD. Use code “rcissp” to save 10% when purchasing Skillset Pro. This exam pass guarantee can remove some financial worries if you are pursuing the certification at your own expense.
  5. Sunflower CISSP Summary The Sunflower CISSP summary is exactly that. A 100-page long summary of concepts and topics broken down from each CISSP domain. I would recommend putting pen to paper and writing down each topic that you do not understand. Physically writing this down will boost your memory and ability to retain and understand the concepts. You could also write down the topics that you achieved below proficiency on from the Skillset multiple-choice tests.
  6. Kelly Handerhan’s Why You Will Pass The CISSP Video This video is probably the most important resource on this list. It is critical that you understand your role in the exam. Your role is to be a risk advisor, not a risk “fixer”. I would recommend watching this video again the morning of, and the day before your exam.
  7. Boson ExSim-Max For CISSP The Boson CISSP simulation practice tests are the best resource for determining whether you will be able to pass the exam. Boson offers 5 practice exams that can be completed in a simulation mode or a study mode. The study mode allows you to check whether your answers are right on a question-by-question basis, and provides an explanation for the correct answer referencing the official study guide book. The simulation mode mimics the conditions of the real exam, providing only a timer and count of questions that you have completed. I would advise that you do not book your CISSP exam until you are averaging 70-80% on the boson simulation mode practice exams. Use code “BOSONMICHAEL15P” for 15% off.
  8. Sunflower CISSP Summary 2.0 The second version of the sunflower CISSP summary is much more condensed, which is very useful to skim through in the last few days before you complete your exam.
Jacob Larsen
Authors
Jacob Larsen
Offensive Security Team Lead
I have a deep interest in threat research, and work as an offensive security team lead. I have a diverse background in strategic cyber advisory roles.