CISSP-Study-Guide

I created this study guide to help cyber professionals pass the CISSP exam.

Schedule and Pay for the Exam

• The first step in stuyding is to register for the exam.
• Initially, I gave myself four months to study since I had a full time job and a family.
  After reading all the material below, I needed another month to go over practice questions and practice exams.
• Studying time varies with each person, allow enough flexibility to provide breathing room, but enough structure to stay focus.
• With scheduling the exam, you are committing your mind, body, and wallet to studying.

Visual Success

• Each morning and evening I wrote, I will pass the CISSP on my first try!, ten times.
• Visualization of success helps with motivation and staying positive when navigating through uncertainty.

Study and Sit for an intro Cloud Certification Exam

• By studying for and passing an introductory cloud exam, I built good study habits and gained confidence.
• In addition, basic security principles are covered in the exam.
  • AWS Cloud Practitioner Exam
  • MS AZ-900 Exam
  • Google Cloud Digital Leader

Understand the Major Cybersecurity Principles

• CIA Triad
• Data Security/Classification
• Privacy
• Defense in depth
• Identification
• Authentication, authorization, and accounting (AAA)
• Multifactor Authentication (MFA)
• Least Privilege
• Non-repudiation
• Risk
• Resilience
• CSF - Govern, Identify, Protect, Detect, Respond, & Recover
• Web Application Security (OWASP Top Ten)

Understand the Major Processes related to Cybersecurity

• Risk Management
• Business Impact Analysis (BIA)
• Change Management
• Data Lifecycle
• Business Continuity/Disaster Recovery
• Incident Response
• Penetration Testing
• Software Development Lifecycle
• Identity Access & Management (IAM) Provisioning Lifecycle

Post-Exam Reflections

• Think like a Manager, not a techie. Follow the process! Kelly Handerhan was right!
• Spock vs Captain Kirk! Thanks Larry.
• The CISSP exam is not just a cybersecurity exam but a comprehension exam.
• Take your time to understand what the ask is in the question.
• View Larry Greenblatt's CISSP videos as many times as possible in order to understand the mindset for answering questions on the CISSP exam.
• Set aside a month to take and to review practice exam questions. I went over 3,000 exam questions which helped me identify my weak areas.
• Avoid taking practice exams over and over again. Understand why an anwer is correct or not, and the underlying cyber principles.

Resources

These resources were my main areas for studying, but there are many free resources about the CISSP. I limited my resources in order to keep my focus.

• CISSP subreddit
• CCSP I found this website after I took my exam but it is great site for security principles/laws that are covered in the CISSP.
• Boson CISSP Practice Exams
• Official CISSP Study Guide and Practice Exams Please confirm the latest edition.
• Larry Greenblatt's 2018 CISSP Videos
• Mike Chapple's LinkedIn CISSP course
• SOC auditing reports
• NIST CSF
• NIST Glossary