All about CISSP

Hi Folks,

Recently I acquired CISSP (Certififed Information System Security Professional) Certificate and the exam was really a tough one. Once I cleared the exam, I started getting calls from my friends and colleagues who would ask me the tips of passing the exam like what they should study and what should be the correct approach to nail the one of the toughest exam in security domain.

So I thought of summarizing it here so it will be easy for me to just send the link of this blog to my friends and it may prove beneficial for other aspirants as well.

The facts about CISSP exam are all available on internet like the CISSP Certification is governed by International Information Systems Security Certification Consortium, also known as (ISC)². This Certificate has been approved by United States DoD (Department of Defense). There are around 100 thousands CISSP around the world as of now. CISSP contains 10 domains which are as follows

1.Access control
2.Telecommunications and network security
3.Information security governance and risk management
4.Software development security
5.Cryptography
6.Security architecture and design
7.Operations security
8.Business continuity and disaster recovery planning
9.Legal, regulations, investigations and compliance
10.Physical (environmental) security

This is an online exam and can be booked via Pearson VUE. The fee is $599 for one attempt. The exam contains 250 questions which are mostly cognitive and you get 6 hours for the exam.

Once you pass the exam, you need to get endorsement from one of the existing CISSP holder to become Certified. You have the option of becoming Associate ISC2 in case you do not possess the minimum requirement of work experience to get the endorsement.

Now comes the tricky part - The preparation. There are lots of good writers and trainer for CISSP but I studied Shon Harris, She had a wonderful ability to describe the lengthy and boring subjects with so much ease and fun.

I studied the CISSP book written by Shon Harris "CISSP All-in-One" and I attempted the questions given in the book and other 500 questions in the questions bank but this is not enough. One needs to go into details and refer other books like "CISSP Practice: 2250 Questions, Answers, and Explanations" and online information wherever required.

What I have found is that CISSP exam is not only about the knowledge but it is a mind game as well. The questions asked in exam are so unique in their formation, that you will hardly come across to any question you have seen previously but still if you are clear on the Security fundamentals and have a clear understandings of the CISSP domains, you can still figure out the answers. Below are the important points to note down -

1. You need to prepare for the exam in a planned way. You need to devote some time daily for study. You just cannot do it in two full days.
2. You just cannot rely on one book or one question bank. Shon Harris is good but look for other sources also.
3. You need to attempt all the questions given in the book and in questions banks. You need to be well versed in how to eliminate the wrong answers. Check some videos on YouTube.
4. You need to hold your nerve while taking exam. You may feel you are not going to pass it, but still give your best, and keep patience till the end.
5. Do not give up and leave the test in the middle, Attempt all the questions.
6. Do not waste time on difficult questions. First answers the questions you find easy and then come back again to answer the difficult ones.
7. Do not change the answer again and again. Most of the time, what you think first time could be the correct answer. Just do not be panic and answer with patience
8. Believe me 6 hours are not a very lengthy time for CISSP. You need 6 hours that's why they have provided.
9. Finally keep you cool and believe in yourself. If you could not do it you wouldn't have attempted it.

I hope this will help you.