The CISSP certification — 2022

I started my CISSP certification journey in July last year when I attended a 5 day prep course. It took me 1 year~ from there to finally get certified! This is a really tough piece and I just want to share my experience here as I found it helpful to read on others’ experience to inspire myself to continue on the certification journey. :)

Learning Materials

Here are the resources I went through to prepare myself. (Somewhat in order of what I found useful)

• CISSP instructor led training (Sapience Consulting)

Super grateful of the government fundings to up-skill

I had not gone for any live instructor led courses for a long time (probably the last one was in 2018). It was really a refreshing and rewarding experience again to learn along side others and clarify any doubts there and then. A group chat was formed after the course for everyone to stay connected, share resources and just motivate each other.

• CISSP Study Guide

This is a super thick book that goes into length on the topics. I read it from front to back and took down notes.

• CISSP Official Practice Tests

Though I don’t think there was any question in this book that appeared in my exam session, I always find it helpful to get through practice questions to check my understanding and find topics I need to further read up on. All the questions here are also available in the online companion resource. In the end I went through all the questions online without touching the book.

• CISSP — the exam cram course with Pete Zerger

Video! I went into looking at videos pretty late into the game (perhaps less than 1 month before the exam). And I sort of regretted not going into it sooner. Reading through the concepts can get pretty dry and painful. :( It truly is helpful to remember concepts in video and this series by Pete Zerger is fantastic. The slides are clear and explanations crisp. Love it!

• CISSP (ISC) Certification Practice Exams and Tests

I got this resource pretty late into my prep journey too with less than 2 weeks to go into the exam. There is advice in the book saying it will be helpful to go through the full mock exam in the book and determining weak topics to study on. I believe it will be useful to do it though I just randomly went through the tests for each domain and again found knowledge I am unfamiliar with to research further on.

• Sunflower CISSP

This consist of a few pages of really compact notes and pointers on CISSP concepts. Good for revising on concepts and identifying key concepts to research further on.

• CISSP — The memory palace

This is another compact set of notes on CISSP concepts. Again good for revising and find points for further research

• Eleventh Hour CISSP

I bought this 1 week before the exam. I read a few pages and found the content somewhat similar to the CISSP study guide with some details omitted. In the end I dropped it and decided to concentrate on reviewing the notes I had taken so far instead.

• ExamTopics

If you have seen my other posts on certifications, I love this resource. But unfortunately this resource does not prove useful to me for CISSP at least. This resource provides brief and sometimes no explanation on the answers. Some questions and answers could be subjective and having multiple sometimes conflicting explanations from the community made me confused enough to decide to not look at this resource after a while of trying.

All in all, it took me 1 year with a lot of weekends and early mornings studying to feel ready enough to go for the exam. Each resource I went through adds on to my knowledge. Work experience does play a big part too. Things I don’t really touch in my work just does not seem to go into my brain well at least for me. And that is where a lot of focus and studying was needed to learn the topics.

I never felt close to 100% ready even on exam day but just decided to go for it as I had booked the exam date beforehand. (unlike a lot of the other exams which allow a few free scheduling attempts, it cost $ to reschedule the CISSP exam regardless how far away you are from the scheduled exam date)

The exam and the certification process

The exam is one piece of the puzzle but it is an important piece. Since June this year, the exam is now up to 175 questions with 4hrs to work on in CAT format. There is 50 un-scored questions. (i.e. questions appearing in the exam but which have no impact to the score)

It was my first time taking a CAT format exam and it is quite a nail biting experience when I had to just decide on my answer there and then for the question and click next. No going back! My exam stopped at ~1hr to spare after I answered the 150th question Bam! the next screen just shows that the exam had ended. Luckily the cliffhanger ending was a positive one.

After passing the exam, the next part is to get an endorsement on the relevant experience to be certified. I opted to get (ISC)² to endorse my certification for me. I filled up the online forms, uploaded the relevant proofs and got an email that the endorsement was approved!

After which was then payment of the maintenance fee. Really excited and awaiting to receive my welcome kit.