Study Tips for Preparing and Passing the CISSP

June 24, 2019 by Infosec

CISSP Study Tips

The certified information systems security professional (CISSP) is a one-of-its-kind certification aimed at nurturing leaders in the field of information security. It’s controlled by the International Information System Security Certification Consortium [(ISC)²]. (ISC)² is a non-profit, globally acclaimed organization dedicatedl to advancing the field of information security. CISSP was the first information security credential to meet the rigorous requirements of the ISO/IEC Standard 17024.

This webpage shows the list of CISSP certification holders across 160 countries of the world. As of July 1, 2016, the U.S. holds the greatest number of CISSP-certified individuals (70,000+). Any person who wants to possess extensive knowledge of the engineering, implementation, and management of entire information security infrastructures finds the vendor-impartial CISSP certification the perfect credential. It doesn’t matter whether you are a security systems engineer or an IT director or even the network architect, the CISSP certification is an excellent thing to have on your CV.

Just like any other highly-acclaimed certification, the CISSP certification also has a tough exam that you need to pass to attain it. (Don’t worry, we will show you exactly how you can prepare for it below.) The six-hour test has 250 multiple choice and innovative questions and you need to score at least 700 out of the maximum 1000 to achieve the “passing grade”. The exam is available in the following languages:

  • French
  • English
  • Brazilian Portuguese
  • German
  • Japanese
  • Spanish
  • Korean
  • Chinese
  • Visually Impaired

To get more information about the exam and the certification in general, download this PDF file.

Studying for the CISSP

Now let’s shift our attention to the actual topic in hand: preparing for the CISSP exam. The biggest question is: “What is the best way to prepare for the CISSP?” Should you just do self-study and expect to learn everything all by yourself? Should you join a boot camp and get yourself trained rigorously? Should you just take simulated exams online and expect to be able to deal with the actual one? Or should you do a combination of all the aforementioned activities to ensure maximum preparation? We intend to answer all these questions; we begin by listing down the pros and cons of the different methods of study:


Traditionally, self-study has been the choice for most students before an exam. Many people argue that the level of attention that one can reach when alone is a lot higher than when surrounded by others (read more about it here). However, while there are many pros associated with self-study, there are also some cons that we would like to highlight, as well.


  1. Self-study is cheaper. All you need is Internet access and books, if necessary. With all the required material available online (click here), you won’t have to spend more for boot camps.
  2. 24/7 availability. You don’t need to arrange meet-ups or decide on venues to do self-study.
  3. There are no limits or dependencies. You can keep learning till you feel the need or have the mood to rest.
  4. You can start early and feel self-sufficient.


  1. You miss some of the technically intricate details and insight that coaches or supervisors can provide.
  2. When you do self-study and have some misconceptions in mind, which is very common, you end up manipulating the available information to match by your mental model. This leads to negative training.
  3. You might not be able to have a deep enough understanding to decide whether a specific topic is either “too important” or “something that’s good to know.” This leads to time-management and training-related issues.


Joining a boot camp is another way to prepare for the CISSP exam. In a boot camp, you will be able to train very rigorously over a short period of time. There are many different options; one of the most reputable choices is INFOSEC’s CISSP Boot camp. You can get a quote from them by filling out a simple form and they claim to train you adequately for the CISSP exam within seven days.


  1. You will be able to learn from the experts.
  2. Updated material will be provided and you will be saved the tiring research that you otherwise would have to do for the CISSP exam preparation.
  3. Boot camps require you to be punctual, disciplined, and ready to learn, so students devote more time to the preparation.


  1. Boot camps normally cost a lot of money.
  2. Boot camps are designed for a group of people and not for specific individuals. This can lead to training-related problems.
  3. Boot camps are organized for a specific period of time and, once they begin, the preparation needs to be done on a personal basis.

Finally, the success of a boot camp depends on the quality of your instructor/coach. Always find out whether the coach’s expertise is worth the investment that you will put in.


You can also prepare for the CISSP exam by practicing many CISSP test questions or by joining an online preparation course. There are a lot of online resources available where you can take simulated versions of the exam to see how well you perform. uCertify is one website where you can prepare for the test by taking lessons and attempting sample exercise questions.


  1. You get the training and are able to do the practice from a remote area.
  2. The online CISSP training vies you the luxury of spending as much time on a concept as you like.
  3. The mentors available will help you if you need it.


  1. The online training sessions cost a lot less than boot camps but they are still at least a few hundred dollars. uCertify’s CISSP Lessons + Test Prep package costs around $140.
  2. Unlike boot camps, there is no obligation to take lessons or practice questions, so there’s the inevitable possibility of extended procrastination.
  3. The absence of assessment and/or social interaction is another reason why online training isn’t the most recommended way to learn.

Now that we have talked about the different ways to prepare for CISSP, it’s noticeable that there are pros and cons associated with each method. Many students and professionals decide to take boot camps and do self-study along with that. It’s basically up to the applicants and their assessment of themselves more than anything else; if you think that you can handle everything on your own, then self-study can be sufficient for you. In the same way, if you feel as if you need a boot camp to go to, every day for a specific period of time, to kick-start your preparation, that will be the recommended option for you. Lastly, if you find the online training perfect for your needs, you can make that choice. The key here is to remember that the CISSP certification training requires you to study a few hours daily, for a month or two, at the very least; how you manage to spare time for it, is totally up to you.

Training Resources

No matter how you prepare for CISSP, you need to know what training resources are available online. A lot of material has been made available by (ISC)² and also by third-party organizations for you to learn from. Some of them are listed below:

  1. The official textbook

(ISC)² has an official book that is meant to provide a complete guide to the CISSP exam, among other certifications. It’s available in hardcover and in a Kindle version. You can find more about it here.

  1. Study guides

If you want to study for the exam yourself and want to know exactly what could appear in the exam, these resources will be of paramount importance for you.

  1. Practice tests

The official textbook for practice tests related to the CISSP certification is available here.

  1. Exam outline

If you want to request an exam outline, you can do so by filling the form available at this link.

  1. INFOSEC’s study guide

INFOSEC also has a study guide, a comprehensive 45 page e-book that can help you go through the preparation with aplomb and ease. Click on this link to view.

  1. INFOSEC’s free CISSP course

INFOSEC has also released a small cryptography course related to CISSP. You can view it by clicking on this link. Normally the CISSP training cost can amount to a large figure so it’s good to have free resources available at our disposal.

Tips for Passing the CISSP Exam

The key is to prepare not endlessly but smartly. The tips that follow can help you a lot while studying for the CISSP:

  1. Prepare from the official CISSP textbook released by (ISC)² but also keep as much reference material with you as you can.
  2. Always solve the questions available at the end of each chapter of the textbook. This allows you to test your learning right after you go through the various topics.
  3. Don’t focus on cramming , but try to develop a deep understanding of the key ideas.
  4. Always go through the summary sections of the chapters (and also overall books) to ensure that you don’t miss out on any topics.
  5. While dealing with multiple choice questions, if you don’t know the correct answer right away, try to eliminate the wrong answers if possible. This technique helps because you can improve your chances of getting the answer right.
  6. Don’t rush to solutions. Most of the times, the questions given in the CISSP exam are subjective, so you need to think about all the possible scenarios before you can make the choice.
  7. Manage your time very carefully. You will have six hours to attempt the exam, so try your level best to finish the exam half an hour before the deadline. Use the last 30 minutes to see if you missed anything and to recheck your answers.


Attaining the CISSP certification can be the steepest mountain you will ever climb if you don’t utilize your time astutely and prepare adequately. However, if you take the preparation seriously, you can pass the exam easily and even win distinction. We can conclude by recommending the applicants to be super-determined while preparing to give 100 percent.

Posted: June 24, 2019
Articles Author
View Profile

Leave a Reply

Your email address will not be published. Required fields are marked *