Professional development

How to learn and pass your next certification exam

John Bandler
July 21, 2022 by
John Bandler

No matter your prior education, current knowledge or skills, you are here — wherever “here” is. The next question is: Where do you want to go? Where do you want to be in the next six months or year, and what should the “future you” be?

Wherever you are going, it is a good choice to learn and improve yourself — and add a cybersecurity or privacy credential.

Get your free course catalog

Get your free course catalog

Download the Infosec Skills course catalog to learn more about these courses — and hundreds more.


You are in charge of your learning


You are in charge of what you learn, however you decide to pursue that knowledge.

Formal education is important but not perfect, nor is it accessible to all. It can be expensive and time-consuming. Formal degrees are worthy achievements but do not guarantee knowledge or competence. Some even obtain degrees without gaining sufficient knowledge.

I still remember a conversation from over twenty years ago with my friend, who was also a state police sergeant. He had joined the state police before they implemented a college requirement, and his only academic credential was a high school diploma. He was puzzling over the report of a rookie trooper with a four-year college degree and called out to me from the sergeant’s office. 

I went over, and he said, “Johnny, you’re a pretty smart and educated guy. Come here and look at this report. I’m just a dumb guy with a high school diploma. This kid has a four-year degree, but his report looks like garbage to me. Read this and tell me what you think.” Actually, his words were much more colorful.

He was right. The rookie trooper born in the U.S. with a degree could not write English well. The sergeant had no college degree but had the smarts, knowledge and skills, including reading and writing. 

The point is that you can continually improve your skills outside the formal academic environment. You do this with good strategy, reliable information and effort.


Tips to learn more effectively


Learning requires personal effort. Whether in high school or advanced education, merely being present or receiving a degree doesn’t give us knowledge. Our effort does.

If we are reading a book or watching an educational video, merely turning pages or streaming the video does benefit us; it is the effort. We can aid this process with “active learning,” which means we engage and do not zone out or coast on autopilot.

Some concepts, skills, and practices can help us learn better. There are techniques to aid learning and ensure we put in the effort and receive the reward. Here are a few:

  • Find reliable sources and facts.
  • Make sure your brain is engaged. 
  • Set a timer for 20 or 40 minutes and do nothing but focus on studying (reading, watching) until the timer goes off.
  • Have trouble focusing or feeling sleepy? Stand up as you study.
  • Repetition can imprint important facts into your brain. Handwrite them, type them, or repeat them aloud.
  • More tips are in my video, How to learn, study, and pass an exam within my CIPP/US learning path in Infosec Skills.


Certification exams are a learned skill


Learning for the sake of learning and improving our career prospects is wonderful. But sometimes, we also need to pass a test. You may be contemplating a certification exam.

Test-taking is a learned skill. Never tell yourself that you are a “bad test-taker” as if that is a fixed characteristic that cannot be changed — because you can improve. 

The most important thing is to prepare, study and learn the material so that, when test day comes, you have the knowledge and confidence. My main tips are:

  • Study and prepare.
  • Practice.
  • Read and know the test instructions.
  • Relax the night before and the day of.
  • Be early (even if you are taking the exam at your own desk).
  • During the test, relax, focus and do your best.
  • Keep track of your time so you get to every question.
  • No certification exam (or question) is perfect. You don’t have to get every question right, and don’t stress about baffling questions. 

Everywhere in life, people offer magic solutions for whatever challenges we face, which is also true for certification exam preparation. View these offers with healthy skepticism, and resolve to put in the work to study and learn. Here are some claims accompanied by what you should be thinking.


Claims vs. reality for certification test preparation











What you should think



Passing is guaranteed! Read the fine print on what that guarantee entails. You still need to study!


We have the actual exam questions! We have exam dumps! Never trust anyone who openly advertises they are violating certification ethical rules. It is easier to just study the material!


With our secret, you can pass the exam without studying!

Only a tiny percentage of humans can get by without studying:

  • They are geniuses or have an incredible recall.
  • That's not me, probably not you.


We have the best materials plus secret information!

The certification body of knowledge is publicly available.

Certainly, some materials are better than others.

Copyright John Bandler, 2022

Looking to earn a privacy certification? Try my Infosec CIPP/US certification preparation course.


Plan your exam results


Right now, you are planning your future self and exam outcome. Look forward six months to a year, and you could build one of several outcomes:

  1. You took the certification exam but unfortunately did not pass.
  2. You passed the certification exam and now hold a new certification, but you took shortcuts and never learned the material well.
  3. You hold a new certification earned after a hard effort, and you learned the material well.

Let’s choose option 3.

What should you learn next?

What should you learn next?

From SOC Analyst to Secure Coder to Security Manager — our team of experts has 12 free training plans to help you hit your goals. Get your free copy now.




Wherever you are now, you can improve your knowledge and skills, including your ability to learn and take a test.

A year from now, your future self could be the best version of yourself you can build. That version will have additional knowledge and perhaps a certification too.

Take a look at my video on Infosec Skills titled How to learn, study and pass an exam, part of my CIPP/US certification learning path. There are many other offerings from Infosec Skills to build your learning on various topics.

John Bandler
John Bandler

John Bandler is a lawyer, consultant, speaker, teacher and author in the areas of cybersecurity, cybercrime, privacy, investigations and more. He is the founder of Bandler Law Firm PLLC and Bandler Group LLC, legal and consulting practices that help organizations and individuals with cybersecurity, the prevention and investigation of cybercrime, privacy, compliance, risk management and governance.

John has expertise in many subjects, holds a number of certifications, and is a prolific writer and speaker. His first book is Cybersecurity for the Home and Office, his second book is Cybercrime Investigations, an extensive resource regarding the law, technology, process and skills regarding the investigation of cybercrime. John has authored articles on a range of topics and teaches professionals and students at the undergraduate, graduate and law school levels.

Before entering private practice, John served in government as an assistant district attorney in the New York County District Attorney's Office where he investigated and prosecuted criminal offenses ranging from cybercrime, virtual currency money laundering and traditional street crimes and frauds. Prior to that, he served as a state trooper in the New York State Police providing full police services to the local community.