As promised,here is my detailed study plan on CISSP preparation. Once again thank you all for the help and for the contribution in this group. I have gone through each and every post since last three months. This group Study Notes and Theory is simply amazing !
I started my preparation around mid of December and took almost four months to clear the exam. The exam is all about 50% preparation and rest your day to day experience in security domains, some logical thinking, strategies during exam and your temperament. Practiced almost 6000+ questions but the real exam was completely different. Practice helped me in understanding and retaining the concepts and so important. Exam was a mix of approx. 60% technical & 40% managerial. You need to understand the concepts very well.
Don’t try to memorize anything. All attacks are very important and try to understand them well. Cover modern computing stuffs and associated technologies well – whatever included in CBK. Remember human life & data is very important and cover all aspect of their security well. Do not start with action in any situation instead try to follow the process. Understand the role of CEO, CIO, CISO, Security Officers, Data Owners, Data Custodian, Security steering committee & Administrators very well. Understand software development process and Testing / assessment well.
– Sybex 7th Edition (8/10). If you are not comfortable with Official CISSP CBK 4th edition, this one is the second best option. The only book which I referred.
– Referred few NIST documents, YouTube, google for many of the topics
– Cybrary videos by Kelly Handerhan (9/10) – Excellent free resource. Must cover this atleast once.
– Shon Harris Audio (7/10) – Listen if you have nothing else to do. Some concepts are explained well.
– Sybex 1400+ questions – (9/10)
– CISSP Practice Questions Exam Cram 3rd Edition – (8/10)
– Eric Conrad two full length tests (7/10)
– CCCure Practice Questions (7/10)
– McGraw Hills CISSP Practice questions (7/10)
Other important points:
– Do not ignore any domain (Even the topics as per old ten domain). Less important domains might be more scoring & easier in the exam. Read and practice all the domains well. Only exception is US specific laws which can be ignored.
– The exam is not much difficult and can be cleared in 3-5 months of duration. In fact overall it was easier than I expected. Do not refer too many books or too many resources. One or two book is enough. Remember Biba model says – No read down smile emoticon . Choose only good authentic sources to refer.
– There is no substitute of reading a good text book again and again. Don’t fall into the trap of last minute notes or CRAMS. Make your own notes and revise them well before the exam. That give you more confidence during exam.
– Study daily & study well. There is no shortcuts for this exam. Do not leave your study for a single day as any significant break is the biggest enemy. Think each and every hour of study taking you closer to CISSP.
– Don’t be panic during the exam. You may find the exam as completely different from your expectation.I was completely nervous for first half an hour thinking if I have appeared for CISSP or something else.
– Take your time during the exam. Six hour is more than sufficient. Just try to save good amount of time to revise well.
– During revision, do not change the answers without a well thought reason for that. Your first instinct might be right.
– Sleep well before the exam. Leave the study a day before the exam.
– Take sufficient breaks during the exam. I took three breaks. Take some snacks, chocolates or whatever you like to eat during breaks.
– And again as final word, do not follow too many books and resources… trust on few authentic and study them well. You can enjoy reading as many as you want once you get certified.