I had my eyes on this certification since 2014 when my professional career started. Whenever I searched for top security related certifications to be done, this certification topped the list. This is what motivated me to pursue CISSP. However, since I was a newbie in the Information Security field, I decided it would be beneficial for me to first gain the experience in the field and then go for this certification.
So, after 3 years or so of experience in the field, I decided to go for this last August (2017) .
I was already a member of the SNT website so it was easier for me to get hold of various resources many people had used to clear their CISSP.
Below is the list of the same resources used (studying )
Shon AIO (7th Edition )
Process Guide by Madunix
Kellys Cybrary Course
Various videos on YouTube.
My Own Handwritten Notes
FOR PRACTICE QUESTIONS
1)Sybex Official Book ( contains 1300 questions )
2) Wiley test banks online. (1000 questions)
3) Mcgraw Hill questions (Free resource)
4)Shon’s AIO end chapter questions
5) Study Notes and Theory Questions
6) Exam Cram Questions (Separate Book)
7) Total Tester (Available with AIO Book)
The exam was a different BEAST altogether. The questions I came across were nothing similar to the questions I practiced and mind you I did practice a lot of questions. The questions were worded differently and seemed to be more focused on the HIGH level concepts rather than the NITTY GRITTY of things.
It was definitely focused more at a strategic level than the Technical level. I was able to narrow down the answers to within two options out of the given four, but it was really getting difficult as the questions went by but I kept thinking as a Manager and not as a Technician. The exam ended at 100 questions, and at certain point I was not sure of my result. I was very happy to see the Congratulations on the printed exam result.
All in all it was a great journey, it took me 6 months of preparation and in retrospect I would not have it any other way. I learnt a ton of stuff while pursuing this certification and this result motivates me to keep going forward and keep learning new things everyday. Now, onto the next GOAL.
In the beginning stick to one resource only. Start with the domains you already have prior experience in or the domains which are your strong areas. Then slowly dive into the domains you do not have any idea or very less knowledge. Reason I say this is , you would most probably be going in with the Mindset that CISSP is a very tough exam , so it would motivate you and make you feel good about your chances when you are done with the domains you already have strong hand . This worked well for me at least.
Secondly, start making your handwritten notes. This will help you retain the concepts much better and also you will end up with notes in your own language which is the best source you will have in the end.
I would surely recommend becoming a member of the SNT website as well as the TELEGRAM group. SNT website has very good authentic material including practice questions, which are all explained perfectly by LUKE AHMED.
Joining TELEGRAM group was the best decision I made. It is the best resource out there. You have loads of people from all over the world with the same GOAL: CISSP. The people in the group are very supportive and genuinely want you to succeed.
Your role during the exam is of a RISK ADVISOR and not an Engineer/ Technician. Think from a High Level perspective and do not try to fix things. Go for the answers with Policies/Contracts etc.
Keep these concepts on your fingertips like SENIOR MANAGEMENT is ultimately responsible in an organization , Security Policy dictates everything in the organization , HUMAN/PERSONNEL Safety is the most important and number one priority .
In the END it does not matter which resource/book you use. Whether you study from video courses out there or from a Book or you use YouTube videos to clear your doubts/concepts. All that matters is whether or not your concepts are clear and whether or not you have understood how the ISC2 wants you to answer the questions in the exam because there is one way to answer a problem/scenario in the REAL WORLD and then there is a ISC2 way of answering the same problem/situation. These TWO things are different.
The Exam is not tough but only if you have done your Due Care and Due Diligence. Make short term goals which will ultimately lead to your BIG GOAL of clearing the Exam.
My Best Wishes to all the people who will be taking the EXAM. Stay Focussed, Stay Dedicated and WORK HARD.