top of page

How Sandipan Cracked His CISSP Exam

Long post alert!

I am extremely delighted to let you know that I have provisionally passed the CISSP exam on 23rd June 2021. This was my second attempt.

Here is the draft of my success story-

In Feb 2020, I started the preparation with Sybex OSG book 8th Edition and Official Practice Test 2nd Edition. Out of all domains, I wasn’t familiar with three - Domain 3 security architecture and engineering, Domain 4 - network security and Domain 7 security operations. My initial plan was to appear for the exam in Dec 2020 with adequate time to prepare.

With COVID interrupted the plan and tension around sustainability of the job I was not in a frame of mind to focus on the exam.

From Oct 2020, situation turned out to be little favorable and I started intense preparation.

1st Attempt

At this point of time, I was solely depending on

• Sybex OSG – 50% studied end-to-end, 50% touched on key areas, 400 questions competed in full

Sybex OPT – completed in full

• Phil Martin’s Simple CISSP (Kindle edition) – used as a reference

• Pocket prep CISSP app – completed in full

• ABC E-learning CISSP app – completed in full

Eric Conrad’s 11th hour – used as a reference

With 2.5 months’ time in hand I started studying meticulously. Regularly after work I used to spend 2-3 hours and, in the weekend, around 8 hours a day. There were some topics that I found really difficult and boring and it took time for me to grasp it, sometimes overwhelmed with so much of information and response. Honestly, I was anticipating it was not going into the right direction and that point of time I had a strong belief and confidence if I read the Sybex OSG thoroughly and complete the Sybex 1300+ practice questions I can pass the exam. In the last 1-2 weeks, I completed full 1300 questions of OPT, 400 questions of OSG and 800 questions of ABC E-learning CISSP.

Exam day

I appeared for the exam on 8th January 2021. There were few technical questions which I wasn’t aware so chosen the best possible response, few questions were really straight forward. I had answered all the way till 150 questions and unfortunately, I could not succeed. I still had no idea why the answers I selected were wrong, because in many questions I felt those were the correct answers.

I came back with broken heart and connected with my ex-colleague Soumya Deb who just cracked CISSP. After discussing with him, I realized practicing only 2500 questions were not enough, may be Sybex only approach was not adequate. I should have consulted other reference books, practiced many more questions from multiple sources. I realized why I need to change the approach in CISSP, why I have to think like a manager, how can I choose the best from the correct answers. My trust and confidence were shattered and I was in a dilemma if I can study this much broad resource-intensive exam for the second time.

2nd Attempt:

Now that I got the taste of failure, learnt from my mistakes and most importantly now I know what type of questions I can expect in CISSP, I started my second attempt with more determination, discipline and dedication. Here are the study materials and practice questions I used –

Study materials -

Sybex OSG – Completed cover-to-cover

• AIO – Used as reference

• Eleventh hour CISSP by Eric Conrad – Completed cover-to-cover

Practical questions –

Study notes and theory - A CISSP Study Guide (875 questions) – Took Luke’s membership for 4 months, this portal is just a goldmine for quality videos and terrific challenging questions. I really appreciate Luke’s time and effort spent on creating the videos, those surely helped me to understand convoluted topics like Kerberos, Oauth etc. Also, read Luke’s explanation for the wrong answers. These are very well written and explained with details.

• Boson questions (750 questions) – Very good questions. Less hard than Luke’s questions. The explanation for the answers were really good.

• Sybex OSG 8th Edition (900 questions) – I missed these online questions during my first attempt, so completed those during 2nd attempts. These questions are moderately easy.

One point to mention here, I never practiced any simple questions more than once. The reason is, in my first attempt, I completed Sybex practice questions and during second attempt (even after gap of 4-5 months) I was able to answer 85% of those questions correctly, so didn’t practice Sybex a lot during second attempt.

• Thor’s CISSP questions available on Udemy platform (1000 questions) – Helpful questions – moderately easy

• AIO Book (Shon Harris) – (Online 1687 questions) – I couldn’t complete all domains. These questions are pretty straight forward, but one problem is – many questions were repeated multiple times in the online format

AIO Book (Shon Harris) – Around 450 questions in this book. All questions are good and explanations are well written.

• IT Dojo – Around 200 questions –Colin Weaver explained all his questions very well in his you tube channel.

• Sunny’s classroom – Used reference for multiple videos – very good explanation with visual graphics.

Think like a Manager (25 questions) – Another masterpiece by Luke Ahmed. This actually creates a very well foundation how you will read, understand and modify your approach to answer CISSP questions.

• Other resources – I also used CISSP cram, (Cybrary), Kaplan’s, ISC2 model questions and Wentz Wu’s questions.

Last couple of weeks before exam –

o Eric Conrad’s Eleventh hour CISSP – revised cover to cover

o Rob Witcher’s ‘Destination Certification’ – Excellent content to review just before the exam

o Thor Pederson – these last 125 X 3 = 375 hard questions I purchased 3 days before the exam, as those were just hot-off-the-press questions with 2021 version

o Hand written notes

o Kelly Handerhan’s videos

o Prabh Nair’s video on selected topics

o The Memory Palace by Prashant Mohan and last but not the least

Overall studied for 9 months (Oct 2020 – June 2021), most intensely studied – April – June 2021, practiced more or less 5500 questions.

Exam Day:

The exam was scheduled on 23rd June 2021. Barely slept for 3-4 hours on the night before the exam and woke up early. I reached Pearson Vue Centre with adequate time in hand. During the exam, I found first 10 questions were common. From q20 I found questions were getting tougher, even got a few technical questions and some from 2021 contents. I was taking more time to answer the first 70 questions just to be sure those were correct as per my understanding. At one point I realized I have less than a minute to answer each question. Beyond 70, I speed up answering and at 97 the exam engine stopped. The test administrator handed over the result hardcopy. I drink couple of glass of water and barely had the courage to open the paper. I put it in the bag, thinking it might be a repeat of the first result, came home, had breakfast. Spoken to my wife over phone, she is insisting me to see the result but to be honest I didn’t have the nerve to see another failure. Finally, got the courage to open the paper and the rest is history…

Special thanks to:

1) Soumya Deb – For guidance, mentoring, answering and discussing queries during study and helped me to get the relevant information and key sources.

2) Luke Ahmed – For amazing contribution towards the CISSP community. His ‘Think like a manager’ book and ‘Study notes and theory’ website were extremely helpful and enriching.

3) Thor Pedersen/ Kelly Handerhan/ Rob Witcher/ Colin Weaver/ Prabh Nair – Thanks for your resourceful materials, videos and questions which helped me to conquer the exam.

4) My wife Srijita Ghosh Paul – Thank you for your constant motivation and support (especially after the first attempt) which restored trust and faith on myself.


bottom of page