top of page

How Sneha Cracked Her CISSP Exam!


GUIDELINES FOR CRACKING CISSP!


The secret is to just start…

Your own pattern and chart...

Baby steps always yet big achievements,

Yeh, the journey is purely an enjoyment!


MY CISSP JOURNEY IN SHORT:






FEW WORDS ABOUT ME:

My journey of Cybersecurity started in 2017 when I just had my first job as a Risk Analyst, and I used to always wonder how certifications are important in your self-learning apart from regular BAU. My manager and team lead always used to encourage about learning and cracking certifications. After that while pursuing my Masters in Cybersecurity I cracked Sec+ in Dec 2018 and that gave me a confidence for studying CISSP. From there my CISSP Journey started I gave my first attempt in March 2019 while doing my final semester of Masters with 2 years of IT industry experience. However even after studying for around 2.5 months I was not able to get through it and was nearly proficient in 4 domains while rest as below proficiency level. From there I got to know my weak domains and surely got convinced why industry experience matters a lot for CISSP to really think like manager.


For whole 2020 I used to study on and off with my teammates. Question answer discussions, experiences about passing CISSP from colleagues and watching videos on new topics helped me to be on track. Finally in 2021 I decided to again give a shot, so I registered for CISSP bootcamp which started on 21st March and prior to that I had booked my exam for 26 th April. So, I planned and started studying seriously.


BELOW IS MY 6 WEEKS PLAN:

While attending bootcamp from Infosec Institute I started with reading (ISC)2 CISSP Sybex official Study guide (8 th Edition). I used to highlight the important points to remember and after each chapter I tried to get at least 80% or else I used to go through it again. Next, I covered All In One by Shon Harris, this book helped me a lot to understand the key concepts in very simple terms and here also I tried to get at least 75-80% in each domain. While reading I used to watch videos by Kelly Handerhan, Saree Greene and referred 11 th hour by Eric Conrad and Memory palace by Prashant Mohan. While reading these materials I made my own notes not more than 5 pages on each domain. This whole took around 3 weeks just to finish reading and watching videos.


Last 3 weeks I was fully focused on solving as much practice questions as I can! I started focusing on each domain from official practice test by ISC2 Sybex, Thor Teaches, Infosec Institute portal, IT dojo and tried to score minimum 75-80% in each platform.


Last 2 weeks I started with SNT practice questions and flashcards through in practice test I used to just score 55-65% but I used to read each, and every explanation given by Luke which helped me understand the thinking! I watched SNT videos mostly for the topics where I was constantly getting wrong answers or used to get confused. Simultaneously I watched Prabh Nair’s videos to get more understanding and clarity on new topics.


Last week I just gave Boson test each day one exam, Wiley’s practice test and SNT minimum 3 practice tests daily. I used to make sure to read each explanation for both wrong and correct answers. Again, while practicing questions I used to make notes. Last 2days:


My exam was on Monday, so Saturday and Sunday I was just revising my notes, 11 th Hour, Memory palace and exam essentials after each chapter from ISC2 guide. In this whole journey I used to dedicate minimum 6 hours on weekdays and 8-10 hours on weekends.


EXAM DAY:

I had a nice sleep of 8hours, morning I just looked at Sunflower pdf and continually watched Kelly Handerhan’s “Why you will pass CISSP?” at least 4 times! That video will really motivate you and keep your mind on a right track with proper perspective.


DURING THE EXAM:

I gave more time on first 50-60 questions sometimes more than 2 minutes on a tricky one and till that I had already spend 80 min. Next 100 questions I covered in remaining time. Total 150 questions in 179 minutes! Hush!


ANSWER STRATEGY:

  • Read every question twice

  • Identify Keyword, Confidentiality Integrity, and Availability (CIA) properties

  • Try to guess the answer without looking into the options and for few questions I used reverse strategy – looking into options, get the common platform and get the odd one then reading the question.

  • Do not fix problems. Rather solve the problem.

  • Technology changes for fixing an issue. Security governance approaches, risk management,

  • risk analysis, threat modeling, risk mitigation, BCP/DRP, Secure SDLC solves the problem for long run.

  • Eliminate some of the options from the choices. If you can eliminate two options, then you have 50% chance to select the correct answers. It becomes a True/False question.

  • Eliminate at least two options based on the followings:

    • Too technical

    • Too narrow

    • Out of scope

    • Involves assumptions about the situation.

    • Do not focus on technology.

    • Human Safety first – It is also the highest priority as per ISC2 Code of ethics

    • Cost effectiveness (example - cloud over physical appliance)

    • Pros and Cons for each option.

    • If you guess the option at first strike still eliminate other options with proper reasons.


REFERENCE MATERIAL:


Books:

  • (ISC)2 CISSP Official Study Guide by Sybex (8th Edition)

  • CISSP All-in-One by Shon Harris

  • Eleventh Hour CISSP®: Study Guide by Eric Conrad


Videos:

  • SNT Videos: https://www.studynotesandtheory.com

  • Prabh Nair: https://prabhnair.in/

  • Mind map series from Destination Certification:

  • https://www.youtube.com/channel/UCXk6whiDrWq42y9Tdv1MEhg

  • Sari Greene videos http://sarigreenegroup.com/cissp-exam-prep/

  • Kelly Handerhan video lectures. The videos are available on Cybrary for free.

  • https://www.cybrary.it/instructor/kelly-handerhan

  • Professor Messer CompTIA Sec+, Network+ for few basic topics

  • Infosec portal videos: https://www.infosecinstitute.com/

  • Random YouTube videos for basic understanding of topics

  • Notes:

  • Prashant Mohan’s Memory Palace

  • Sunflower CISSP


Groups for discussion:


Important Videos:


Practice Test:

  • (ISC)2 CISSP Official Study Guide by Sybex – Each chapter questions - 420

  • Wiley Sybex Efficient Learning - Practice questions – 1300

  • Thor Teaches CISSP Practice questions – 960

  • Infosec Portal practice question – 1500

  • IT Dojo CISSP questions – 208

  • CISSP All-in-One by Shon Harris - Each chapter questions + Comprehensive test – 379

  • Boson Practice test - 750

  • SNT Questions – 750

  • SNT Flashcards – 1350


Total: 250+ hours of study, 3500 pages reading and 6267 practice questions!


TIP FOR MEMORIZATION:

Do not memorize any topic rather understand and try to make charts for your own reference.

I used to make a chart and stick it on wall in front of my desktop thus used to just glance it once in a day and it will automatically get store in your memory! Make your own mnemonics like for OSI table, RMF, Port numbers, etc.


Be positive, enjoy the journey and All the Best!

Comments


119159849_10158061653118813_5314694876572739015_n.jpg
bottom of page