Passed!! Finally!!!!! That's exactly what I've been feeling since the past 2 days since I provisionally passed my CISSP on my 3rd attempt. I passed at 100 questions in about 140 minutes.
Material used for studying:
1. Official ISC2 study guide - old version
2. Official ISC2 practice exam - old version
3. How to think like a manager by Luke Ahmed
4. Study and notes and theory practice questions - Barely used
5. Boson exam prep
6. CISSP Exam Cram video by Eric Conrad
7. CISSP 11th hour I started off my CISSP journey 2 years ago and like quite a few people, it was mainly because I wanted to get certified and leave the company I was working for, to find a better place.
"Don't take CISSP too lightly. Someone I know has passed after 6 attempts" said one of my manager when I he learned that I wanted to study for this exam. I didn't take him seriously and studied like CISA by putting in 2 hours of casual learning everyday for 3 months and directly jumping into the exam. This obviously didn't end well.
The second attempt was marred with lot of tight projects and a stressful job. Juggling time and studying for 6 months, I knew that this was not going to end well. The 3rd attempt was also similar. However, the last 2 years had taught me so much in my work, a good chunk of pure experience helped me pass the exam. My study method also changed a little since I was strong technically, I had to think the CISSP way. My approach turned out to be jump straight into the practice exams with Boson and practice guide and see how much I score. I was scoring only between 60-65% but slowing down with the study pace for the sections which I hadn't understood from CISSP 11th hour and Boson helped me to get a better understanding of how to approach the question.
Tips for studying from my side : None. Everyone studies and absorbs information differently. I personally cannot deal with more than 2 study guide and rely heavily on practice tests to tune my way of thinking. As mentioned before, a good chunk of the exam was answered with my experience to extremely broad number of projects.
There is a reason CISSP requires people to have min. of 5 years of experience in this field and it really is for a reason. 2 big tips for CISSP in general: 1. Get this certification as soon as possible in your security career since HRs and hiring managers have no clue to assess that you are hirable without this certification. I could clearly see this during my job hunt and I missed the HR filter multiple times purely because I didn't have the CISSP 2. This is a tough exam and doesn't track specific technology, so DO NOT LET IT EXPIRE through your security professional lifetime.