top of page

How Tom Cracked His CISSP Exam

Ok guys, I’ve had a lot of questions about what I did to pass my exam. I took it a few weeks ago and passed on the first try, and here is what I did to pass the CISSP:


Obtain the following in order of priority (our example is the CISSP):

1. Practice Questions for the exam (I had a list of 1k plus questions and NONE of which were on the real exam, was NOT a brain dump).

2. Official Exam Book (i.e. The official ISC2 book).

3. General Study Book (In this case I read the entire Sybex CISSP seventh edition official study guide).

4. Video Tutorials (CBT Nuggets, some type of instructional videos on what it is you want to learn, youtube is excellent for this as well – example: used youtube to learn more about Kerberos).

5. Optional Audiobook (This would be good for you on your commute if you have one, if not you can use it while you go to sleep at night).

6. Auditory Review and Notes with another person (Teach them what you’ve learned) – One of the best methods to learn is to teach what you have learned, or to talk about it with somebody else.

So, two months before I took the exam I started, I’d take time out of each day and do the following in order, at least 1 hour a day but some days I’d study for 4 hours. No more than 5 hours a day studying. If I had a slow day at work I’d study like 8 hours. Depends on the day, but you should read at least 20-25 pages a day of your book – at a minimum.

I typically do the following, Watch the videos > do the practice questions > read the ISC2 Official exam book > do the practice questions (new set) > read the Sybex book > do the practice questions > review with another person and teaching others/audiobooks > and then finally do the practice questions.

I have gotten to a point where I eat, breath, and sleep my test. I’d listen to the audiobooks while I sleep at night as well… sometimes I’d talk about it in my sleep, no joke my girlfriend recorded me talking about security risks in the middle of the night.



Test Taking Method (essential), without this I would have failed: It was a 6 hour test (you can use less time but I used every second I had up to the last 40 or so seconds) at 250 questions. Consisting of all multiple choice questions (4 options) so I went through each and every question and WORKED IT OUT (there were 2 drag and drop and 2 scenarios where you had to read about the company and answer questions) – if I knew the answer I selected it and hit next. For the questions I did not know or was unsure of (like 50-60 questions) I selected the review button so when I was completely through the 250 questions I could go back and review them.

For those that I was unsure of I determine which options were incorrect. This left me with two to three options giving me a better chance. I actually determined that even if I guessed on two options instead of four, I’d pass with a 75% which is what I needed to pass. So just count up the ones you are unsure of and minus them from the ones you know without doubt.

So when you are taking a test, eliminate the ones you know are NOT correct. If you do this for all the ones you do not know you’ll most likely pass if you have at least 50-70% of the ones you do know correct. I took all of the time up to 40 seconds to look at my questions that I marked for review.


This test is ultimately “How bad do you want it?” There is no magic brain dump or questions online that will help you pass this exam. A good portion of the material that was on the test was ENTIRELY NEW and did not directly ask the same questions I had read in any book or online questions. I cannot stress enough that this test will drain the life out of you, but in the end if you put forth the effort and don’t give up, you will pass it!


bottom of page