I recently passed my CISSP exam, after plucking up the courage following a long revision period. I decided not to attend any of the week-long courses as I learn better at my own pace and I would rather cover it part time alongside my work.
Here are my hints and tips based on what I learned from my time studying.
According to the (ISC)2, the Certified Information Systems Security Professional (CISSP) qualification is designed for experienced security professionals and managers ranging from Security Analyst roles to Security Managers and CISOs.
The examination covers a broad range of security domains to help you to learn more about the management of effective Cybersecurity Programmes. As a Cyber Security Analyst I felt that this was the next step to help me to progress in my career.
Although it’s usually the beginning of the books you'll read, do yourself a favour and don’t start with trying to learn all the different acronyms in the security and risk management section - Security Domain 1 (such as ISO , NIST , COBIT , and TOGAF ). These will all make a lot more sense when you see them referred to across the other domains.
Trying to memorise all these acronyms and publications at the beginning of your study is more likely to put you off and is unlikely to help you. It’s better to see how they link into everything else you learn by going back to them later.
However, the rest of the chapter is really useful and will give you a good basis for the rest of your study, so make sure to read this first.
Try to find different sources to learn from. For me, changing up the learning materials helped me to learn the content more easily.
Sometimes, I wanted to tuck up in bed and read a chapter of the CISSP books (Shon Harris) , but others I wanted to watch videos or do some practice papers.
Simply Business provides its employees with access to lots of different learning materials and working environments – sometimes I revised by reading in our quiet library and other times I took some time at my desk to watch a quick video.
Test yourself at the end of everything you read. If it’s not going in, take a break and come back to it.
The CISSP training videos from Sari Greene test you at the end with a 5 second cards quick challenge which really test your understanding of everything you read. Or you can get your hands on the official CISSP practice papers which divide the questions up into the chapters.
It always helps to understand what you’re reading than to just know it for the purpose of the exam. Some of the questions in the exam will test your understanding of what you've read, so you can’t just rely on a photographic memory of the content you have been studying.
One way to do this is to try and link up the chapters to fully understand all the domains. How does encryption from "Domain 3: Security Engineering" fit into the OSI model from "Domain 4: Communication and network security"? How do the common attacks you read about in "Domain 3: Security Engineering" link into the controls you learned about in "Domain 7: Security Operations"? Mind map these and draw them into diagrams if it helps you to understand how it all fits together.
Speak to other CISSP professionals or even form groups with others who are studying in the area. Finding other people who have passed the exam previously helped me out a lot. Some friends at Simply Business offered me some books they had used and also some advice on preparing for the exam.
There are loads of resources out there, but these are some that I found particularly helpful:
Good luck and if you have any other tips, leave them in the comments below!
Want to know more about what it's like to work in tech at Simply Business? Read about our approach to tech, then check out our current vacancies.Find out more
Keep up to date with Simply Business. Subscribe to our monthly newsletter and follow us on social media.Subscribe to our newsletter
99 Gresham Street
29 St Katherine's Street
© Copyright 2019 Simply Business. All Rights Reserved. Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). Xbridge Limited (No: 3967717) has its registered office at 6th Floor, 99 Gresham Street, London, EC2V 7NG.