I provisionally passed the CISSP exam at 125q in ~85 minutes.

5 years of experience in industry, all GRC related work.

Here is my advice:

I’ve got to be honest here, the exam in my opinion is just not that bad. I think where this exam gets its bad wrap is because it is a very application-based exam in which you may know the technical part but you need to know how to apply that to the business process. For us nerds, that can be hard. But If you keep this in mind, you’ll be fine.

If you’re like me where before the exam you spent hours reading horror stories of people failing the exam or passing it but they say the exam is so much worse than their practice questions.. don’t listen to it. I think folks get very into the moment during the exam and think it’s worse than what it is. Just calm down and take your time, go with your gut on the questions.

Like others have said, you can usually narrow down the answers to 2/4. when I got to this point I usually followed Gwen Bettwy’s method of “People, Process, Technology”. looked at the answers in the order and if it made the most sense, I chose it and moved on. If you want to know more about this look at her study tips on YouTube: https://youtu.be/G2yDTZ9CY98?si=iSCiHz_ACdFHAoCr

Study materials:

OSG: 1/10. Bought it, read the first chapter and fell asleep. Immediately went to Amazon and bought Destination Certification book.

Destination Certification: 8/10. Fantastic read it gives you a very clear picture of the material in the exam without overloading you.

Exam cram: 8/10. Same as above. Turn it up to 1.5x speed and write down everything you don’t know. Watch it a couple days before your exam and if you feel like you know and understand 90% of what he’s talking about, you’ll do just fine.

Kelly Henderson Cybrary: 6/10. While very good content, it’s not enough content. Doesn’t cover all the important topics. Her Kerberos example is a great resource, definitely recommend that.

Practice questions:

Wiley/Sybex/Offical Practice test: 8/10. It’s great for drilling the concepts. I made 74% on three practice exams and 75% on the fourth one.

LearnZapp: 4/10. I could see how this would be useful for some. But it’s just a regurgitation of the offical practice test. If you bought one, don’t buy the other imo. Only have “56% readiness” but cruised through the exam.

WannaPractice: 9/10. In my studies, this is the most accurate to the exam. It’s just enough to make you think while other questions are seemingly so simple. That exactly how the exam is in my opinion. There are a few “gotchas” but overall it’s the best resource to use. I got a 76% on the practice exam.

Gwen Bettwy Udemy Mock Exams: 5/10. I did not like these. There are way way too many “gotcha” questions. This while makes you think a lot, is not accurate to the exam. These were harder than the exam in my opinion. Score 64%, 64%, 62%, 85% on those exams.

Luke Ahmed’s how to think like a manager: 7/10. Great book, used it as a learning experience to drill down on the “why” behind answering questions. Got 19/25 on the book.

50 CISSP practice questions: 8.5/10. These are also very accurate to the exam. Some are easy, some make you think. Very good resource. I got 43/51 https://m.youtube.com/watch?v=qbVY0Cg8Ntw

Cascading thought:

1. Don’t dive too deep into the Reddit echo chamber. If you are making around the same scores I did, odds are you’ll do just fine.

2. You really don’t have to do thousands of practice questions. Just understand the high level concepts and how to apply it to the business process.

3. Move your exam up, pushing it out months in advance is just wasting time. If you watch exam cram and you know it, you’re ready.

4. If you sit on a question and really truly can’t figure it out. Go with your gut. Don’t over analyze.