Why should you get the CISSP certification?

The CISSP is the GOLD standard of IT Security certifications – it is offered by ISC².

• The most sought after by recruiters, HR and hiring managers.
• Currently 116,000 CISSP job openings in the US, that is more openings than certified
people!
• There are currently 4.5 million IT Security jobs worldwide and the job numbers are
expected to grow by 11-12% annually. That is a job growth close to 500,000 new jobs
every year.
• There are as of January 2022 152,632 CISSP’s worldwide in 172 countries.
• If you study for the knowledge, take the certification as well.
• CISSP certified IT Security Professionals make on average 35% more than non-certified
colleagues.
• The CISSP average salary is over $125,000 a year.
• IT Security is an awesome field to work in, constant growth and specialization
possibilities.

The 8 CISSP domains

8 Domains make up the CISSP CBK (Common Body of Knowledge):
1. Security and Risk Management – 15%
2. Asset Security – 10%
3. Security Architecture and Engineering – 13%
4. Communications and Network Security – 13%
5. Identity and Access Management (IAM) – 13%
6. Security Assessment and Testing – 12%
7. Security Operations – 13%
8. Software Development Security – 11%

The 4 things you need to pass your CISSP certification.

Learn how to CISSP Exam
• You need the CISSP knowledge to pass (obviously), but that is not enough.
• Understand and answer every question from a Manager or a Risk Advisers point of view,
NOT C-level or as a techie.
• Spot the keywords (non-repudiation, public key,) and the indicators (Not, Most, First).
• The CISSP is a LONG exam, you have 4 hours to answer 125-175 questions.
• Eliminate wrong answers: If they ask about encryption and the answer are DES, AES,
Sprinkler systems, the OSI model, you can safely eliminate Sprinkler and OSI, you are now
at a 50% chance of a right answer.
• Do some CISSP practice tests, some the full 4 hours and 125-175 questions to see how
you handle it, this is as much mental stamina and reading the questions right as it is the
actual knowledge.
• There are no prerequisites for taking and passing the exam. If you do not have the 5-year
experience required you will be awarded the “Associate of (ISC)²” designation, and you
will have 6 years to fulfil the work experience requirements.
How to use practice questions, deconstruct them, and time
management- Part 1.
Practice tests! It is normal for students to do 3-5000 practice questions before taking the
CISSP exam.
• Close to 50% of your study time will most likely be used on the practice questions.
• Videos > Book > Practice tests and start over, read up on your weak areas, and Practice
test again, and again and again...
• Use multiple practice test engines.
• It is possible to spend less than $300 and get enough practice questions, books and
videos today!
• Take FULL 4 hour long 125-175 questions several times as exam preparation, know how
your brain and body react after 3 hours and 120+ questions.
• Remember who you are on the test, you are an IT Security Manager or Risk Adviser, NOT
hands on techie or C-level.
• You need the knowledge to pass (obviously), but that is not enough.
• Understand and answer every question from a Manager or a Risk Advisors point of
view, NOT C-level or as a techie.
• Spot the keywords (non-repudiation, public key,) and the indicators (Not, Most, First).
Eliminate wrong answers: If they ask about encryption and the answer are DES, AES,
Sprinkler systems, the OSI model, you can safely eliminate Sprinkler and OSI, you are now
at a 50% chance of a right answer.

How to reach your goals, in this case passing the CISSP exam!
Having the right approach to your CISSP goal!
• Why do you want to be CISSP certified? Be able to articulate why and make sure it is
YOUR goal.
• Make a plan for your goal, break everything into manageable pieces.
• Tell someone about your goal, why you want it and your plan for it, that makes it a
commitment.
• Start NOW! Do not allow yourself to procrastinate.
• Build new habits around your studying, use the buddy system if you can.
• Stop multitasking, it does not work.
• Stop checking social media all the time, have a time slot for social media and safe hours
every day.
• Find your peak hours.
• Get enough sleep, nap if you can, exercise, eat and drink enough at the right time and the
right foods and drinks.
• Use visualization, have a positive mantra you repeat, use visual reminders, reward
yourself when you reach milestones.

The CISSP exam itself, how to mentally and physically prepare for it.
THE CISSP EXAM!
• Get enough sleep the night before and book your exam in your peak hours.
• I suggest not studying on exam day, if you are not ready now, the extra hour won’t matter.
Save your brain for the exam.
• Be early for the exam, add a 30-minute buffer for surprise traffic.
• Bring 2 forms of ID, at least one of them has to be an official ID with a picture (license,
passport or similar), the 2nd form of ID does not have to be official but has to have your
full real name.
 • Bring earplugs, sugar, caffeine, snacks or whatever helps you.
• Any break you take will NOT stop the exam, spend them wisely.
• Take a break before you hit the wall (if you know when that is).
• Write down your mnemonics and formulas while your brain is clear, use the 5 minutes
PearsonVUE gives you.

As of June 1st, 2022.

125-175 questions, 4 hours, 50 of those are beta questions, they do not count – Questions are
weighted!

85% multiple choices, scenario (multiple choice) 10%, drag-and-drop 3%, hotspot 2%.

The CISSP CAT (Computerized Adaptive Testing) exam.

Effective Dec. 18, 2017:
o (ISC)² will introduce Computerized Adaptive Testing (CAT) for all English
CISSP exams worldwide.
o Based on the same exam content outline as the linear, fixed-form exam,
CISSP CAT is a more precise and efficient evaluation of your competency.
o CISSP CAT enables you to prove your knowledge by answering fewer items
and completing the exam in half the time.

As of June 1st, 2022.

o 125-175 questions, 4 hours, 50 of those are beta questions, they do not count
– Questions are weighted!

Life after passing the CISSP certification and being being endorsed.
PASSED!
o Endorsement by someone who is CISSP certified (or by (ISC)²), you prove your
IT Security work experience.
o If you do not have the needed 5 years of IT Security experience you have 6
years to fulfil the requirements.
o A college degree takes a year of the 5 year requirement, so does many IT
Security certificates (no more than 1 year total).

Earning CPE’s and pay annual maintenance fees ($85 /year).

CPE’s (Continuing Professional Education), you need to earn 40 per year at a

minimum and 120 every 3 years.

o Group A CPE’s: Directly related to IT Security, no annual maximum.

o Group B CPE’s: Professional development (non-IT Security), maximum 10 per
year.
I failed, now what should I do?
Fail forward!
It is not the end of the world, it sucks, but what do next determines you success in
life.

I have taken a ton of certifications, here is my path to success (bold failed - normal
passed).
CCENT 620/710, CCENT, CCNA, CCNP Switch, CCNP ROUTE 688/690, CCNP
TSHOOT, CCNP ROUTE 688/690, CCNP ROUTE, CEH, CCNA-Security, CompTIA
Security+, CISSP, CCNP TSHOOT Recertification 670/690, CCNP TSHOOT
Recertification, SCP, PMP, CCNP TSHOOT Recertification, CISM, CCNP TSHOOT
Recertification.

If you score 3-5 near proficient or proficient on the CISSP exam, I suggest booking
your next exam right away.

1st retake wait time 30 days, 2nd retake wait time 90, 3rd retake wait time 180 days
(No more than 3 attempts in a calendar year). After 4th attempt the wait timer resets
to 30, 90, 180, 30 and so on.

Don’t take a long break, you will most likely never start studying again.

The $749 retake cost is WAY worth it, remember 35% higher average salary than
non-certified colleagues or a mean salary of $110,000 /year.

Keep your eye on your goal, win and get the awesome job and the life you want and
deserve!

CPE resources.
Each year to keep your certification current you need to earn a certain amount of CPE's.

This is what you need for the CISSP certification.

You can either do purely group A CPE's or chose to do up to 10 group B CPE's per year.

Group A Credits: Domain-Related Activities

Group A credits relate directly to the cyber security profession. Generally, this consists of
activities in the areas covered by the specific domains of the respective credential.

Group B Credits: Professional Development/Knowledge Sharing

Group B credits are earned for completion of general professional development activities which
enhance your overall professional skills, education, knowledge, or competency outside of the
domains associated with the respective certifications. These generally include professional
development programs, such as management courses. While these do not apply directly to the
domains, (ISC)² recognizes these skills are vital in the growth of all professionals and their
credentials.

More in-depth on how CPE's work:

(ISC)² explaining how the CPE’s work

• Free CPE’s:
• (ISC)² – 500+ CPE’s available (Webinar).
• SANS – 500+ CPE’s available (Webinar).
• ISACA – 100+ CPE’s available (Webinar).
• Infosecurity-magazine + 350+ CPE’s available (Webinar).
• wh1t3rabbit – 250+ CPE’s available (Podcast).
• OWASP 100+ CPE’s available (Podcast).
• Certs.org – 200+ CPE’s available (Podcast).
• Edx.org – 250+ CPE’s available (Online training).
• Coursera – 250+ CPE’s available (Online training).
• Securitytube – 10,000+ CPE’s available (Videos).
• Youtube – 100,000+ CPE’s available (Videos).

How to build your study plan.

Make your own editable study plan.

https://pdf.ac/fuUOV