Thursday, June 4, 2009

CISSP: My Study Plan

I sat for the CISSP exam on May 16, 2009. The exam was not easy, but I was prepared. And had the positive energy to complete it successfully. It was a long exam - 6 hours. Equally mentally exhaustive as much as physically demanding. Add to that the constant slight buzzing sound (read noise!!) of something in the hall.

All these in place, I took the whole 6 hours & completed & checked, rechecked the question paper & checked, rechecked the bubbles in the answer sheet. Someone must be wondering why would I check & recheck the question paper.
Please read on to know why.

My Study Resources:

+ Clement's CISSP introductory video (
+ Shon Harris All-in-One (AIO) 4th Edition
+ ISC2 Official CBK Guide (
+ Shon Harris CISSP CBT/DVD (
+ CISSP forum
+ CISSP Quizzer
+ Notes/Aide Memoire available on CISSP forum
+ CISSP Gold Edition Questions & Answers
+ Shon Harris AIO Quiz (in the CD)

Time Duration for Preparation:

January last week - March end 2009 -> 3-5 hours after work. Weekends -> 5-6 hours - slowly tasting the subject matter & letting it seep in.
April 2009 - May 15, 2009 - > 7-9 hours every day - Time to pace up & complete the preparation.
During this time, I completed 2 other certifications & 1 training that definitely helped me be comfortable with the domain content.

My Study Plan (in that order):

+ Finished Shon Harris CBT/DVD
+ Completed one 100-question quiz for each domain as I completed the domain from SH CBT
+ Read Shon Harris AIO 4th edition
+ Complete Q&A at the end of each AIO Chapter.
+ Revise each domain through Notes/Aide Memoire available at CISSP forum.
+ Read forum posts, questions & responses, the reasoning behind the solution!
+ Complete Full Length quizzes for individual domain(s)
+ Read OIG
+ Complete Gold Edition Advanced Sample Q&A
+ Complete 10 Full Length quizzes (group of 3 & 4 domains)
+ Read my notes

Important points that will help you:


+ Be mentally prepared before you begin preparation.

+ Share your plan with your family or friends or both. At a point in time of preparation, you may find yourself face-to-face with high work load at office, unexpected but important official/unofficial events, & may lose focus/direction from the task. This is the time your family/friends will be of great help.

Remember, it is extremely important to keep yourself motivated to go on.

+ Book the exam after 2 weeks of preparation. This will help you understand what you have to complete & how long can it take for you to prepare.


+ Complete all domains. No matter how many years you have been in the industry, you should always complete all the domains.

+ Think from the Management perspective. Remember this is not a 100% technical exam. You need to know technical stuff but it tests your decision-making using your knowledge of technical concepts.

+ Do quizzes from different sources. And know the reason why the correct answer is correct & the incorrect answer is incorrect.

+ Use google & wikipedia for reading on topics.

+ Use CISSP forum.

+++Day before the Exam+++

+ Organize all the documents required for the exam day & keep it in your bag - Admission Ticket, ID cards - Driving Licence / Passport, Company ID etc.

+ Ensure that you have 2 HB #2 pencils, 2 dust-free erasors, a sharpner, 2 pens (not required though) & a jacket / a light woolen-wear for the exam - temperature may be too cold or tool warm for you to feel comfortable.

+ Eat a healthy, heavy breakfast. Take at least 1 water bottle, some energy bars or preferably energy drinks with you. Believe me you will need these in the Exam and you will not like to move your a$ even a bit out of the hall after looking at the question paper!!

+ Do NOT Smoke before or during the exam. You must be relaxed all this while and smoking isn't going to help you.

+ The CISSP Exam is as mentally exhaustive as it is physically demanding. Therefore relax on the day before the exam.

+++Day of Exam+++

+ First Rule of tackling this Exam - Attempt All Questions.

+ Read through 25 questions first and then take the second round answering them.

+ Eliminate the choices & then apply the concepts on the final 2 choices - from the Management perspective.

+ Mark the 25 answers against the respective 25 questions - in the question sheet. Once you have completed 25 questions, start filling in the bubbles on the answer sheet.

+ Be very careful while filling in the answer sheet. You will agree it's been a long time when you last filled those bubbles with a pencil. Your fingers will start aching if you decide to fill in 50/100 questions in one go. So choose to complete 25/30 questions in one go.

+ Mark the questions you are unsure of, or finding tough to answer or taking too long to answer. Come back to them once you are done with all other questions.

+ Once you complete all questions, go to the first page & start reviewing the questions you marked above. You should be able to solve them now. If not, refer to the Ist rule of tackling this exam above.

+ After you have completed all questions including marked ones, it's time to review. Go to the first page of the question sheet & start reviewing each question one-by-one.

+ By this time, after review, you will have most certainly changed some of your answers. Do a review now of your answer sheet to make sure that you filled 'correct answers in the correct bubble.'

+ After you submit the Answer sheet, go & get fresh. Wash your face to get freshen up, & go eat something. I am sure you will be damn hungry by now.

+++Post Exam+++

+ Catch up with your family, friends.
+ Relax & enjoy coz you have done your part.
+ The most important of all: Think Positive.

Best Regards.


  1. Awesome info -- thanks for being a ray of reason in the world of mis-info. I am trying for a Feb 12 2010 test date and my wife says she can see anxiety in me -- ha!

  2. Glad the info helped you. Good luck for your exam.

    Hope to hear from you with your digits ;)

    Best Regards.

  3. Great post... Hey, got some qtns for ya..

    My test is this weekend, and I want to know HOW do I know if I am ready?

    I am getting 70-75% on the test exams that came with teh SH AIO ver4 cdrom (part of the book). If I re-do the exams, I feel I can hit 80% or above. I've done chapter summary qtns from these books too:

    a) cissp in 21 days b) cissp 4 dummies c) SH AIO ver4

    I have taken a 2 week intensive coures and have industry experience as well.

    Is there a reasonable way of assessing if I am ready or not based on performance on these test exams etc? thx and keep up the good work...

  4. Hi Anonymous,

    Thanks for your comments.

    You should monitor how much are you scoring on quizzes? Is it a consistent score? Did you timed the quizzes based on real exam duration?

    The books you have referred to are good, though I'd suggest you go through Official CBK at least once before weekend.

    Try to get the feel of variety of questions from various sources. Please refer to my post where I have shared the resources I found useful in preparation and aspects to work on for gaining confidence.

    For your question, well there is really no sure shot way to know if you are ready; except listening to your intuition.

    Hope this helps.

    Good luck.

  5. Thanks for posting a comment in my blog. Here's the favor back at ya! ;)

  6. Can you send me your Notes/Aide Memoire you used for CISSP?

  7. what were the other 2 cert u did?

  8. Hi
    what other relevant certification you did, as you mentioned in your 1st para that you did two certification, could you mention names of those.

  9. Don't remember at the moment but were 2 of these.. EXIN ISO 27002, EXIN ITIL and Comptia Security +

    IMO, 27002 and Security + can be considered as subsets of CISSP syllabi.

    Hope this helps..

  10. @Nitheesh: What info do you want?

  11. Awesome information... I am planning for exam in January 14...
    Hope using your planning strategy will help me to clear in first attempt..
    Whats say !!

  12. Passed the (ISC)2's CISSP Certification Exam recently and here are some advices that helped me pass the exam. Try to learn from any video course provider for CISSP. Personally I did use CBT Nuggets. They are good and short. You can complete their Video Course for 12 hours. I did run the video course for 4 weekends in a month.

    Additionally you should practice with the Exam Prep's there are a lot and pretty much all are the same. Personally I did use an app from an app store called CISSP Certified Information Systems Security Professional - Exam Prep. It is very convenient and practical to have the practice exam in your hands at all time "I was literally practicing even when I went to the toilet" the benefits of technology this days.

    You should be able to pass after all of this. I hope this was helpful enough.




The views, information & opinions expressed in this blog are my own and do not reflect the views of my current or former employers or employees or colleagues.