Pursuing the CISSP and Sharing My Technique

I recently took the CISSP exam. For posterity I think it’s worth documenting my process in case anyone wants to make an attempt at it themselves. Things are going to change next year so keep that in mind as you plan your study days and evenings.

I started back in April regularly reading the Sybex CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide. I bought the paperback version. I guess I’m still old school on certain types of books. I can read kindle fiction anytime, or even self help books. For study of this size I wanted to flip back and forth between chapters and sections easily. Electronic doesn’t have the same ease for that.

I took the assessment test in the beginning of the book before reading anything. It gave me some sense of a baseline although it’s not a whole lot of questions. Consider it a warm up.

One important method is pacing. It cannot be read in a night. Neither can it be read once a week when you have a free moment. There has to be a set target each day on a regular basis. I would read anywhere from 20 to 30 pages a night. Take a break to have some fun once in awhile. But stay consistent.

Read the Questions at the Back of the Chapter Before Reading the Chapter

This may sound odd. But it’s actually a method shown to work in learning new concepts. It tunes the brain to pay more attention to the content. You’ll notice things you would potentially gloss over because you saw it earlier. You notice a car on the road when it’s similar to yours, more so the same make and model. Otherwise your mind filters out the cars because it’s not important. There’s a whole science behind this, but the point is looking at questions you aren’t sure of the answer to kicks your mind into a different gear of attention while you’re reading the chapter.

Mix in Online Testing

Something I didn’t start doing until a ways in was popping in and doing an online quiz. Buying the Sybex book gets you access to a portal where you can get a feel for the test. Select from a set of chapters that pull questions from the same in the book chapters, or select from 4 different full blown tests. Test fairly often. Another science based method, testing (aka feedback), gets that mind focused on the things missed. Getting things wrong is how we learn. Although not fun, accepting this and realizing it helps you keep going when it’s hard. I took my first test and took notes on all the questions I got wrong.

The Next Book

I couldn’t read just one book. I needed greater perspective. However the other study guide I saw was bigger than Sybex. 1000 pages big. I wasn’t going to take that mountain. That’s when I found the 11th Hour CISSP study guide. Compact, snippets such as ‘Fast Facts’ and ‘Crunch Time’ gave it a review feel that could be read over faster.

After finishing both books
  • Test more and make more notes from that to review
  • Review the fast facts and crunch time of the 11th Hour
  • Review the Summary and Exam Need To Know sections at the back of each chapter of the Sybex CISSP Study Guide
  • The Sunflower CISSP reference can be found online (and free!)
Memorization Techniques

The Memory Palace is a method worth looking into. For an interesting read check out Moonwalking with Einstein: The Art and Science of Remembering Everything. The basics of it is you learn to take advantage of your mind’s capability to remember visualizations way better than words.

There are also mnemonics to use, such as memorizing the OSI model:

[Application] Away
[Presentation] Pizza
[Session] Sausage
[Transport] Throw
[Network] Not
[Data Link] Do
[Physical] Please


Once I got close to exam time I made extra sure I was getting sleep. It’s a must for proper brain activity. There’s plenty of science behind this one too.


This isn’t a bad distraction (see below) and helps your overall physiology so you can learn better.

Study method

Study 25-30 min, rest 5, repeat. There are various study-to-break ratios out there, but the essentials of it is you can’t study nonstop and hope to learn well. You know the feeling. You start to fog up. You’ve read a page…what did it say? Better put the book down and walk around for a few, get a sip of water, talk to the cat. You’ll learn better for it.

Put aside distractions
  • Social Media
  • News
  • Other reading
  • TV

I figured these all took away from my brain’s memorization and learning about everything that was CISSP. The last couple weeks before the test I barely looked at any of the above. It was actually quite freeing to miss out on all the news that frustrated me but I couldn’t do a thing about.


The test is a challenging one. With the dedication and persistence you can successfully pass.

Leave a Reply

Your email address will not be published. Required fields are marked *