We interviewed a bunch of people that can help you out if you’re interested in passing the CISSP first time.
Certifications we’ve asked for advice from professionals that passed them include:
- C|EH (Certified Ethical Hacker)
- CISSP (Certified Information Systems Security Professional)
- OSCP (Offensive Security Certified Professional)
What Will I Learn?
- We Asked InfoSec Professionals: Is CISSP Difficult?
- Dirk Groben | CISSP, CSIRT
- Roberto Contreras | CISSP, CISM, CEH, CISA, CPTE
- Xerxes Kiok Kan | CISSP, PIMS, CISM, CRISC, C|HFI
- David Schwartzberg | CISSP, GIAC GMOB
- Danny Ha | CISSP, PhD, FCRP, PMP, ITIL
- Anthony Leece | CISSP, GCIH
- Leighton Johnson | CISSP
- Kevin Tighe | CISSP, CEH, MCP
- Richard Starnes | CISSP, ISSA and BCS Fellow
- Michalis Papachristoforou | CISSP, PECB-CDPO, PRINCE 2
- Andreia Goncalves Pinheiro Santos | CISSP, CEH
- Saad Moten | CISSP, CISA, CISM, CDCS, CDCP, PMP, ITIL
We Asked InfoSec Professionals: Is CISSP Difficult?
70% of respondents so far answered that “Yes”, CISSP is a ‘difficult’ Certification.
Of course, the real answer to this question is: ‘it depends.’
Whether or not you find CISSP hard to pass the first time depends greatly on your experience and ability to learn.
CISSP is a senior IT Security Cert and it does require in-depth knowledge.
Love it or loathe it let’s just agree that HR and Recruiters tend to love this Cybersecurity Certification. Indeed, many recruiters consider CISSP as an essential part of the recruitment process.
To help you we thought we’d contact Cybersecurity Professionals that have taken and passed CISSP what for their thoughts and experience on how they studied for and passed CISSP, and, whether having the designation has helped their career.
Without stating the obvious, CISSP is certainly one of those InfoSec certs that is aimed squarely at Senior Cybersecurity Management.
Dirk Groben | CISSP, CSIRT
Senior Cyber Security Expert
I’ve read books for CISSP examinations. But forget the brain dumping stuff. The exam is about thinking differently. And you need to learn to gain your thoughts straight and understanding all vectors included in the process.
Roberto Contreras | CISSP, CISM, CEH, CISA, CPTE
A lot of reading and practice.
Xerxes Kiok Kan | CISSP, PIMS, CISM, CRISC, C|HFI
Head of Security & Controls at Anglo-Eastern
This exam will test your knowledge in Information Security Field, it is a Kilometer wide topic and an inch deep. Understand the domain and how it will be implementing real situations rather than theories only or memorization.
David Schwartzberg | CISSP, GIAC GMOB
Technical Solutions Architect at Cisco
Study for at least 3 months prior to sitting. 1 month prior to sitting for the exam answer practice questions daily.
Danny Ha | CISSP, PhD, FCRP, PMP, ITIL
AI Fintech ERM Advisor
I studied CISSP in 2000. There were not many good textbooks that year. I studied all the domains according to the given syllabus from ISC2 and tried very hard to find the related material on the internet including the below textbook. I passed the CISSP in 2000. After starting to conduct CISSP training in 2001, I wrote praise on the endpaper to recommend the book CISSP All-in-One Exam Guide by Shon Harris in 2002. After all these years of teaching until now, I still recommend this textbook. The book could explain security management concepts from basic, linking up to other topics well, and easy to understand. It is the 7th Edition now. I do not have this book, but I think it is fine as well.
Anthony Leece | CISSP, GCIH
Information Security Consultant
I found the study guides to be the most helpful. They distilled the main information points to a more digestible form than the ISC2 CBK book. Practice tests are also helpful, but they can create a situation where not all information is covered, so be sure to read the material that goes along with it.
Leighton Johnson | CISSP
Information Security Consultant
Study the areas you don’t know first, but review all domains.
Kevin Tighe | CISSP, CEH, MCP
Senior System Analyst at Steampunk
Don’t rely on what you know, follow the book and answer the way the test writer wants, even if it is not necessarily best practice in real life.
Richard Starnes | CISSP, ISSA and BCS Fellow
Chief Security Strategist, Capgemini
Go through the CBK and honestly evaluate your strengths and weakness. Study the weaknesses first. The study, Study some more. Take practice exams. Take the ISC2 course if you can. Get a good night’s sleep and pack lunch for the test. Take a break halfway through the exam. Don’t fight the question. Pick the right answer even if you don’t agree with it. Don’t change your answer once you have made it.
Michalis Papachristoforou | CISSP, PECB-CDPO, PRINCE 2
Data Risk Manager
Study hard and obtain hands-on experience on the CISSP domains.
Andreia Goncalves Pinheiro Santos | CISSP, CEH
Senior Cybersecurity Consultant at PwC
Study and study… Make the concepts simple in the mind.
Saad Moten | CISSP, CISA, CISM, CDCS, CDCP, PMP, ITIL
Senior Information Security Manager at Nokia
Passion for the study and take as a challenge.
BuiltWith, which I use via its' Chrome browser extension is a useful tool. Why? Because you can see what tech a website is using. The types of data you can find out about include: Their...
This is promoting a paid service (I'm not an affiliate for this product) but anyway - here it is! Just shy of a million individuals are available to advertise your brand for USD $75 each month if...
6 thoughts on “Is Passing CISSP Difficult?”
Very difficult, although I passed at 100 questions I felt like I was failing the whole time. This certification is not for anyone, you really need to have a background to understand many of the core concepts. Make sure you do due diligence looking into the content before you embark in taking on this challenge. Good luck
Thanks for sharing Mark
You’ll never be confident during the exam because the questions are not based on the factual statements in any textbook, even the official ISC2 CISSP CBK textbook. Having said that, understanding as much as you can about each domain will help so reading all the recommended study guides and doing thousands of practice questions will be extremely helpful. Don’t get too hung up on “wrong” answers. When you review your wrong answers, you will need to make an assessment on why you were wrong and if you were wrong because terms were specific to the practice exam study materials or if you didn’t understand the underlying concepts well enough. This in itself is sometimes the biggest challenge. You will never be 100% certain you are acquainted with every term that could be asked on the real exam. You need to be as familiar as you can with as many terms as possible and just as importantly, work on your skills in understanding questions and how you can infer and dissect the questions being asked. This is the number one reason why no one is ever confident if they are dong well during the exam. You just won’t know if you are interpreting the questions correctly and you’ll see some terms you have never seen before but it is possible to decipher their meaning if you have the breadth of knowledge. This is a hard exam. It’s an inch deep but for some two inches or even three inches will help with truly understanding a topic. Passing the exam requires a lot of effort but is quite rewarding at the end of the journey.
Wow! Thanks for your amazing and helpful comments!
It seems Dirk Groben, Roberto Contreras, Danny Ha & Richard Starnes are identical quadruplets based on the similarity they show on the photos.
Yes indeed! I need to get around to fixing that. Thanks for noticing