Thursday, October 21, 2021

Resources that helped me pass the CISSP exam

Summary: List of helpful resources for CISSP exam.

After four months of intense study (and about a year since I started) I passed the CISSP exam. Here is the list of resources I found useful (and some that weren't).


Feedback from my colleagues who went to bootcamps varies but the general consensus is that with some exceptions they are not really worth the cost. There is only a handful of trainers who are exceptional and you can find them online for cheaper than $2K+. Yes, most bootcamps can give you a voucher to repeat an exam if you do not pass, but it's still cheaper to pay for two exams than for one bootcamp.

The digital versions of the bootcamps I used and found helpful include:

  • Thor's CISSP Udemy course. I have a Udemy subscription through work, so I watched this course 3 times: first, in the very beginning of my studies (and did not really like it), then after the 2021 update, and finally on the week of the exam at 2x speed (now, after watching it three times, I can say, it's excellent).
  • I lost the link but there was an old audio version of Kelly Handerhan's Cybrary course posted on Reddit. I watched a couple of video episodes when they were free at Cybrary, but mostly listened to the audio while driving. Overall, I think I listened to the whole series 2-3 times (at x1.7 speed). Kelly is one of (if not) the best instructors out there. The audio version is a bit outdated, but the fundamentals are still there. Highly recommend. Also, make sure you watch Kelly's Why You Will Pass the CISSP [exam] video. (UPDATE: Found links to the audios here.)
  • Destination Certification's Mind Map series. Excellent coverage. I would recommend also watching the supplemental videos, like the one that explains how Kerberos works and there are others.


I first planned to use O'Reilly Digital Subscription (through work), but the digital versions did not work for me, so I switched to paperbacks (for casual reading, I prefer digital).


When practicing tests, the point is not to remember, but to try to understand why an answer is right or wrong. Yes you need to memorize a few things, but generally, memorization will not take you too far.

  • Boson Practice Exams. Must be used on a desktop (Windows, not sure it the environment works on a Mac). Very good overall. Explains why the correct answer is correct and why each wrong answer is wrong. I think it expires after 6 months once you start using it, so keep it in mind. I also tried a couple of practical labs (not the tests), but did not find them particularly useful. If you have no practical experience with the concepts (like hashing, etc), they may offer some value, though.

I'm using Android, but assume Apple store has the same apps:

  • (ISC)² Official CISSP Tests. Good app with some limitations. A few questions had wrong answers. There is no way to mark a question when you are taking a practice test. Once you are done with the practice test and exit the app, your results are gone.
  • CISSP Practice Tests. Use the free version. Found a few errors, but overall good.

I used a number of other free apps but as I'm checking now, they are either discontinued, or were not very good.


  • Chegg Prep. Used it for building flashcards for the topics I needed to review. Terrible app, but it's the one I started to use and it was too late to switch. It can get you by.


For every topic that I struggled with, I just searched the Internet for the best resource (in most cases, video) to cover it. There are too many to list, but I want to mention this one because it helped me a lot to learn about networking (one of my weak areas):


Spent a lot of time here:


How I passed the CISSP exam

Best of luck to all learners. You can do it!

No comments:

Post a Comment