CISSP Masters Degree: Where to start with CISSP Certification


cissp howto

claim your CISSP masters degree in cybersecurity

  • 3.5 million UNFILLED Cybersecurity jobs by 2021 that all require qualified candidates
  • CISSP is recognized as equal to UK Masters degree, earning annual salary $141,452
  • Resources to self-study CISSP including free Cybrary, Reddit and youtube and exam tips

I have recently been approached by friends who are considering pursuing a CISSP certification. This is a blog about the questions I keep getting. If you still have questions, please leave me a comment below.

What is CISSP?
The International Information System Security Certification Consortium (ISC2) offers the Certified Information Systems Security Professional (CISSP) which is the "most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization. ", according to ISC2. The CISSP is among the top-paying certifications of 2020 with annual salary of $141,452 according to global knowledge research. 

What makes the CISSP certification attractive?

1) Lots of Opportunities
With ISC2 research forecasting 3.5 million unfilled cybersecurity jobs by 2021, this is the right moment to join a booming the cybersecurity field or finally earn your CISSP cerfitication.

Earn a CISSP makes you attractive to potential employers. Now according to the ISC2 member counts, there is a total of 141,607 CISSP-certified individuals around the world. This number of individuals is not even close to satisfying the needs of even half of the 3.5 million jobs (even though not all of these jobs require a CISSP certification).

2) CISSP Masters degree
ISC2 announced in May 2020 that the CISSP certification has been recognized as comparable to a UK Masters degree. In my opinion, this enables employers to understand the understand the certification in comparison to traditional academic qualifications and therefore gauge the compensation the certification holder commands. I have worked in the IT space with an academic degree which often was an uphill battle to convince employers regarding my skills and appropriate compensation, not until i went to university to get an academic degree. 

Here is a short ISC2 video (1.12 minutes long) on quick facts about whether the CISSP is relevant for you:

Here are all the resources I used to self-study for the CISSP:

1. (ISC)2 CISSP Official Study Guide & Practice (get the latest version)

2. Eleventh Hour CISSP®: Study Guide Paperback by Eric Conrad

3. Boson CISSP questions (ExSim-Max for CISSP) $99

4. Cybrary CISSP course and Questions bank. *****Cybrary offers free CISSP training throughout January 2021. (18 hours and 15 minutes long content)****

5. Plenty of CISSP youtube videos, such as Kelly Handerhan and Larry Greenblatt 

6. Reddit CISSP community resource page

7. CISSP certification exam outline

So if i decide to pursue CISSP, where to start?
Start with the freely available resources before going out to buy the official materials. I started with going through the Reddit CISSP community materials, watching youtube videos and signed up for Cybrary free CISSP courses above. These free materials took me about three months to consume during which time I developed a desire, rhythm and confidence in pursuing the CISSP.   

Is CISSP open book?
No, CISSP is a closed book exam, that is the exam candidate is not allowed to carry in any materials or notes into exam room. At the Pearson VUE center where i had my CISSP exam, i had to empty my pockets and socks, and whatever I had was securely locked away in a cabinet including my phone and wallet. 

Can you take CISSP without experience?
Yes you can. If you pass CISSP exam without the required 5-year work experience, you become an Associate of ISC2. As an Associate of ISC2 will then have 6 years to earn the 5 years required experience. 

Things to help you conquer the CISSP:

1) CISSP exam question (technical, legal, risk and business) 

You need the technical, business, risk and legal perspectives an most important is to determine which perspective fits every question you face before and during the exam. For each question you face, ask yourself: is this a tech, risk, business or legal question.

This took a lot of self-training for me. Considering that i was coming from a technical background, I was inclined to assess and answer each question based on my technical experiences. So regardless of your prior professional background, get used to being flexible in assessing each (practice/exam) question to identify and apply the perspective (tech, legal, business or risk) question requires before you answer.

2) time - make sure it doesn't run out on you

Keep an eye on the time. My goal at was to keep it at/below one minute per question. This strategy worked for me. Since i was taking the new computerized adaptive testing (CAT) exam that dynamically stops when it evaluates a pass, i was able to get off the hook after 102 questions out of the 150 questions. The CAT is a 3-hour exam that requires a passing grade of 700 out of 1000 points.

3) tough exam but prepare well to stay calm
This was one of the most toughest exams i have faced but with good preparation i was able to remain calm during the exam. I had gone through over 4000 practice CISSP exam questions in a period of about 7-8 months. During practice, I went through the reasoning behind the questions I had answered wrong rather than cramming the answer and made sure to re-attempt the same questions after a few weeks.

4) Exam taking tips apply

After facing several exams, there are a few tricks one develops such as:
  • Read the question and the answers before reading the long story of a scenario-based question
  • CISSP is multiple choice exam. Eliminate the wrong answers first but concentrating on remaining options.
  • Arrive in (extra) good time to allow for verifying your ID/photo.
  • be well rested, bring warm clothing (sometimes exam room is cold especially during winter)
5) And lastly,

Which is harder CISSP or CISM?
I have sat and passed both CISSP and Certified Information Security Manager (CISM) exams on my first attempt. I found the CISSP exam harder than CISM. CISSP exam materials are thicker and I took more time preparing for CISSP than i did for CISM.

I studied less for CISM considering that there is an overlap of knowledge carried over from CISSP (future post on passing CISM is in the works, ping me if interested).

To your CISSP success!

prestigious CISSP jacket pin
CISSP members pin

If you still have questions, please leave me a comment below and share in your network

Read More:


Post a Comment