Spend Less & Save More with our Exciting End-of-Year offers (BUY 1 GET 1 FREE) | Offer ending in:
D H M S Grab Now

What is the best way to prepare for the CISSP exam?

Congratulations on registering to take the most coveted exam in the InfoSec domain! The CISSP certification is an exhaustive exam and we have listed the exam details, exam tips, the resources, the endorsement process and the re-certification process in the paragraphs below:

Exam details:

1. A CISSP candidate must demonstrate a minimum of 5 years of full-time security experience in two of the eight domains of the (ISC)2 CISSP CBK (Common body of knowledge)

2. The candidate must score 700 out of a possible 1000 points to pass the exam

3. The duration of the exam is about 3 hrs.

4. All English versions of the CISSP exam use CAT or ‘Computerized adaptive testing’

5. The candidate can check the pricing of the exam from this link

6. The exam has about 100-150 questions

Here are a few tips and suggestions to help you get the prestigious certification.

Exam tips:

a. Book a date for the exam at least 3 months away and start studying immediately

b. It is good to study for at least 4 hours every day

c. It is necessary to draw a timetable and stick to it diligently

d. It is also necessary to take into account the different personal and official responsibilities in the three-month time frame and adjust the timetable and work hours accordingly

e. Since the exam has 100-150 questions which have to answer in 180 minutes the candidate needs to be totally thorough with all the topics of the exam. Since there is a chance that the questions will be wordy, you need to have an absolute grasp over all the topics of the exam.

f. Patience, persistence, and consistency are some factors that will help you to crack the exam

These are some of the resources that can be used to crack the exam more efficiently:


We would recommend you to study the two following books for a period of two months. The first book is by Adam Gordon and it can be found at the following link:

a. Official (ISC)2 Guide to the CISSP CBK ((ISC)2 Press) 4th Edition by Adam Gordon

Since the security industry has to keep up with changes in the IT industry and security landscape, this official (ISC)2 book contains enhancements to the CISSP syllabus and it was published in 2015. This new book contains the modified and current CISSP of eight domains and questions pertaining to them.

We next recommend you to read and be thorough with the following book from Sybex.

b. (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide 8th Edition by Mike Chapple (Author), James Michael Stewart (Author), Darril Gibson (Author)

This Sybex study guide has expert content, real-world examples, advice on passing each section of the exam and access to the Sybex online interactive learning environment.

Once you have thoroughly mastered both the books given above, we would recommend you to do practice the tests by (ISC)2. It is available at the following link:

c. CISSP Official (ISC)2 Practice Tests 2nd Edition

These are the official practice tests available from (ISC)2. These practice tests are aligned with the latest version of the CISSP exam. This book contains 1300 unique practice questions. In addition, the first part of the book alone contains 100 questions per domain.

The last book that we recommend you to study is ‘Eleventh-hour CISSP’ and it is available at the following link:

d. Eleventh Hour CISSP®: Study Guide 3rd Edition

The ‘Eleventh Hour CISSP’ is again tuned to the current syllabus of CISSP and is streamlined to include core certification information and it is primarily used for last minute studying.

After you have spent time studying the book resources listed below, we also recommend you to go through the following NIST publications:

SP 800-12 – An Introduction to Computer Security

SP 800-14 – Generally Accepted Principles and Practices for Securing Information Technology Systems

SP 800-30 – Risk Management Guide for Information Technology Systems

SP 800-34 – Contingency Planning Guide for Information Technology Systems

SP 800-86 – Guide to Integrating Forensic Techniques into Incident Response

SP 800-88 – Guidelines for Media Sanitization

SP 800-137 – Information Security Continuous Monitoring

SP 800-53 – Security and Privacy Controls for Federal Information Systems and Organization

SP 800-145 – The NIST Definition of Cloud Computing

Once you have passed the exam, the CISSP candidate should complete the endorsement process.

Endorsement process:

All candidates who pass the exam must complete the endorsement process within 9 months. The application must be endorsed and digitally signed by an (ISC)2 professional. The endorser must attest to the candidate’s work experience in the IT security industry.

Once the candidate receives his CISSP credential from (ISC) 2, a candidate should recertify every 3 years.

Maintaining the certification:

Recertification is done by earning CPEs or ‘Continuing professional education’ and paying AMF (annual maintenance fees) of 85$. CPEs can be earned by joining webinars, attending events, reading and writing about Information security articles and books or volunteering.

These are the processes and resources to pass the CISSP exam with flying colors!

It is to be noted that we at InfosecTrain offer classroom and Online Training for CISSP by our expert instructor, Prabh Nair! Do contact us for more details and good luck!

Jayanthi Manikandan ( )
Cyber Security Analyst
Jayanthi Manikandan has a Master’s degree in Information systems with a specialization in Information Assurance from Walsh college, Detroit, MI. She is passionate about Information security and has been writing about it for the past 6 years. She is currently ‘Security researcher at InfoSec train.