CISSP Starter Page

Contents

  1. The Strategic Role of CISSP
  2. CISSP Domains of Knowledge
  3. Amicliens InfoSec Conceptual Model
  4. CISSP Exam Preparation Strategy
  5. CISSP Exam Preparation Materials
  6. The Effective CISSP Series
  7. CISSP Starter Resources Kit
  8. Practice Question (Wentz QOTD)
  9. CISSP Communities
  10. Other CISSP Resources

Featured Posts


1. The Strategic Role of CISSP

InfoSec Expertise Blueprint V1.2

2. CISSP Domains of Knowledge

cissp_domains-1.jpg

CISSP is one of the most challenging exams ever because of its comprehensive perspectives and requirements of solid conceptual level understanding and in-depth insights into managerial and technical issues.

  • Think Like a Manager!
    It’s comprehensive, and you have to think from a variety of perspectives, such as board director, senior management, CISO, auditor, legal counsel, purchasing and HR staff, engineer, developer, project and program manager, end-user, attacker, and so forth. Experience or certifications of PMP, ITIL/ITSM, or CCNA help quite a bit.
  • But You Need to Know Technologies!
    The CISSP exam, from my point of view, can be divided into two parts: management (Domain 1, 2, 5, 6, and 7) and technology (Domain 3, 4, and 8). It’s a body of knowledge, not a collection of discrete knowledge points.

3. Amicliens InfoSec Conceptual Model

AmicliensInfoSecConceptualModel_20190509
  1. Build your own blueprint or conceptual model (e.g., Amicliens InfoSec Conceptual Modelin one week by skimming, browsing, speed-reading your study guide, mentoring, tutoring, training, or any other approaches available.
  2. Base your learning on the model and study topic by topic iteratively and progressively. This is the Agile way to increase knowledge (value) iteratively.
  3. After you have informed and enriched your conceptual model, it’s about time to read your study guide from cover to cover.
  4. Review the CISSP exam outline every day to ensure you are on the right track and measure your progress.
  5. Practice questions in Sudoku 365 (Wentz QOTD) until you understand the concepts behind each question and score higher than 80%. This approach is called test-driven.

Progressive Learning in Parallel (like the right-hand side). That is, read each domain progressively and in parallel like the right-hand side of animation depicts. Most people tend to read domain by domain like the left-hand side.

4. CISSP Exam Preparation Strategy

Wuson’s CISSP Exam Prep Strategy

The critical success factors of CISSP are the effectiveness of your study plan, persistence, discipline, and communication with and support from your family and boss.

Exam Preparation Tips

5. CISSP Exam Preparation Materials

6. The Effective CISSP Series

My book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals. Please visit Wentz’s Publications for details.

*** The CISSP Test-Driven Study Strategy

7. CISSP Starter Resource Kit

Study Guides

  1. The Effective CISSP: Security and Risk Management (Starter/Orientation)
  2. (ISC)2 CISSP Official Study Guide, 8th Edition (OSG) (Primary Source)

The following are optional materials:

Videos

  1. (ISC)² Certification Webcasts
  2. Kelly Handerhan@Cybrary
  3. CISSP Shon Harris
  4. CISSP Domain 2 Review by Destination Certification

Notes

  1. Sunflower CISSP™ 2019 PDF Document by Frankrijker, Reina & Warnock
  2. CISSP Process Guide V.21, 2020 by Fadi Sodah (aka Madunix)
  3. Memory Palace CISSP Notes by Prashant Mohand
  4. Lance’s CISSP Notes
  5. TOP 10 TIPS for the CISSP exam by Luis Alejandro Sosa

8. Practice Question (Wentz QOTD)

Kindle Books and Paperback

I suggest doing practice questions in the following order:

  1. CISSP Official (ISC)2 Practice Tests
  2. How To Think Like A Manager for the CISSP Exam (Kindle)
  3. The Effective CISSP: Practice Questions (CISSP Sudoku 365)

QOTD (Question Of The Day)

  1. Wentz’s CISSP Practice Questions (QOTD)
  2. QOTD by Adam Gordon
  3. QOTD by Colin Weaver, ITDojo

Test Engine

  1. ThorTeaches
  2. Luke’s Study Notes and Theory (SNT)
  3. Boson
  4. CCCure

9. CISSP Communities

The Effective CISSP Groups

  1. Effective CISSP Group Rules
  2. Effective CISSP Facebook Group
  3. Effective CISSP in Taiwan Facebook Group
  4. Effective CISSP Telegram Group
  5. Effective CISSP YouTube Channel

Facebook Groups

  1. The Effective CISSP Facebook Group
  2. CISSP Exam Preparation – Study Notes and Theory
  3. CISSP, CISM and PMP certification training by Thor Teaches!
  4. Information Audit

Chat Rooms

  1. CISSP, CISM, and PMP Study Group by Thor Teaches
  2. Certification Station on Discord

Forums

  1. r/cissp on reddit

10. Other CISSP Resources

  1. NIST Glossary
  2. Wentz’s Glossary
  3. Rainbow Series
  4. ISC2 CISSP Glossary – Student Guide
  5. SNT Study Resources
  6. Thor Teaches Study resources

11. Awesome YouTube Channels

  1. Talks at Google
  2. University of Virginia School of Law
  3. UChicago Social Sciences