Passed the CISSP on my first attempt on May 7th. This repo documents my study approach, the resources I used, and lessons from the experience.
Five months of structured preparation, starting from January through to exam day in May.
| Resource | Notes |
|---|---|
| Official Study Guide (OSG) 9th Edition | Primary reference — read cover to cover |
| Shon Harris AIO Guide | Strong conceptual coverage |
| Destination Certification CISSP Guide | Excellent for concept clarity |
| 11th Hour CISSP | Last-minute review |
| Thor Udemy CISSP Course | Video reinforcement |
| Pete Zerger's CISSP Exam Cram & Addendum | Compact review |
| Kelly Handerhan's CISSP Cybrary Course | Good for understanding the "why" |
Used Thor practice tests plus question banks from the OSG, AIO, and Destination Cert books. Practice tests aren't about memorising questions — they're for identifying weak areas and testing how well you understand the concepts.
Understand, don't memorise. CISSP is conceptual. The exam tests whether you can reason through scenarios, not whether you've memorised definitions.
Map topics to real experience. If you've worked in security, connect what you're studying to things you've actually done. It makes the reasoning under exam conditions much faster.
The Dest Cert Discord was invaluable. Discussing topics with people actively preparing (or who'd already passed) cleared up a lot of confusion. Thanks to @Tresharley, @DarkHelmet, @deadpooh, and others who helped along the way.
Read each question carefully and don't rush. Eliminate wrong answers first. Once you hit Next, you can't go back — so be deliberate.
- Exam was at 8 AM
- Full forms are spelled out in questions — no need to memorise abbreviations
- Passed at the minimum 125 questions (CAT format)
ASHDEX — Security Researcher & Architect | CISSP ashdex.com