If you’re an IT professional who’s serious about information security, then at some point in your career, you’ll likely want to add the (ISC)2 Certified Information Systems Security Professional (CISSP) credential to your certification portfolio. Globally recognized, CISSP is the pinnacle of the (ISC)2 certification ladder, attainable only by the crème de la crème of information security professionals.
Earning the credential isn’t easy, but making the commitment can be lucrative. According to the 2017 (ISC)2 Global Information Security Workforce Study, the average income for a security professional in the United States is a healthy $120,000 per year. Couple that with high industry demand, low unemployment (only 1–2 percent), and the fact that according to the 2015 Security Workforce Study, (ISC)2 certified professionals earn an average of 35 percent more than non-certified peers, and it’s easy to see why the CISSP is a coveted credential.
The CISSP exam is rigorous. Containing 250 questions, the exam can last up to a grueling six hours. To be successful, you need to have a thorough understanding of the topics and materials covered in the exam and be adequately prepared. Here you’ll find some of the top study guides, CISSP practice exams and other training materials available to guide you on your path to the CISSP.
Learn about eight domains of knowledge
The CISSP exam covers eight “common body of knowledge” (CBK) domains. The CBK domains are designed to validate your managerial and technical knowledge and expertise, as well as your ability to engineer, design, and manage security solutions for an organization.
To be eligible to take the exam, candidates must demonstrate that they have a minimum of five years of real-world work experience in at least two of the eight domains.
Choosing current study materials
On April 15, 2018, (ISC)2 updated the CISSP CBK domains and rolled out a new exam. The current domains are:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Some, but not all, of our recommended resources have already upgraded to the new 2018 CBK guidelines. Resources that haven’t yet moved to the 2018 CBK domains are still top resources, but depending on your testing schedule, you may want to wait for an updated edition to be released.
In a recent blog post we summed up the key CISSP exam changes effective April 2018 you need to be aware of as you prepare for the new version of the CISSP exam.
The best preparation guides and study books
Here are some of the top study and preparation guides. Except where otherwise noted, all prices reflect the list prices which were current on Amazon.com as of the writing of this article. As with any printed media, prices are subject to change at the direction of the publishers.
CISSP All-In-One Exam Guide by Shon Harris and Fernando Maymi
Heralded as the number one CISSP training resource is the CISSP All-in-One Exam Guide, Seventh Edition. Note that it is based on the 2015 CBK domains. In addition to in-depth coverage of those domains, it includes exam tips and sample questions with answer explanations. Over 1,400 practice questions are available with the electric content. Available in hardback for $46.32, this guide is not only a superb study guide, but a great reference manual after you earn the CISSP.
The Eighth Edition is scheduled for release on October 22, 2018. It’s currently available for pre-order on Amazon for $66.50. This paperback guide comes with 1,500 practice questions plus flashcards.
CISSP Study Guide by Eric Conrad, Seth Misenar and Joshua Feldman
Currently in its third iteration, the CISSP Study Guide provides comprehensive coverage of the 2015 CISSP CBK domains, along with learning and hands-on modules, definitions, exam objectives, terms, and exam “gotchas.” Questions are provided at the end of each chapter, and the book includes a self-test appendix and two practice exams. The Kindle edition is $46.62 and the paperback version is $45.87. A new edition is in the works, with an anticipated release date in late 2018 or early 2019.
Official (ISC)² Guide to the CISSP CBK, Fourth Edition by Adam Gordon
As the name implies, the Official (ISC)2 Guide to the CISSP, Fourth Edition, is the official, (ISC)2 sanctioned CISSP study guide. It is based on the 2015 CISSP CBK domains and focuses on mastery of core competencies rather than teaching to the test. (ISC)2 will likely update this guide to reflect the new 2018 CBK domains. A Kindle version is available for $44.94 and hardcover version for $57.61.
CISSP For Dummies, Sixth Edition by Lawrence C. Miller and Peter H. Gregory
Released in June, 2018, CISSP For Dummies, Sixth Edition, covers the 2018 CISSP CBK domains. In addition to expert exam prep guidance, the authors provide a 60-day study plan, a bank of online test questions and flashcards, and exam day tips. The price is affordable, with the Kindle edition available for $23.00 and the paperback version for $39.62.
(ISC)2 CISSP: Certified Information Systems Security Professional Official Study Guide, Eighth Edition by Mike Chapple, James M. Stewart and Darril Gibson
One of the top selling study guides, (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, Eighth Edition, has been updated to cover the 2018 CISSP CBK domains. You’ll find comprehensive coverage of the CISSP 2018 CBK domains, exam tips, real examples and more. You’ll also gain access to the Sybex interactive learning environment, which includes six practice exams with 150 questions each, over 1,400 flashcards and a searchable glossary. The Kindle edition is available for $36.79 while the paperback version is $45.49. Sybex also offers abundled version, the (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide and Official Practice Tests Kit, 2nd edition, consisting of the Official Study Guide along with all practice exams and questions plus two more additional exams and 100 extra practice questions per domain. This bundle is available for $85.50.
In addition to study guides, candidates can take advantage of practice exams to prepare for the CISSP. Here are a few of our favorites.
(ISC)2 CISSP Official Practice Tests, Second Edition by Mike Chapple and David Seidl
Based on the CISSP 2018 CBK, (ISC)2 CISSP Official Practice Tests, Second Edition features 1,300 practice questions, including 100 domain-specific questions, all with detailed answers and explanations. In addition, it offers four practice exams with 125 questions each; these are the only practice tests endorsed by (ISC)2. The paperback edition is available for $30.92 and the Kindle edition for $21.59.
CISSP Practice Exams, Fourth Edition by Shon Harris and Jonathan Ham
CISSP Practice Exams, Fourth Edition is designed to be a companion to the CISSP All-in-One Exam Guide discussed above. Both are based on the CISSP 2015 CBK domains. Interested candidates may want to check with the publisher in late October 2018 to see if the practice exams are going to be updated concurrent with the release of the new CISSP All-in-One Guide. Included in the electronic content are more than 1000 practice test questions. Reasonably priced, the Kindle version is $23.02 and the paperback version is $24.23.
CISSP Exam Prep Questions, Answers & Explanations: 1000+ CISSP Practice Questions with Detailed Solutions Volume 1 by SSI Logic
Designed to give students a feel for the difficulty of the real CISSP exam, CISSP Exam Prep Questions, Answers & Explanations focuses on the core concepts of the CISSP 2015 CBK domains. It’s one of the pricier sets of exam questions, but it features more than 1,000 questions with detained explanations. It is available only in paperback for $75.06.
Also consider participating in these top online communities when preparing for the CISSP:
The CCCure Community hosts the CCCure Quiz Engine, which provides CISSP practice exam questions (multiple choice and scenario-based) along with detailed explanations of the answers. The subscription fee enables access to the entire CCCure website, including practice questions for other certifications, such as the CCSP, CASP, PMP, Network+ and CEH. If you’re currently seeking more than one credential, this could be a way to stretch your training budget. If you’re not certain if this is the right learning tool for you, CCCure allows you to check it out with a 1-day trial ($10.00). Individual subscriptions are available in 1-month ($59.99), 3-month ($99.99), 6-month ($129.99) and 12-month ($149.99) increments. Commercial licenses are also available for colleges, universities, instructors and other training organizations.
CISSP Community on Reddit
Reddit is a social media site where members can submit content, participate in discussion boards, rank content and more. Its CISSP community page is dedicated to “anything regarding studying, writing, and working with the CISSP® exam certification.”
Mobile Apps, MOOCs and More
In addition to taking advantage of study guides, practice exams and online communities, don’t forget to explore other resources. Many publishers now provide companion apps for mobile device to help you study on the go. Your favorite publisher doesn’t have an app? No problem! A simple search on the Google Play Store will reveal literally hundreds of apps (some free and some fee-based) for study guides, practice exams and flash cards. On the Apple store, you’ll find a CISSP podcast offered by CyberSecStudy. YouTube has numerous channels devoted to information security and the CISSP. In addition, a simple search of the MOOC list will provide hundred of free CISSP-related learning materials.
Keep asking yourself: “Is CISSP wort it“? Here are some of the benefits that the CISSP credential has brought to three cybersecurity experts.
Good luck on your journey to CISSP certification!