Sie sind auf Seite 1von 4


My Top 10 Tips for Passing the CISSP Exam

How exactly should you go about tackling this monster six-hour exam? CISSP James Michael Stewart offers his suggestions. by James Michael Stewart 9/25/2002 -- The highly respected Certified Information Systems Security Professional (CISSP) title is achieved by passing one very broad 250-question, six-hour exam. While I didn't find the exam extremely difficult in terms of content (I consider it a mid-level security exam), it is a challenging test to take. Unlike other security certifications that test your ability to implement and maintain a security infrastructure, the CISSP certifies your knowledge and understanding of security-related issues, such as physical security, business management practices, technological security controls, cryptography and cyber crime laws. There's not much within the CISSP exam objectives that can be learned from hands-on computer/networking experience. In fact, most of the objectives can be learned by anyone who has the time to read the appropriate study material (however, the organization that runs the CISSP, ISC(2), requires candidates to have three years of documented security experience to earn the certification). With all the study material you'll need to cover, it definitely takes a good deal of time to properly prepare for the CISSP. And no matter how well you know the material, you'll feel like you got run over by a steamroller when you walk out of the examination room. But if you are responsible for maintaining security in your organization, this is an excellent exam to expand your certification base and improve your understanding of a security infrastructure. Before I present my top 10 tips, I need to warn you: These tips are a bit different than that standard fair found on Many of the tips discuss test-taking skills. The CISSP is a broad exam, yet fairly balanced in its coverage of security topics; therefore, my best overall advice content-wise is to know pretty much everything. But success on the CISSP exam is as much about being able to take tests effectively as it is about understanding the content. To that end, here are my top 10 tips for passing this exam.

Tip #1: Know the 10 Domains

The CISSP exam covers a wide range of information from the common body of knowledge (CBK). The CBK is the vast expanse of knowledge and information available out there in the world about security and related issues. To narrow the field a bit, the CISSP exam focuses on 10 domains from the CBK. These domains are:

Access Control Systems & Methodology Telecommunications & Network Security Security Management Practices Applications & Systems Development Security Cryptography Security Architecture & Models Operations Security Business Continuity Planning & Disaster Recovery Planning Law, Investigations & Ethics Physical Security

You'll need to know several dozen specific items, topics, keywords and concepts from each domain. These are clearly outlined in the objective list provided by (ISC)2 on the document they call a study guide (get it at There's a lot of overap between the domains, but keep in mind the general "flavor" or "feeling" of each domain so you'll understand the aspect, perspective or application of duplicated topics.

Tip #2: Remember the 10 Domains

When you are taking the exam, think about which of the 10 domains each question falls into. Often, if you can determine the domain the question is focusing on, you can quickly eliminate one or two answers as being incorrect. Or it may highlight the correct answer between two or more possible answers. A topic in one domain will have a different twist than the same topic in another domain, so being familiar with the domains and being able to recognize the domain focus of question will benefit you on the exam.

You'll also see a lot of discussion about the CIA triad. If there is any one topic that is common throughout the CISSP CBK, it is the CIA triad. The CIA triad is the three primary security principles: confidentiality, integrity, and accessibility. In some way, every security mechanism, control or issue must address one or more of these three principles. While learning about the specifics within each domain, keep in mind how each relates to the CIA triad. You'll find many questions on the exam can be answered quickly if you are aware of the relationship between the security topic, issue, concept, control, or whatever mentioned in the question and the CIA triad.

Tip #3: Know How To Take a Test

I remember learning the skills of test taking back when I took the SAT. I'm amazed that the skills I learned for that simple exam are still applicable today. All of the questions on this exam are single-answer, multiple-choice questions with four answer selections. Because wrong answers don't substract from your score, it's in your best interest to answer every question -- even if you guess blindy, you'll have a 25 percent chance of selecting the correct answer. However, you can usually improve those odds with a bit of clear thinking. First, read the question once and think of a valid answer in your head without looking at the answer selection. If you can't think of an answer, read the question again before looking at the four answer selections. Theneliminate at least one of the answer selections as being incorrect. Keep in mind that the goal is to select the most correct answer. There are many questions with two or three correct answer selections, but only one is the most correct. Being most correct may mean most complete or most specific or most direct to the question asked. If you can't figure out the best answer, eliminate all answers that are definitely wrong, then make a guess. If you can eliminate one selection, then you have a 33 percent chance of guessing the correct answer. If you can eliminate two selections, then you have 50 percent chance of guessing the correct answer.

Tip #4: Take Your Time, but Don't Waste Time

Time management is a crucial part of completing at the CISSP exam. With 250 questions to be answered in six hours, you have just under 90 seconds per question. Some questions will take you 10 seconds to read and answer, while other will take you 5 minutes or more to realize that you really don't have a clue what it is asking. I suggest bring a watch to keep track of your progress. As a good rule of thumb, you should be at question 50 at the one hour mark, question 100 at two hours, etc. This will leave you an hour at the end of the time period to review and check your work. Because this is a paper test (yep, you'll need a number #2 pencil!), don't waste time pondering each question as you go along -- you can go back. If you can't answer a question after reading it twice, move on. You'll use your time better by the easy questions first. Once you've reached the end of the exam, return to those questions you skipped. I always set aside the last 15 minutes for a last-ditch guessing scramble. If you are unable to make educated and thoughtful selections for every question within 5 hours and 45 minutes, then your best efforts will be spent verifying that you've filled in all the bubbles. This means returning to all unanswered questions, reading them one last time and taking your best guess. Remember, a 25 percent chance of getting a question correct is always better than none (i.e., not filling in a bubble).

Tip #5: Read, Read and Then Read Some More

There is lots and lots (and lots and lots) of information to know for the CISSP exam. The objective list contains nearly 800 items. Yikes! Some of these are little more than keywords or concepts to be familiar with, while others are large and complex topics that require extensive understanding. There are several study guides available for the CISSP exam. Some are good, some are very poor, and some are excellent. Get the opinions of your peers and other experts by checking out the book reviews at various online storefronts and by visiting the popular CISSP groups study sites (such as and Don't stick with just one study guide either. The CBK for CISSP is very broad and the objectives list from (ISC)2 is fairly general. No one book that I've seen adequately covers all topics. Plus, some readers will need more discussion on some topics and less on others. I suggest grabbing at least three different CISSP study guides to give you several perspectives on each topic. There are also lots of great online resources of security information, both specific to CISSP and in general. If you run across a topic from the objectives that you just don't understand or grasp, perform an Internet search and read everything you can find. Remember, the CISSP is a test about real-world security environments, and it's not limited to a specific vendor, platform, solution, or product; therefore, there is no single authoritative source of information.

By the way, if you're one of those people who wait until the week before your exam to start studying, forget about the CISSP now. You'll just be wasting your time and your money. You need a month or more of weekends and evenings to adequately prepare yourself. If you don't believe me, think about how long will take you to read two or three thick study books, do online research to dehaze confusing issues, and answer a few thousand practice exam questions.

Tip #6: Take Practice Exams

The only way to know if you are ready for the real CISSP exam is to practice. There are lots of practice exams available for the CISSP exam -- online, in books, etc. Find and take every practice exam you can get your hands on. Not all practice exams are created equal. Some are excellent practice exams which mimic the CISSP exam almost exactly, some are much more difficult and will stretch your skills and understanding, and some are extremely poor. As you learn more within the CISSP CBK, you'll be able to recognize good practice exams from poor ones. Plus, follow the guidance of your peers on CISSP discussion forums. They will praise good resources and flame bad ones.

Tip #7: Don't Screw Up

I mentioned earlier that the exam is still given in written form. Take extreme care and caution in marking your answers! I've heard horror stories of a student who skipped a question early on but didn't realize he forgot to leave the answer line blank for that question, then as the proctor asked for everyone to put all pencils down he realized all of his answers for the rest of the exam were off by one. Don't let this happen to you. Here is my plan of attack to manage this: First, whenever I select an answer, I circle it in the test booklet. (You can write anything you want in the test booklet - only the scantron is graded). Next, I read the question number and double check that I'm reading the correct question number (dyslexia is contagious when taking written exams!). I then mark the selected answer bubble (A, B, C, or D) on the scantron by the correct question number. Finally, I double check that the numbers match. If they do, I move on to the next question. Yes, this seems like a lot of work, but it only takes about three seconds per question and it nearly guarantees that you won't screw up and mark the wrong line on the answer sheet.

Tip #8: Mark the Questions You Skip

Use the test booklet to your full advantage. In addition to circling the answer for each question, you should also use the test booklet to mark questions you are uncertain about or want to skip. On the front cover I make two columns, one for skipped and one for unsure. As I work through the exam, if I can't answer a question after a second read through, I write its number on the front cover of the test booklet under the skipped column and then move on to the next question. (This is why the three-step question number verification process from the previous is so important!) If I can't select the best answer from two or three of the selections, I take my best guess, fill in the answer sheet, then write its number down in the unsure column. I'll come back and review these guesses if I have time at the end of the exam. If not, again a guess is always better than a blank -- at least you'll have a chance of getting it right. Keep in mind that due to the large number of questions on the exam, it is very likely that the text of a question or even an answer selection later in the exam will shed light on a question you skipped earlier or were unsure about. Using an exam against itself is a sign of a skillful test taker. The only way you can take advantage of this internal referencing bonus is to mark those questions you need to review or have skipped. Otherwise, you'll be re-reading just about every question trying to find that one that mentioned that thing about that other thing... Once I reach the end of the exam and if I still have time left and I'm not brain dead, I review the questions in the skipped column first. Once every question has an answer, I review any question that I guess at. I continue to review guesses until I am satisfied that I've made my best effort, I can't think straight any longer, or time has expired.

Tip #9: Take a Break

Remember that the test is six hours long! I can't sit for six hours straight, and I doubt you can either. So plan to take breaks during the exam. In fact, plan on taking several of them. Bring snacks and drinks. Bring a small cooler if you want. Plan on standing up and walking around at least 5 minutes every hour. Stretching and getting your blood flowing will keep you focused on the exam and not on your numb gluteus maximus. Grab some fruit, a power bar, fruit juice, water, or whatever. If you are already a caffeine addict, go for it, otherwise stay off the heavy stuff or you'll get jittery by the end of the ordeal. You'll be allowed to walk around a bit in the testing room if you don't make noise or distract the others. An remember, only

one person at a time will be allowed to leave the testing room to access the restrooms or take a smoke break, so plan accordingly.

Tip #10: Listen to Your Parents

Six hours is a long time to do anything enjoyable. Six hours is sheer torture when taking an intense certification exam. The best thing you can do for yourself, in addition to studying sufficiently for weeks before the exam, is to get a great night of sleep and eat a good breakfast. I made the mistake of only getting three hours of sleep and skipping breakfast, and half-way into the it I felt like I was running a marathon. Take my word for it: You'll have greater success and be able to maintain a clear head if you sleep rather than study the night before the exam.