- Exam Details
- Trouble Spots
- Preparation Hints
- Recommended Study Resources
- Where to Go From Here
Recommended Study Resources
The CIB lists about 90 references that make up the common body of knowledge (CBK) for the CISSP exam. Exam questions are developed from the CBK, but it’s not feasible or even recommended to purchase and read all of these books. The (ISC)2 publishes a book known as the common body of knowledge (CBK) and there are several other excellent sources to choose from. Due to the breadth of knowledge, you should get a minimum of two study books.
Before sitting in the exam and answering the 250 actual exam questions, it’s a good idea to take some practice exams. (ISC)2 is constantly developing new questions, testing them, and rolling them into the test bank mix, so don’t expect any practice test questions to be repeated on the actual exam. However, exam questions from reputable sources cover the same content of what test takers will see on the exam and they’ll help you understand how (ISC)2 asks the questions. While many study books have practice questions, many people benefit from other sources that are focused on providing only practice questions.
The following list shows some study guides and practice question sources you can consider:
- CISSP All-in-One Exam Guide (ISBN-10: 0-0716-0217-8) by Shon Harris
- CISSP: Certified Information Systems Security Professional Study Guide (ISBN-10: 0-4709-4498-6) by James M. Stewart, Ed Tittel, and Mike Chapple
- CISSP Study Guide (ISBN-10: 1-5974-9563-8) by Eric Conrad, Seth Mesenar, and Joshua Feldman
- CISSP Cert Flash Cards Online (ISBN-10: 0-7897-4035-4) by Shon Harris
- CISSP Practice Questions Exam Cram (ISBN-10: 0-7897-3806-6) by Michael Gregg
Additionally, there is an active forum on CISSP. Cccure.org has some free study guides for CISSP. You’ll need to create a profile on cccure.org. After logging in, search on “CISSP” or follow the menu for Certifications -> ISC2 Certifications -> CISSP. They have several free CISSP study guides but be aware that many of these are older. Some knowledge like the OSI model is timeless, but other topics like cryptography change frequently.