A Certified Information Systems Security Professional (CISSP) certification can give your cybersecurity career a huge boost. This certificate has been around for more than two decades and attaining it is one of the best ways to prove your competency in information security.
However, passing the CISSP exam is no mean feat. With eight domains to study, each covering an array of complex topics, it’s easy to get overwhelmed before you’ve even begun studying. To ease the pressure and help you maximize the use of your time, we’ve got plenty of handy resources.
Below you’ll find links to comprehensive “cheat sheets” to help ensure you’re fully prepped come exam day. We also provide links to some of the best CISSP study guides and recommend some top courses to consider taking as part of your prep. Let’s get started!
Cheat sheets for studying for the CISSP exam
We’ve created the ultimate cheat sheets for helping you pass the exam. Follow the links below to see in-depth and easy-to-navigate sheets for each of the eight CISSP domains.
- Domain 1: Security and Risk Management
- Domain 2: Asset Security
- Domain 3: Security Architecture and Engineering
- Domain 4: Communications and Network Security
- Domain 5: Identity and Access Management
- Domain 6: Security Assessment and Testing
- Domain 7: Security Operations
- Domain 8: Software Development Security
CISSP study guides and practice tests to help you prepare for the exam
If you’ve got the basic knowledge but you’re not quite at the level where all you need is a cheat sheet, there are some handy study guides available to help you with your preparation.
To start, there are the official study materials from (ISC)2. These include the Official (ISC)² CISSP Study Guide, the Official (ISC)² CISSP Practice Tests, CISSP For Dummies, Official CISSP Study and Practice Tests Apps, and Official CISSP Flash Cards.
However, if you’re looking for alternatives, there are some great resources available. Note that many publishers of the books below provide mobile apps to accompany study guides, so you can prepare for your exam while on the go.
Study guide textbooks:
- CISSP All-in-One Exam Guide, Eighth Edition
- CISSP Study Guide 3rd Edition
- Eleventh Hour CISSP®: Study Guide 3rd Edition
- CISSP Cert Guide (3rd Edition) (Certification Guide) 3rd Edition
- CISSP For Dummies (For Dummies (Computer/Tech)) 6th Edition
Many of the study guides above and the courses below include practice tests and questions. However, if you want a little extra training, here are some sets of practice tests you may want to get your hands on.
Additional practice questions:
- CISSP Official (ISC)2 Practice Tests 2nd Edition
- CISSP Practice Exams, Fifth Edition 5th Edition
- CISSP Exam Prep Questions, Answers & Explanations
- CCCure Quiz Engine
Best courses for the CISSP exam
The cheat sheets and study guides above can help you in your preparation for the exam. But you might need more in-depth courses that teach you the full content of the CISSP certification. Depending on where you’re located, you may have in-class training available to you. However, these programs aren’t accessible to everyone, and can often cost thousands of dollars for a seat.
The other option is to take an online course, and while many of these are also pricey, some won’t break the bank at all. With so many available, it can be hard to choose the right option for you. Here are our top recommendations for courses that have fully online options:
- StationX: The Complete CISSP Bundle
- Certified Information Security CISSP Exam Preparation
- Official (ISC)² CISSP Self-Paced Training
- Simplilearn: CISSP Certification
- Cybrary: CISSP
- SANS: MGT414: SANS Training Program for CISSP® Certification
- Global Knowledge: CISSP Certification Prep Course
- Infosec: CISSP Certification Boot Camp
Let’s take a closer look at each of these and what they have to offer.
The Complete CISSP Bundle from StationX is our top recommendation. It offers everything you need to be successful in taking the exam, all at an extremely low price. The course has been updated to cover the 2018 version of the CISSP certification, which means the material is relevant until 2021 (when the next update is due).
This bundle includes:
- An introduction to the CISSP certification
- Over 17 hours of training
- Almost 600 downloadable slide pages
- A study plan
- 1,000 practice questions
- Tips on where to find thousands of free CPEs
Aside from teaching you what you need to know, this course contains invaluable advice on how to study efficiently and the right approach to take when answering questions. You’ll also discover the next steps for after you pass the exam and advice to help you in case you fail the first time around. This course can count toward CPEs, but you may need to check with (ISC)² to find out exactly how many.
BEST COURSE FOR CISSP EXAM:StationX is our #1 choice This course usually retails for $400, but you can get it at an incredibly low price of $52.
Certified Information Security offers a comprehensive program to get you prepped for the CISSP exam. It’s very reasonably priced considering what you get. The course is produced and narrated by Allen Keele, an expert in (ISC)2 exam prep and is updated twice per year. It only includes content that is required for the exam, so you don’t have to waste time learning unnecessary topics.
This program is interactive and adaptive and includes:
- More than 1,300 slides
- 16.5 hours of narrated content
- 54 domain and lesson exams
- 8 timed mock CISSP exams (with 1,200 unique questions)
- 40 CPE credits
- A one-on-one session with Allen Keele (worth $250)
Price:The course costs $1,967 for six months of access. However, if you don’t pass your exam within the first month, you get a free six-month extension. So you’re essentially paying for a year of access.
This is the official course offered by (ISC)2 itself. Obviously, the main bonus of this program is that you can be sure it’s one hundred percent relevant to the updated CISSP certification exam. It doesn’t have a huge price tag (compared to other courses), but might be beyond the budget of many exam-takers.
One downside is that the material is only available for a limited time upon payment, so while this is dubbed a “self-paced training,” you can’t go at too slow a pace. If you plan on taking more than 120 days (around four months) to study for the test, you may find yourself having to fork over the fee again.
Here’s what you can expect from this training program:
- The Official (ISC)2 Student Training Guide
- 30 hours of video instruction, comprising more than 300 recordings
- Earn 40 CPEs
- Interactive flash cards
- Activities for independent reading
- Real-world example scenarios and case studies
- Checks on knowledge once each domain is completed
- Assessment questions once you’ve completed the course
Price: This course costs $849, which is reasonable compared to many others on the list.
Simiplilearn offers two options for its online course, both of which are large investments. One is to go with the Online Classroom Flexi-Pass in which you attend online classes led by an instructor. This option includes 90 days of classes and lifetime access to the learning material. The slightly less expensive Self-Paced Learning course provides you with unlimited access to the course content but no classes.
Both options include:
- 67 hours worth of learning
- 24/7 support
- 30 CPEs
- 5 practice papers to help you prepare
- A voucher for the CISSP exam
In most regions, Simplilearn offers an exam pass guarantee and will give you an additional exam voucher if you don’t pass the first time around.
Price: The Online Classroom Flexi-Pass costs $2,899 while the Self-Paced Learning program is slightly less at $2,499. There is a seven-day money-back guarantee which is valid as long as you haven’t accessed more than 25 percent of the course content or attended more than one online class.
Cybrary’s CISSP course comprises 19 hours worth of video instruction covering all CISSP domains. The video content for this course is free (you’ll need to sign up for a free account), but if you want to unlock additional features of Cybrary’s service, you need to purchase a subscription.
Extra features available to subscribers include virtual labs, which help you apply what you’ve learned and gain hands-on experience in your field, and practice tests to help you prepare for the exam.
This course advertises that it is worth !5 CPEs, although you may be able to check with (ISC)2 to see if you can claim 19 CPEs (one per hour). We discuss CPEs in more detail below.
Price: A Cybrary subscription gives you access to as many courses as you like, and costs $49 per month on a monthly basis or $25 per month when you pay annually.
The SANS Institute offers its CISSP course in several formats, including live in-class or on-demand online. This is the most expensive option on the list, so not a good solution if you’re on a budget. However, if you’re looking for a solid and comprehensive course, and maybe have an employer willing to foot the bill, this one will deliver. The SANS Institute is renown in the information security industry and has provided education and research programs for more than thirty years.
The course counts as 46 CPEs and aside from the lessons includes:
- A coursebook for each domain
- Over 300 knowledge testing and preparation questions for each domain
- Audio files of the course content
MGT414 dissects each of the eight CISSP domains into its core components and explains how they relate to each other and other facets of cybersecurity. If you find the CISSP content dry (which many people do), then this could be a good option for you. One of the authors’ goals in creating the course was to bring the CISSP content to life using case studies, examples, and stories.
Price: This is a pricey course at $7,020.
Global Knowledge gives you two options for taking its CISSP Certification Prep Course: in a live classroom setting or in a virtual classroom. Both courses last for five consecutive days and provide a comprehensive review of the CISSP content, focusing on the eight main domains.
This one isn’t suitable if you’d prefer to work online at your own pace. Note that the main product page states that there is an on-demand version available, but this isn’t accessible at the time of writing.
According to a company representative, you should be able to claim 40 CPEs for this course.
Price: Both the live and virtual courses are the same price: $3,595.
Infosec courses are hailed for their content and the quality of the instructors. This is another course that you can either take in-person or in a virtual classroom setting. The Flex Classroom option involves live instruction at a physical location, which includes course materials, catered lunches, and community forum access.
The Flex Pro is an immersive, live-streamed course for online learners. Unfortunately, it’s not possible to take this course at your own pace, although materials are provided for review if you decide to go with the online option.
You may have to confirm with (ISC)² how many CPEs you can claim for this course, but you should be able to claim one per hour of class.
Price: You’ll have to contact Infosec for exact pricing, but we were quoted around $4,500.
CISSP exam FAQs
You’re almost ready to get studying and tackle the CISSP certification exam. But first, here are the answers to a few common questions:
What are the prerequisites for the CISSP exam?
To receive a CISSP certification, candidates must hold at least five years of work experience in multiple (two or more) CISSP domains. Paid and unpaid internships are acceptable forms of work experience. Relevant education may substitute a maximum of one year of experience, but there are limitations. A four-year college degree or equivalent can count as one year of work experience. Alternatively, a relevant (ISC)2-approved credential, such as Certified Penetration Tester (GPEN) or Cisco Certified Network Associate Security (CCNA Security) can count as one year of work experience.
If you’re wondering which certifications you should aim for before CISSP, there are actually many pathways you can take. That said, one popular route is to obtain the CompTIA Network+ and CompTIA Security+ before pursuing (ISC)2 SSCP and finally (ISC)2 CISSP.
What is the format of the CISSP exam?
At the end of 2017, the format of the CISSP exam was changed. The latest version uses Computerized Adaptive Testing (CAT). With CAT, the exam is adapted to the examinee’s ability level during the test. Each subsequent question or set of questions is selected based on how you’ve performed on previous questions.
A bonus of this style of test is that you can prove your ability in less time. While the old-style CISSP exam took six hours to complete and comprised 250 questions, the new version lasts just three hours and you can expect to answer 100-150 questions.
What are CPEs and how does the system work?
Continuing Professional Education credits, referred to as CPEs, are awarded for education and training related to your field. They are required for maintaining your CISSP certification. You should earn 40 CPEs each year for a total of 120 in your three-year certification cycle.
You can earn CPEs by studying for the CISSP exam, including by taking the training programs above. Unfortunately, (ISC)2 is not very forthcoming when it comes to information about the specifics of earning CPEs through exam study. Going by the information provided in official (ISC)2 forums, it is generally accepted that you can claim a maximum of 30 CPEs for “self-study” for the CISSP exam.
It appears that you can claim additional CPEs for completing training programs such as those listed above on top of the self-study program. However, this is not entirely clear so we suggest you contact (ISC)2 for more information about your specific case. We have contacted them regarding this matter but haven’t heard back at the time of writing. We will update this article as we learn more information.
Once you’ve passed the CISSP exam, to keep up your certification, you’ll need to continuously earn CPEs. These may be earned in various ways, such as attending training and conferences related to your field. Typically, one CPE is credited for each hour of a given activity, but there are exceptions. You can learn more about CPEs in the (ISC)2 CPE handbook.