What are
/r/cissp's
favorite Products & Services?
From 3.5 billion Reddit comments
The most popular Products mentioned in /r/cissp:
The most popular Services mentioned in /r/cissp:
Cybrary
O'REILLY Safari
Udemy
Discord
NAKIVO Backup & Replication
Anki
Cram
Skillsoft
Gumroad
Sellfy
WorkFlowy
Indeed
Calendly
Trustpilot
Auth0
The most popular Android Apps mentioned in /r/cissp:
The most popular reviews in /r/cissp:
Hi u/gibson_mel, yes I can. I have several courses on Cybrary and have developed course material for Franklin University in Columbus, Ohio. Feel free to send me a direct message so we can talk about it!
Here's the Android version:
IOS: https://apps.apple.com/us/app/it-security-prep-comptia/id1501744813
It's not free, it's $19.99/mo. Definitely steep but worth it IMO if you use it for the last few weeks to top off your studying. It's a really well done app.
I see this referenced all the time. I haven't finished it myself, but from what I've read it's great.
$10 if you get the kindle version. https://www.amazon.com/Think-Like-Manager-CISSP-Exam-ebook/dp/B08D9L1BTF/ref=tmm_kin_swatch_0?_encoding=UTF8&qid=1619647039&sr=8-2
my .02
you are using waaaay too many resources and trying to drink from a firehose and frankly some of the resources you are using arent good for someone in your situation. step back, go through some passed threads here, read reviews on the materials used and find the ones with the most positives for people in similar situations
i am an instructor and have evaluated a lot of resources as learning materials for my classes and myself and here is what i think you should be using:
book: sybex official cert guide. this is the defacto book period. shon harris used to be but unfortunately she passed away and the quality has suffered since.
practice quizes: sybex practice tests. cccure is decent but it is nowhere near the level of this book. once again, read some passed threads and you will find most people will tell you this is the closest to the questions you will see on the test.
11th hour and cybrary videos are good, but not for someone having your troubles OR for someone with not a lot of experience. these are good for refreshers at best. same for the sunflower pdf. good for a quick refresher
edit: here is the bundle of books i think you should be using https://smile.amazon.com/Certified-Information-Security-Professional-Official/dp/1119314011/ref=sr_1_1?ie=UTF8&qid=1489091503&sr=8-1&keywords=cissp
edit2: instead of spending $50ish for the book bundle sign up for the 10 day trial of safaribooksonline it will give you access to both books and you will have access to the infinite skills books taught by david miller, a sans instructor. these vids are leaps and bounds above cybrary. even after the trial $40 for 1 month would be worth it for all 3 for at least a month for you vs spending the $50 at amazon
140k min probably. TS Is the big part. I don’t have that but i don’t know of anyone with that making less. Here is one with just a secret.ISSO job
You had it right, aggregation is pulling the data together, essentially asking all of the questions that you can. Inference comes when you use that information to come to a conclusion. Basically, in the context of aggregation/inference, if you're coming to a conclusion, it's inference. If it's gathering data, it's aggregation. You'd need to provide more info on the payroll question, neither of those are really an attack. Aggregation and inference are threats to databases/information.
Check out Kelly H's video if you haven't seen it, she shows a good way of understanding inference/aggregation with the talk of her friend figuring out another was pregnant:
https://www.cybrary.it/s3ss10n/aggregation-inference-and-polyinstantiation/
There is a brand new series. There's a cost though.
https://www.cybrary.it/cybrary-live/isc2-cissp-certification-course/
​
in the CISSP practice test app you can build custom tests based on the area you want to test.
https://play.google.com/store/apps/details?id=com.learnzapp.wileycissptests&hl=en_US&gl=US
I used this app to highlight the topics I was weak on. I would take the 25 to 50 question practice tests and screenshot the ones I missed. Then I would go through the screenshots as a kind of notepad of things I needed to go back and research. This helped me greatly.
Check out Mark Russinovich’s novels. He’s the Microsoft sysinternals guy, but also writes fiction. Example:
Zero Day (Jeff Aiken Series) https://www.amazon.com/dp/1250007305/ref=cm_sw_r_cp_api_glt_fabc_GQ7ZX25C54P9HRW7SR58
Also watch Mr. Robot.
Which one did you think was better?
1000 online practice exam questions that come with the Official Study Guide 7th Edition - http://sybextestbanks.wiley.com/course/start/id/102
vs. CISSP Official (ISC)2 Practice Tests - Chapple, Seidl Amazon
This is called a boot camp, but is broken up similarly to the schedule of the course you found. It’s facilitated by none other than Kelly Handerhan. I think it’s 30 hours total.
Yep: CISA, CISM, Sec+, SSCP, for sure. SANS GIAC/GSEC used to, but I haven't kept current on that for many years, so I'm not sure of the current status.
I, uh, wrote a book about the overlaps: https://www.amazon.com/gp/product/B01N9VOL9O/ref=dbs_a_def_rwt_bibl_vppi_i3
have you looked at the sybex practice exam book? its the most accurate to what you will see on test day IMO and only $25ish on amazon.
"Official ISC(2) Training Guide, CISSP CBK, Participant's Guide", which doesn't appear to be on Amazon, but this is probably close.... they gave me a .pdf only version of it. The cover is the same except my pdf says "Participants Guide" under the CISSP logo
Unlimited Memory: How to Use Advanced Learning Strategies to Learn Faster, Remember More and be More Productive is free with an Amazon prime subscription for those that are interested in the "learning how to learn." resource.
At least for iOS, Bundled together it is called
- CISSP (ISC)2 Official Apps
Individually, they are called
- Official (ISC)2 CISSP Study
- (ISC)2 Official CISSP Tests
They came included as part of this bundle on Amazon as a code you could use to get the digital apps.
https://www.amazon.com/gp/product/1119523265/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8&psc=1
**Last page of the study guide had the instructions to register for the online test bank. I believe it is exactly the same as the book, but in an easier to use testing engine.
https://play.google.com/store/apps/details?id=com.acesoft.ITCertifications.ISACA.CISM
I actually downloaded it from the APP Store but this logo looks the same although the pictures look a little different for a CISM exam description.
> Sybex
Thanks, here are the links to app on play store Study app! Test app!
- Official Practice Questions 4rd edition - Really helped a lot
You mean 3rd edition. Correct?
https://play.google.com/store/apps/details?id=com.learnzapp.cissp
https://www.learnzapp.com/apps/cissp/
The app is free to download with very limited functionality. Buy subscriptions within the app at varying rates depending on the duration.
Three bucks a week, or 8 bucks a month, or $20 a quarter, or $35 for 6 months, or $50 for a year
I think is the combo I got The official study guide has q’s at the end of each chapter and the end of the book.
The question book is all q’s over everything.
I just destroyed those.
There is so much content out there. Other than just making the time to do it you should have no problem getting it done.
(ISC)2 has a bunch of training content that is free to members and worth a good amount of CPE. I'm not sure it's the most time-efficient option but you know the credits will submit without issue.
The (ISC)2 Infosec Professional magazine is bimonthly and if you pass a 10 question quiz while/after you read it you automatically get 2 CPEs. I'm a fast reader, usually I can get through the magazine and the quiz in about 30 minutes.
You can read books for 5 CPEs each. It's not necessarily quick but if you like to read or listen to books before bed or something you can get through several in 2 months time. Solove and Hartzog's Breached! is next in my queue.
If you're a writer, you can get 20 CPEs for writing an article or 10 CPEs for a professional blog post or white paper.
As far as long conferences go, if the conference posts their sessions after the fact on Youtube, you can totally count those. Just make sure to clearly document what the session was and what you learned. I've done CCC and DefCon sessions, SANS Holiday Hack videos, etc.
If all else fails, remember you have a 90 day grace period, but you are also presumably falling behind for your next cycle during that time so it's best not to use it if you can avoid it.
Mike's LinkedIn course is good but is designed to be used in conjunction with the OSG.
Thor's cissp videos are great, reasonably priced and can be used on their own (although as others stated I wouldn't)
https://www.amazon.co.uk/CISSP-Study-Guide-Eric-Conrad/dp/0128024372
https://www.amazon.co.uk/Eleventh-Hour-CISSP%C2%AE-Study-Guide/dp/0128112484
The Eric Conrad books are great and easier reads than the osg (I believe I've linked the 2 latest versions but please do your due diligence and check)
Finally Larry Greenblatt on YouTube does some great stuff (his Kirk and Spock why you will pass the exam video really helps getting you in the mindset)
I used the app. https://play.google.com/store/apps/details?id=com.learnzapp.cissp
Also available in a book.
(ISC)2 CISSP Official Practice Tests https://www.amazon.com/dp/1119475929/ref=cm_sw_r_awdo_EMWH8K4PR57DH2D7CWD1
On this run-through, I am not taking notes. I am just taking the Chapter quizzes via the website which is nice, I started by writing them down but the online version is much nicer(no need to flip back and forth for answers).
https://www.amazon.com/Eleventh-Hour-CISSP-C2-AE-Study-Guide-dp-0128112484/dp/0128112484/ref=dp_ob_title_bk?asin=0128112484&revisionId=&format=4&depth=1 This is from 2017 I think!
I'd say jump through the Sybex book casually before the bootcamp and use How To Think Like A Manager for the CISSP Exam by Luke Ahmed to get you in the mindset (it's a short book). Then bootcamp. Then The 11th hour Eleventh Hour CISSP®: Study Guide https://www.amazon.com/dp/0128112484/ref=cm_sw_r_apan_glt_i_AAFT6RQS1MV3HAZEMW1B?_encoding=UTF8&psc=1
That's my 2 cents on it. But I usually overkill my studies
This book comes with online access to the Wiley CBT: (ISC)2 CISSP Certified Information Systems Security Professional Official Practice Tests https://www.amazon.com/dp/1119787637/ref=cm_sw_r_cp_api_glt_i_J9AXBBF69JXHT2AWZ97Z
Can you speak to the value of the OSG 9th edition bundle? I was looking at a recent-ish review on https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119790026/#customerReviews and it has me worried about the worth of the study material - I'm trying to find a complete and accurate book and the contents of the review are worrying.
Teaching ISC2's CCSP course, which is covered in 5 days, honestly does not occupy that amount of time. I have to work hard to fill up the class time with anything I can. I will be more direct and use time more wisely to complete CCSP in 3 days. I will still cover all the topics within the exam guide and what I know that is needed for this test.
If you are looking at the CISM course, a similar thing happens. I can cover the concepts more directly in a virtual environment. There is no time lost in the training centers over breaks, or any of the things that occur when there is a bigger class physically all together.
I had not thought about this till just this moment, honestly, but I think I should include a 1 hour session with me after the class to clarify anything you want me to cover again. I will update my course description now to include that!
I appreciate the time change I have often taught in European time zones over Covid, so I have gotten up at 2am often!
I am sorry I did not see a private message from you. In looking for it now, I do not see any message ;(
Does that answer your questions? If you would like to chat with me I would love it if you picked a time on my calendar to do so! https://calendly.com/gwenbettwy/15min
Here is a quick overview of permissions and privileges, with the addition of scopes:
https://auth0.com/blog/permissions-privileges-and-scopes/
I hope it can help to clarify the differences
I was able to get through 9 chapters of it. I switched to the Shon Harris All-In-One CISSP Guide. It's a much better read.
Congrats! I recently passed it as well. Most of the resources were the same for me however the one that really helped me out was the SANS course materials.
I had to pay them but definitely the best 50 $ I spent ! IT IS A MUST Have I think :
​
https://sellfy.com/bestskills/p/sans414-mgm414-cissp-materials/
It is widely recognized that Kelly Handerhan's free CISSP video course on Cybrary nails the mindset, however it does not include some content and IMHO there a few inaccuracies, so a more comprehensive resource is definitely needed.
Personally I find it disgraceful that over one month after the introduction of the new syllabus, the corresponding official ISC2 guide and CBKs are not yet available. Until a few days ago the former was available on preorder on Wiley.com and now it is out of stock!
Following up. Is paying for Cybrary worth it? I'm seeing a LOT of negative reviews about it's content (other than CISSP, which this community obviously recommends). Example: https://www.trustpilot.com/review/www.cybrary.it
You can't use a USB drive? This will allow you to grab your preferred content and grab youtube videos when you have a good signal. Something like this:
and charge your cell phone as well!
Perseverance is everything .. Try safaribooks to save some bucks .. Safaribooks are free to view for 30days
https://www.safaribooksonline.com/library/view/cissp-isc2-certified/9781119042716/fcover.xhtml
miller is more thorough imo. cybrary is a good refresher
edit: crap i just noticed i typed david green vs miller. i was thinking of the sari green vids on safari also, you might try them since you have access. i liked miller better though but some here have mentioned they liked green better. i use livelessons for cisco and have nothing but great experiences: https://www.safaribooksonline.com/library/view/cissp-exam-prep/9780134649634/
Somehow I haven't seen the following URL posted here in reddit/cissp. So here goes:
https://www.cybrary.it/blog/0p3n/letter-to-the-community/
In short, yes they are not free any more. Either US$399/year or US$59/month (current sale is US$49/month).
>"Of the more than 300 courses on the platform, all but our Introduction to IT and Cybersecurity course will now fall under our Cybrary Individual and Cybrary for Teams plans."
https://www.cybrary.it/blog/0p3n/letter-to-the-community/
You can subscribe one month for $59, which I think is good for watching Kelly's course of 15 hours. One thing I need to point out is that her course videos are renewed. So, to say precisely, I cannot say anything for the latest version. Assuming it is as good as the (then) free version, I feel $59 is worth for it.
Is this it? This is what I’ve been using:
https://www.cybrary.it/course/cissp
Same as the one posted above. I thought is was for paid folks only. My bad.
Sometimes the site is wonky with these. So you may have to dig around if above doesn’t work.
https://www.youtube.com/watch?v=-99b1YUFx0A
Just the one. There is a whole series on the CISSP, which is great, on Cybrary.it (https://www.cybrary.it/course/cissp/). But the one above is one to watch before you take the exam. It tells you of the mindset you're going to need, and gets you hyped up a bit.
There's a lot of questions that can go two ways. One way you're the guy fixing it. The other one you're the one that's creating a new policy so it doesn't happen again. You want to make sure you're creating policy and/or having someone else fix it. She explains it in more detail.
I thought it was one of the better ones, and I really recommend it.
Regular access to the Live content does require a paid account but they're offering a 7 day trial here: https://www.cybrary.it/upgrade/
There are 18 videos that are a little over an hour long. I was able to get through all of them in 5 days at 1.5-speed & pausing to take notes. I do continue to subscribe because they have great content and community support, including a CISSP study channel, on Slack.
Her old material is still great but she has newer material, if you want to subscribe to Cybrary Live. There's a 7 day trial, which is more than enough time to slam out all of her Season 2 CISSP bootcamp material. https://www.cybrary.it/upgrade/
I went through her live CISSP Season 2 bootcamp last month. I love how she breaks concepts down and rarely digresses. e.g. the Kerberos explanation, as others have mentioned here, is gold.
Wait... this isn't your story?
Did I have a degree in Computer Science? No.
Did I have 3-5 Years of Experience? No.
Did I have Certifications? No.
...
Around the time I signed up for the program, I was browsing opportunities and saw Accenture had posted a position. They needed a Security Analyst! It was the confidence from signing up for Cybrary’s program and interacting with others in the Slack community that ultimately encouraged me to apply.
During the interview, I shared with them what I was doing on Cybrary. I was using Cybrary’s amazing free video courses, but all of the knowledge, skills, and abilities gained through the program was essential to me impressing the employer during the interview.
A week or so later, I got an email with a job offer to start my new career as a cyber security professional. I almost cried, I was so happy. Thank you so much, Cybrary!
WGU MSCISA Grad from earlier this year. I just posted my "path" to sucess here. I had experience in the field a bit... so not sure how much the WGU aspect helped. If you truly studied everything, it might have... but I had "clepped" out of classes through objective assessments and such. .
I basically just used the CISSP Official Guide and the Wiley/Sybex online quizes. That and a single watch through of Kelly's videos.
So I was in the boot camp with Kelly and she has uploaded all of her content (almost verbatim) to Cybrary. https://www.cybrary.it/course/cissp/ TOTALLY recommend, free just have to create an account.
She did a very good job of describing the content they are looking for. From the boot camp I made notes and from that the flash cards.
I know for me that trying to remember an entire book is impossible. I have like 300 things i can remember at any point and anything new pushes anything old out.
I also come from a technical background and as such spent more time on things like Crypto but looking back i should have focused WAY more on the BCP/DR and management side of things. Sure Crypto is fun and piques my interest, but it was less than ideal to focus so hard on something I liked instead of something else I needed to know better.
Plaudits to Thor for his own response.
Having done his courses, I will recommend them.
With that said, imho he does need to QA his material again. In a number of places he either omits or communicates information that is either incorrect - for someone relying on his teaching - misleading. (n.b. Pls note I said above; I recommend his courses. Ergo, this is not an attack.)
As an example (and he may have changed this since I did his courses on <em>udemy.com</em>), at one point when talking about "valuable paper insurance" - he has the wording; "does cover for money and printed securities" (not verbatim - but in context.).
At the time of reading that, the grammar struck me as strange, but given English is basically his second language and not knowing any better about valuable paper insurance at the time, I put it down to a simple lapse. His practice tests essentially came up with the same answer.
It was only upon doing some other tests where the same question / answer came up in the opposite that alarm bells started to ring. For me it was this particular revelation that encouraged me to read the book cover-2-cover having already done Thor's courses.
Upon reading the book, I discovered the text should be "valuable paper insurance does NOT cover money and printed securities".
​
My simple point here being that no matter how good any course may or may not be; the only resource you can wholly trust is the official book.
​
Why did I put this post here and not contact Thor directly?
I had done the course and didn't need to revisit. Here, someone has asked a question and I am supplying an honest opinion.
When thinking of a disaster, you normally imagine earthquakes, floods, tornados, landslides, and so on. A disaster is a sudden accident or a natural catastrophe that brings great damage, loss, and disruption. Disasters may happen anywhere and sometimes cover an entire city or even a region.
Considering the IT industry, a disaster may also happen because of a human error, equipment malfunction, and malware attacks. The most painful result of disasters is data loss, which may adversely affect your business reputation. Therefore, it is important to have a solution for protecting your data when a disaster strikes. So you need a good, simple, and reliable plan to protect your business from data loss, downtime and, eventually, from profit loss or bankruptcy. Far-seeing companies usually consider two approaches: Business Continuity and Disaster Recovery.
Business Continuity is aimed at establishing non-interrupted business operations, including but not limited to the IT. That is, business continuity presumes no downtime. Disaster Recovery, on the other hand, is focused just on bringing up the IT services and may presume a downtime.
Incident Response vs Business Continuity vs Disaster Recovery
I took (and passed) the CCSP about a year ago. I put together this list of "Universal truths" of ISC2 exams. This was based on my experiences.
https://workflowy.com/s/universal-truths-of/nokFpzHFuQPYTIOr
The official practice tests are good:
The official app is also great. I also recommend the CISSP Sunflower guide online, even though it's not completely up to date.
All helped me pass as of today :)
Congratulations!
I also provisionally passed today! 100q with 85 minutes remaining.
About 3 months of study, really hammering away the last 1.5-2 weeks before the exam today. 3-4 hours broken up throughout the day.
Study materials (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle
The guide was used more for reference, but the tests were invaluable for me. Tons of variety and gives you access to the online testing site, which was a great source as you could use study mode where it gives you the answers, or simulate an exam.
ISC2 Learn Self Paced Training- I went through all of the videos. I found it easier to get through than reading through the book, but its a lot of hours to get through. However, helped lay the ground work before I dove deeper. This was company paid for, so unsure as to costs...hard to say the value, but i would use it again.
Phone App- CISSP Pocket Prep- 800 questions that gave great explanations. It was 20 bucks well spent since I could actually still go out with the family but hammer away some questions on the go.
Boson Ex-Sim- It was 100$ for 750 questions. Not bad, would also recommend.
https://www.boson.com/practice-exam/cissp-isc2-practice-exam
As you can gather, i spent a lot of time taking the practice exams. I started taking those after I went through the ISC2 Learn course, although I feel like the Cybrarby course may have been better, but i didnt have the tiem to go through another series.
Now there are kindle versions...
https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119786231
Also do remember that it is illegal to use those scanned to pdf versions (if there will be any).
The only one I used was Buzz Murphy's book (https://www.amazon.com/Systems-Security-Certified-Practitioner-Official/dp/1119059658) and a lot of CISSP stuff. I sat through a couple online classes in the official course, too, but didn't find those particularly helpful.
Congratulations on passing. In regards to the CISM material, it is hard to read I agree. I have a book in Amazon now for those looking into CISM. Prepare for the CISM Exam. It is a cleaner, more direct look at those topics.
Are you asking if this book is availed, or something else? If it's this one, it should drop May 25th.
However per the author's own comments there's very little different between the 8th and 9th edition. As I understand it, the OSG (by design) goes into significantly more detail than the CISSP exam itself requires, as the CISSP is more about applying concepts, making architectural decisions, and value judgements than explicit technical details. To this end, I doubt your few aspirants will find value over waiting for the newer, more expensive text to drop.
Supposedly this book helps you bridge the gap between the technical source material and the managerial exam. Still on my journey so I can't vouch for the effectiveness.
https://www.amazon.com/dp/1735085197/ref=cm_sw_r_cp_apa_glc_fabc_Q26A6STC3SDKQXRG62Q7
I used this - 8th Ed (think there is a 9th Ed) out now
https://www.amazon.co.uk/Certified-Information-Security-Professional-Official/dp/1119475937/ref=sr_1_1?crid=1SPMN45BV2B8U&dchild=1&keywords=cissp+official+study+guide+9th+edition&qid=1615480086&s=books&sprefix=cisso+off%2Cstripbooks%2C149&sr=1-1
Try this one https://play.google.com/store/apps/details?id=com.abc.cissptest
Also Im sorry. Got butthurt for 3 days also. Have my 2nd booking for 5th Feb if there are no lockdowns
Just keep hammering on the nail
I'm sorry to read that your preparation was not enough, or perhaps you entered the exam with the wrong mindset? The positive side is that at least you know what to expect next time, so you will enter the room with less emotions. Have you thought how to approach this exam differently next time? Perhaps this book might be useful for you: https://www.amazon.com/Think-Like-Manager-CISSP-Exam-ebook/dp/B08D9L1BTF
I came across some positive comments around it but myself didn't have enough time to go through.
Good luck, don't lose hope. You are one step away from it, just requires a bit of different thinking and luck. Yes luck. As many say there comes a point where you just gamble, myself I gambled at least 20% of the time. I was not sure at all. I picked two answers which made more sense to me and gambled.
Uh...I messed up. Your comment made me recheck my link. I posted the 6th edition because it was the first search result in Amazon. The latest one, and most updated to the current test, is the eighth edition:
Sybex original study guide.
https://www.amazon.com/CISSP-Certified-Information-Security-Professional/dp/1118314174
The book is said to be based on the test.
if you get the sec+ and managed to pass a few networking certs you're already the majority of the way there. your biggest slog of learning is going to be risk management.
https://www.amazon.com/Effective-CISSP-Security-Risk-Management/dp/9574376478
if you can finish this book and retain the info, then i'd pick up the sybex book and get started from there.
but yeah, get the sec+ first. it has no benefit to your career but you at least want to have that standard of knowledge and it waives a year of work experience for your full CISSP.
Sure. You can find it on Amazon under the title "(ISC) 2 CISSP Certified Information Systems Security Professional Official Study Guide."
Both official ISC2 apps are on the playstore as well: * Study: https://play.google.com/store/apps/details?id=com.learnzapp.wileycissp * Test: https://play.google.com/store/apps/details?id=com.learnzapp.wileycissptests
I highly recommend the ISC2 Testing app for questions. They were the most similar to what I saw on the exam.
https://play.google.com/store/apps/details?id=com.learnzapp.wileycissptests&hl=en_US
I was using these 2 books as well as the app. I did not use Kelly's videos but I did take the new Horizon's CISSP Bootcamp
https://play.google.com/store/apps/details?id=com.learnzapp.wileycissp&hl=en_US
As a fellow Woman in IT, I thank you for your "ladies lurking comment" because that is literally what I am doing... I decided over the weekend, since I am going to be in the industry for 5 years in November, that I am going to start prepping for this exam. Lots of posts scare the crap out of me, but yours is reassuring that I can do this. Is this the book you mention as your number 1?
(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle Second Edition https://www.amazon.com/gp/product/1119523265/ref=ox_sc_act_title_5?smid=ATVPDKIKX0DER&psc=1
​
Thank you for your post and congratulations on your passing!
If you sign up for a free audible account you get 2 free audio books. I got this exam book and the practice exam. Goes over the terminology and usage of terminology which provides context.
FYI you can immediately cancel your subscription and keep the audiobooks.
This is more about language comprehension than anything else.
I used these resources
https://www.amazon.co.uk/dp/1119475937/ref=cm_sw_r_cp_apa_i_-OGzFb90VDBF6 - Good to reference back to, way too much content to read everything. Questions are good to test your knowledge but they are nothing like what you will get in the exam (these are too technical)
https://www.amazon.co.uk/dp/0128112484/ref=cm_sw_r_cp_apa_i_UPGzFb6DS41ZZ - Give this a read from front to back
Kelly's cybrary videos - She doesn't cover everything but her explanations are amazing and definitely worth a run through
DiscordBots for questions (look in the groups) - I am hosting one of these & you can do questions privately by messaging the bot directly if you want. These questions are in the 'CISSP style' and best to practice from
Thanks all,
There are 2 books
1) The Official (ISC)2 Guide to the CISSP CBK Reference (https://www.amazon.com/Official-ISC-Guide-CISSP-CBK/dp/1119423341) 2) (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle (https://www.amazon.com/Certified-Information-Security-Professional-Official/dp/1119523265)
Both are from (ISC)2 I suppose and Sybex. Not sure what are the differences between them.
I would also suggest Scott Young’s book on Ultralearning. As technologists, we will need to engage in this certification treadmill for the rest of our careers. Scott’s book has helped me improve the efficiency of that process.
https://www.amazon.com/dp/B07ST3Z1Q6/ref=cm_sw_r_cp_awdb_t1_QgcjFb0J351PW
You are not the first mentioning this. Is this the CISM Certification Exam by Retrosoft Corp. in Android Play Store. CISM Android app link here.
I passed my exam with help from the CISSP Mentor Program and following along with their talks with the Eric Conrad study guide.
The info is good but it is a pricey and painful read. Most may find the juice isn't worth the squeeze on this. It is a great sleep aid though. The paperback volumes together is around 9 pounds.
https://www.amazon.com/Computer-Security-Handbook-Seymour-Bosworth/dp/1118127064
What's the copyright year on the ISC2 one? I wonder if they still publish.
Took a look at Amazon and don't see one like that. That said...
​
There is a book that is similar in look that states it is the official CBK "Reference" guide and then the normal "Study" guide. Both are Sybex books. There both about 1000 pages long. So great question.
​
Here is the link to the Reference one. Anyone use it and can compare to the normal one we mostly use?
​
That is because it is the old version.
To be fair that is the one I studied since I studied after the current test was released but before the new edition and I passed first try so maybe it's fine?
​
EDIT: NOPE. 8th Edition is $41, which is $3 cheaper.
​
Ah, yes. Those aren't the same. This is the most updated, recent official exam book that includes the practice exams:
https://www.amazon.com/gp/product/1119523265/ref=ppx_yo_dt_b_asin_title_o07_s01?ie=UTF8&psc=1
The book comes with questions as well, but not very good ones in relation to the exam. It also has online flashcards. The practice exam book can be activated online, and all questions are available online. That book has everything that is covered in the test.
The other book I used was this one, but more straight to the point, but doesn't cover every single detail like the Sybex: https://www.amazon.com/CISSP-Study-Guide-Eric-Conrad/dp/0128024372/ref=sr_1_1?keywords=cissp+study+guide+third+edition&qid=1555615018&s=gateway&sr=8-1
Have you read Results Without Authority or done training in that area? That might be helpful with your environment's dynamics.
Hi,
​
You could buy the CISSP Official (ISC)2 Practice Tests on kindle, register it online and use their online test engine.
​
I have just read a post here which talks about this test is very helpful in terms of ISC2 lingo and format.
​
Regards.
Good luck man!!
I decided to take the test this year too. I’m thinking in take the exam in 4-5 months, I’ll have around 5-7 hours to study per week.
Do you guys think that only the material below is enough?
(ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 8e & CISSP Official (ISC)2 Practice Tests, 2e https://www.amazon.com/dp/1119523265/ref=cm_sw_r_cp_api_i_DRxlCb4BE8XZN
For "Shon Harris Q n A" are you referring to on online practice exam or the book "CISSP Practice Exams, Fourth Edition" by Shon Harris?
https://www.amazon.com/CISSP-Practice-Exams-Fourth-Harris/dp/1259585964
i bought the combo but i do believe the book does come with an online test bank. not sure how many questions though
Get the box set on Amazon, a steal at $36
CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide and Official ISC2 Practice Tests Kit https://www.amazon.com/dp/1119314011
I did pass. I didn't get a score as I didn't fail, but I suspect that I passed comfortably. The questions seemed easier than anticipated. I was often able to eliminate a lot of the wrong answers in multiple choice scenarios.
I had completed all the practice questions in CISSP Official (ISC)2 Practice Tests by Mike Chapple and David Seidl
Domain Weight Practice Score Domain 1 Security and Risk Management 16% 80% Domain 2 Asset Security 10% 82% Domain 3 Security Engineering 12% 85% Domain 4 Communications & Network. 12% 82% Domain 5 Identity & Access Mgmt. 13% 69% Domain 6 Security Assessment & Test 11% 65% Domain 7 Security Operations 16% 82% Domain 8 Software Development 10% 84% ------- ---- TOTAL 78%
I'd fathom a guess that a near 80% pass on lots of practice questions is indicative of exam readiness.
Security Program and Policies: Principles and Practices
Check this one out. Is this what you're looking for?
id put good money on this one
it comes with 100 practice ?s from each domain along with two full exams and is well reviewed here as being the closest in format to the actual exam
i thought the sybex book was the official isc practice test book?
i also thought the online questions were the exact same as the ones in the book, at least thats what some of my students told me. (i never checked myself)
the sybex practice test book is exactly that and will help prepare you for the types of questions you will see on the exam. it is not enough to pass the exam without a LOT of experience in all 10 domains. you may be confusing it with the sybex test prep book that is highly recommended
you are correct that the shon harris book goes waaaay too far into the weeds
thats this guy right? https://www.amazon.com/CISSP-Official-ISC-Practice-Tests/dp/1119252288/ref=sr_1_1?ie=UTF8&qid=1498778594&sr=8-1&keywords=cissp+official+test+book
the testing app on my phone is pulled from this book i believe
So the official practice tests are by ISC2, but distributed by Sybex?
the sybex bundle on amazon is your best bet. break the practice tests up and only do 10-20 ?s at a time per domain
from other sellers for $51
Hi, Thanks for sharing in details. are these two items same, Sybex practice test bank 4x250 question exams And Sybex Practice text book? https://www.amazon.com/CISSP-Official-ISC-Practice-Tests/dp/1119252288. if not, how can I get the 4x250 questions? Thanks
cccure.org is considered by most to be the defacto question bank and the best way to prepare. I have found that the Sybex Official Practice tests online are just as good if not better and will save you a few bucks if that's a problem. The one thing I WILL say bad about it is at times it lags very bad. https://www.amazon.com/CISSP-Official-ISC-Practice-Tests/dp/1119252288/ref=sr_1_2?ie=UTF8&qid=1481206384&sr=8-2&keywords=sybex+cissp
These two subjects are very well explained by the CISSP All in One (created by Shon Harris)