Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Certification path


First of all, you will excuse me if this is the wrong forum for this question.


Am currently holding different vendor certifications such as CCNP R&S,CCDA,CCNA SEC, CCSA, CCSE and MCSA,NSE 4(On going).


I want to specialise in Cybersecurity and was planning to take vendor neutral security certifications starting by  CEH (Certified Ethical Hacker) this year  and start preparing for CISSP next year.


Basically my question is to know if they are any suggested certifications path  that can be helpful to  prepare for CISSP.


Plus averagelly how long should the CISSP preparation take?







3 Replies
Viewer II


I would plan for 3 months to prepare for the CISSP exam. This will give you time to read the exam book every night and to do the practice exams.

Remember you need to have 5 years relevant experience to gain the CISSP endorsement.

Community Champion

My path to CISSP was Network+, Security+ then CISSP. It took me a year to do all 3. Since you already have networking down I would skip Net+, but take Security+. The reason? If you can't pass Security+ you won't pass the CISSP. It lays down a good foundation for both the CEH and CISSP.

I would say 3 months is a very aggressive schedule, in my opinion. Some people may be able to do it that quickly but most won't. Read multiple books on the CISSP to get different points of view. Take practice tests at the beginning, middle and end of your studying. I started out getting about 40% on the tests when I started and got 70% on the ones I took right before the exam. When you start getting about 60% on your practice tests, schedule your exam. Doing so will force you to become even more intensely focused on your studying.


Look to you local libraries for access to books. I found my local libraries even had access to online books such as Safari Books Online, which has a lot of CISSP books.


Advocate I

Armand (@armandkeza),


I agree with my colleagues here @CISOScott and @SimonThomas that the CompTIA certifications are very good baselines and paths of study.


The Security+ is an entry-level management certification like a Junior CISSP.  The IT Project+ is also useful for learning management topics, especially Risk Management within Project Management.  Alternatively the PMP could be helpful if you choose not to follow the IT Project+ line.


Your career, existing certifications, and desire to pursue the CEH looks more focused on being hands-on rather than being policy-management.  Are you looking to move into policy-management?  If not, the CISSP might be the wrong direction for you to take - and you might want to look into the SSCP instead.




Eric B.