Across several threads in several parts of the Community you will see discussions on what to use in preparing for the CISSP exam. One book you should definitely use is the Common Body of Knowledge, Official (ISC)² CISSP CBK Reference, Fifth Edition. Even if you use one of the many other 3rd party CBK study guides, you really need to have the official CBK at your elbow for cross check.
Many Community members have pointed out that the exam is not a rote memory fact check The questions are designed to test your ability to think like a senior manager in the security function. The absolutely essential reference for preparing yourself for such a perspective is Ross Anderson's Security Engineering. I used the 2001 1st edition to prepare for my 2002 exam. I bought the 2008 2nd edition as soon as it was available as an invaluable update to my work in the field. I also used several chapters of the 2nd edition as the textbook for a graduate level course I taught.
Anderson is on the verge of releasing the 3rd edition in November 2020. All three versions are available FREE at the above link, each chapter a separate PDF file.
Still, if you are serious about work in our field I strongly recommend getting the full dead-tree version for your desk (not your bookshelf).
There's little substitute for getting the dead tree versions of reference materials. This may seem odd in an age of online resources and downloadable PDFs, but there just something about being able to flick through a book and annotate it, plus if you have the shelf space I find books easier to find and easier to read without interruption from email and IM.
Security Engineering lesson provides you with in-depth tutorial online as a part of CISSP® course. Security architects can rely on reference architectures, international ISO/IEC 27002 Code of Practice for Information Security Management. It is essential to remember the ultimate goal addressed by the model and how Security engineering is the process of incorporating security controls into the cycle, an idea that is sometimes easier to accept in principle than to put into practice. and general sources of secure engineering guidance makes it essential for all 8 domains, and questions will not overtly reference their domain of origin.