Can anyone tell me, of the many many free CISSP study guides and mock papers available on iStore, are any actually worth time to install and work through or are they simply marketing tools for more purchases or re-hashing officially published works?
The practice questions have only one useful outcome : They provide you with an understanding of what kind of questions you will face in actual exam. But only an indication.
The guide books, in my opinion, actually are a distraction. There are only 2/3 books you need to go through and that too for specific sections. For example Book A does not cover or explain BYOD risks well, Book B may be better and so on. reading all the books cover to cover will be useless and distraction.
Not looked at them, so others may well have better experience here.
IMHO, if it seems too good to be true it's probably too good to be true and trying to sell you a course.
Everything you need to pass the CISSP exam is in your experience as a Cyber Security Professional, the CBK, one of the good study guides and (your mileage may vary) 3-6 months of structured and purposeful self study. Plan it out, have a buddy mentor you and you'll be fine, it's recalled facts, thought process and comprehension.
An official review seminar is a good idea as well.
However having said this if you did investigate them I'm sure a lot of candidates would be interested in your experience.
One may prefer referring to more than 1 book due to various reasons such as (1. How the topic is explained. 2. Examples used. 3. Simplicity of words used) etc.
Mock questions/simulators can help you in ways such as (1. Test knowledge on domains (domain wise). 2. Take exams with 250-300 questions to see how well you are able to focus and concentrate on questions so that you can prepare for the exam).
I hope you find the response useful.
For me I vividly remember a staggering choice of information sources I could use to help learn about the CISSP domains.
And I struggled to choose. Until my CISSP sponsor suggested I should sample the books I thought were interesting (judging a cover!). So I did. Some online retailers provided sample chapters of the books I liked the look of and some which were recommended... In the end I chose Shon Harris (RIP) All in One study and exam guide.
Her book came with a DVD with a small selection of domain videos and her voice instantly resonated with me... and that was it, read the book cover to cover, did practise exams from the book. Then took an ISC 4 day seminar and then the exam.
Subjective perhaps, but like many things, it came down to personal choice.
To get started, I recommend the free Kelly Handerhan CISSP course from Cybrary.it.
I found the free course to be engaging and cover the basics. From there you can branch out on the subjects you are weakest.
For my complete write up on how I studied for the CISSP check out the third message in the post linked below.
Study and good luck,
I wouldn't bother with the free stuff at all to be honest with one honourable exception.
I used the official study guide (costs money) in conjunction with the Cybrary course that Kelly Handerhan runs (that's the honourable exception). I studied for around 8 weeks basically going through a chapter of the study guide and then reinforcing it with the Cybrary videos - around a domain a week. I did have quite a bit of actual practical experience though and found that probably the biggest factor in passing. I would not underestimate the value of Kelly Handerhan's Cybrary course either. She takes a very pragmatic approach and tells you how to approach the exam rather than teach you anything specific. A lot of the advice she gave in the course was invaluable in the exam itself. If you approach it like a techie you will fail. If you approach it like a manager you will fail. The secret is to get the balance right. Oh, and if in doubt, Charlie out.
On the weekend before my exam I did nothing much except have a quick scan through the 11th Hour Study guide (bought it for my kindle) at the areas in which I was most weak.
The official study guide came with some online question sets that were not too bad. I worked my way through them a couple of times just to get myself into the way of multiple choice exams. I also had a copy of the CBK but mostly I found it quite impenetrable. It's very thorough but the official study guide kind of gets to the point a bit quicker and is easier to read.
The exam questions bore little resemblance to any of the mock exams and the exam itself is as much a test of mental stamina as it is of technical or management knowledge.
So my advice would be to use Cybrary, make an investment in the official study guide and set yourself a structured plan to address the areas you are weak in. The 11th hour study guide is also pretty good if you want to run through a lot of the material just to refresh your memory. Sometimes when you get to the end of the last domain you start to forget some of the things in previous domains - there is a lot to take in - the 11th hour guide is a handy way to go through the salient points for everything over a weekend right at the end.
The mock test that comes with the official study guide is a good starting point as it should confirm the areas you probably know you need to work on (it did for me).
When I did my CISSP several years ago I was advised to read the Shon Harris book. I lived that book for 3 months before sitting the exam. Someone also gave me their old copy of CISSP Exam Cram by Michael Greg published in 2006 by Que. I used that a little bit but relied on Shon's book mostly and passed first time.
Oddly a guy at work here sat the CISSP a couple months ago and I lent him the Exam Cram book - he said it was quite useful.
All 3 CISSPs I know well who passed a while back, we all used Shon's book. I bought it from Kindle and still refer to it today. I also used it for my CISSP-ISSAP. Looking on Amazon it looks like it was updated last year so I hope its still as good now as it was when I bought it.