Tech Recipe Book
My Services
  • Book
    • About the author
    • Architect
      • Algorithms
        • DB index algorithms
          • How does database indexing work
        • Neural network optimization
          • Neural Network Optimization
        • Route search
          • Road network in a database to build a route
          • Traveling Salesman Problem (TSP)
      • Architecture Frameworks
        • DODAF
        • TOGAF
        • Enterprise Architecture (EA) Tools Reviews 2023 | Gartner
      • Zero Trust
      • Billing
        • SHM billing system
      • Bots
        • Discord
        • Telegram
          • Chat GPT Telegram bot
          • Получаем статистику Telegram-канала при помощи api и python или свой tgstat с регистрацией и смс
          • Как хостить телеграм-бота (и другие скрипты на Python) на Repl.it бесплатно 24/7
          • Создание Telegram бота на PHP #1: основные понятия для работы с API
          • Создание Telegram бота на PHP #2: создание первого бота для Telegram
          • Создание Telegram бота на PHP #3: примеры отправки сообщений с кнопками в Telegram
          • Создание Telegram бота на PHP #4: отправка файлов и изображений в Telegram
          • Создание Telegram бота на PHP #5: работа с хуками
      • Business intelligence
      • Cloud Storage
        • Ceph
        • Virtual Distributed File System
      • Cryptography
        • Open Source PKI Software
        • OpenPGP
          • Email Encryption
          • Kleopatra
          • Miscellaneous Tools
          • Server side applications
      • Message broker
        • Kafka
          • Kafka UI-tools
          • Kafka streams ksqlDb
        • RabbitMQ
      • DB
        • MySQL
          • Auto sharding
          • MariaDB Zabbix monitoring
          • MySQL and MariaDB replication with Zabbix monitoring
        • Postgres
          • HA PostgreSQL with Patroni, Haproxy, Keepalived
          • Mass parallel requests - Greenplum
          • PostgreSQL cluster for development and testing
        • Vitess - Scalable. Reliable. MySQL-compatible. Cloud-native. Database.
      • Identity and Access Management (IDM)
        • FreeIPA - Identity, Policy, Audit
        • FreeIPA as an Enterprise solution
        • Keycloak
          • Keycloak HA cluster
        • Open Identity Platform
        • SSO
          • Keycloak for Java app
          • OpenAM
          • OpenIG
      • Firewall
        • nftables
      • Infrastructure As a Code
        • Ansible
        • IaC Packer Ansible Teraform
        • Installing Jenkins using terraform in Kubernetes in Yandex Cloud with letsencypt
        • Teraform Crosplan Pulumi
        • Yandex IaC solutions
      • Kubernetes
        • Installation
          • Install Kubernetes cluster
          • Deploying a Kubespray cluster to OpenStack using Terraform
          • Kube deploy in Yandex cloud
        • Frameworks
          • Deckhouse
            • LDAP authentification
            • On premise Install
            • Yandex Cloud Install
          • K3S
          • OpenShift OKD
          • RKE2
          • Rancher
            • Rancher Install
        • Auth
          • Keycloak in k8s
          • LDAP
        • GUI management Lens
        • Monitoring
          • Monitoring with Falco
          • Network monitoring
          • Nginx ingress
          • Prometheus Graphana for sample Nodejs app
          • Rsource monitoring Avito
        • Exposing services
          • Exposing Kubernetes Services
          • Cilium BGP
        • CNCF
        • Helm
          • Repositories
            • Artifact Hub | official
            • Bitnami | vmware
          • Awesome helm charts and resources
          • Essential Services for Modern Organizations
          • Security and Compliance
          • Additional charts
        • Isolation
          • vcluster - Virtual Kubernetes Clusters
          • Kiosk
          • KubeArmor
          • Control Plane Hardening
          • Hierarchical namespaces
        • Security Center
          • Minesweeper
          • NeuVector by SUSE
          • SOAR in Kubernetes
          • Security Сenter for Kubernetes
        • Terraform CI security
          • Terraform plan analysis with Checkov and Bridgecrew
          • Yandex Terraform scan
        • Vulnerability management
          • Aqua
          • Sysdig
          • Kyverno
          • GitLab
          • NeuVector by SUSE
        • Image scanning
          • Snyk
          • Sysdig
          • Harbor
          • Trivy
        • Signature verification
          • Sigstore
        • Control plane security
          • Gatekeeper
            • Applying OPA Gatekeeper
          • Kyverno
            • Policy as a code. Kyverno
        • Runtime Security
          • Osquery
          • Falco
          • ClamAV
        • Network security
          • Cilium
          • Control Plane Hardening (API restriction)
          • Network policy recipes
          • Service mesh
            • Istio HA, LoadBalance, Rate limit
          • mTLS Autocert
        • Honeypot
          • Building honeypot using vcluster and Falco
        • Backup
          • Kasten K10
        • Secrets
          • Vault CSI Driver
      • Load Balance
        • Nginx
        • HAProxy
          • Proxy methods
          • HAProxy for RDP
          • Payment gateway A/B test with HAProxy
          • HAPRoxy for Percona or Galera
      • Monitoring
        • Zabbix
          • Apache Zabbix
          • Disc Quota
          • Nginx Zabbix
          • SSL certificates Zabix
          • Zabbix notifications
        • Nagios
          • Datacenter monitoring
        • Prometheus and Grafana
      • Windows
        • Sysmon enhanced Windows audit
        • Sysmon to Block Unwanted File
      • Linux
        • Rsync
        • Debian based
          • Apt-Cacher NG
          • Unattended Upgrades in Debian / Ubuntu
        • RedHat basede
          • RPM Server
        • Logs analysis
        • Build armhf qemu
      • NGFW
      • CI/CD
        • DevSecOps
          • DAST
            • Burp
              • Dastardly
            • StackHawk
            • ZAP and GitHub Actions
          • SAST
            • Checkmarx
            • OSV by Google
            • Snyk
            • SonarQube
        • GitLab Runner in Yandex Cloud
        • Dynamic Gitlab Runners in Yandex Cloud
        • GitLab runner in Kubernetes with Werf
        • Kubernetes deploy strategies
        • Kubernetes highload deploy. part 1
        • Kubernetes highload deploy. part 2
        • Kubernetes Argo Rollouts
        • Jenkins in Kubernetes
        • Ansible Semaphore
        • Image storage, scaning and signing
        • Install WireGuard with Gitlab and Terraform
        • CI/CD example fror small web app
        • Threat matrix for CI CD Pipeline
      • SIEM / SOC
        • Datadog
        • Splunk
          • Splunk — general description
        • MaxPatrol
          • MaxPatrol 8 and RedCheck Enterprise
        • QRadar IBM
        • Cloud Native Security Platform (CNAPP) - Aqua
        • OSSIM | AT&T
          • AlienVault (OSSIM) install
        • Wazuh
        • EDR
          • Cortex XDR | Palo Alto Networks
          • Cynet
          • FortiEDR | Fortinet
          • Elastic
        • Elastic
          • Install Elasticsearch, Logstash, and Kibana (Elastic Stack) on Ubuntu 22.04
          • Setting Up Elastic 8 with Kibana, Fleet, Endpoint Security, and Windows Log Collection
        • Threat Intelligence
          • MISP
          • msticpy Microsoft
          • X-Force | IBM
          • Elastic
      • VPN
        • Full-Mesh VPN fastd, tinc, VpnCloud
        • Wireguard
          • WireGuard for Internet access
          • WireGuard on MikroTik and Keenetic
          • WireGuard site to site
        • SoftEther VPN Project
        • Cisco AnyConnect client
        • OpenConnect
        • SSTP python server
      • OS hardening
        • CIS Benchmarks
      • Cloud Providers
      • OpenNebula
        • OpenNebula Edge Cloud - Open Source Cloud & Edge Computing
        • Discover OpenNebula – Open Source Cloud & Edge Computing Platform
        • OpenNebula Multi-Cloud
        • Kubernetes on OpenNebula
        • The Open Source Alternative to Nutanix
        • The Simple Alternative to OpenStack
        • OpenNebula Partner Ecosystem
      • OpenStack
        • Install manual
        • Install with DevStack
      • VM
        • Create a VHD file from a Linux disk
        • Backup / Migration
          • Coriolis
          • Proxmox Backup Server
        • oVirt
        • VMware vCenter
        • Proxmox
      • Docker
        • Container optimization
        • Ubuntu RDP container
      • LXC
        • LXD on Ubuntu 18.04
        • Install, Create and Manage LXC in Ubuntu/Debian
    • Big Data
      • OLAP data qubes
      • Storage and autoscale in Lerua
    • Machine Learning
      • Yandex YaLM 100B. GPT model
      • Kaggle Community Datasts Models
      • AI in video production
      • Image search
      • Chat bots
        • You.com
        • Chat GPT
          • Implementing GPT in NumPy
        • Jailbreak Chat
      • Coding plugins CodeWhisperer
    • Malware
      • Isiaon/Pitraix: Modern Cross-Platform Peer-to-Peer Botnet over TOR
      • theZoo A repository of LIVE malwares
    • Pentest
      • Red Team
        • MITRE ATT&CK matrix
        • C2 Frameworks
          • Brute Ratel C4
          • Cobalt Strike
          • Covenant
          • Havoc Framework
          • Merlin
          • Metasploit
          • Sillenttrinity
          • Sliver
        • Manage and report
          • Dradis Framework
          • Hexway
        • Underground
      • Social engineering
        • Social Engineer Toolkit setoolkit
      • OSINT
        • OSINT for comapny
        • Instagram fishing
      • Forensics
        • Forensics tools
      • Pentesting Methodology
      • Web
      • CI/CD Methodology
      • Cloud Methodology
        • Hacking The Cloud
      • Kubernetes Pentesting
      • Android
        • SSL Unpinning for Android applications
      • iOS
        • SSL unpinning iOS and macOS applications
      • HackBar tool
      • CyberChef Tools
      • Python virtualenv
      • IppSec - YouTube
      • Hacktricks.xyz
    • Compliance
      • 152 ФЗ. Personal data
      • PCI DSS and ГОСТ Р 57580.1-2017
      • Cloud compliance
      • ГОСТ Р 57580.1-2017 для Kubernetes
      • Kubernets as DevSecOps and NIST compliance
      • NIST SP 800-61 cyberincidece control
      • CIS Kubernetes Benchmark v1.6 - RKE2 v1.20
      • CIS Kubernetes Benchmark v1.23 - RKE2
      • Requirements for Russian Banks
      • Tools
        • Chef InSpec
        • Elastic SIEM
    • Asset management
      • CMDBuild
    • Project management
    • Incident management SRE
    • Risk management
      • IT risk management
      • BSI-Standard 200-3
    • Web Dev
      • Cookie security
      • OWASP Top 10 2021
      • Docker nginx php mysql
      • Docker tor hiddenservice nginx
      • Docker Compose wp nginx php mariadb
      • Dependency Checking
        • Nexus Analyzer
        • OWASP dependency-check
      • Yii skeeks cms
      • YiiStudio
    • Art
      • GTK Themes
      • Themes for Xfce Desktop
      • XFCE / Xubuntu Windows 95
      • Moscow events
      • Photo goods
      • Russian style gifts
    • Cryptocurrency
      • News
      • Arbitrage
      • Stocks
      • Exchange aggregators
      • Where to use
      • Prepaid cards
        • BitFree
        • Pyypl Your Money at Your Fingertips
    • IT magazines
      • WIKI and Writeups tools
        • BookStack
        • GitBook
        • MkDocs
        • Wiki.js
        • DokuWiki
    • Languages
    • Learning
      • (ISC)2
        • CISSP
      • Offensive Security
        • OSCP
        • OSEP
        • OSED
      • DevSecOps
        • Certified DevSecOps Professional (CDP)
        • Certified DevSecOps Expert (CDE)
      • Web Security Academy: PortSwigger
    • Relocation
      • London experience
      • IT visas in 2022
      • Remote work
      • Running business in UAE
    • Freenet
      • Independent online services: the philosophy of a free Internet
      • Tor Project Anonymity Online
      • I2P Anonymous Network
    • Services
      • SMS Registration
        • Registering ChatGPT in Russia
      • Local and regional eSIMs for travellers - Airalo
      • Digital busines cards
      • No KYC services and exchanges
Powered by GitBook
On this page
  • Cheat sheets for studying for the CISSP exam
  • CISSP study guides and practice tests to help you prepare for the exam
  • Best courses for the CISSP exam
  • 1. StationX: The Complete CISSP Bundle
  • 2. Certified Information Security CISSP Exam Preparation
  • 3. Official (ISC)² CISSP Self-Paced Training
  • 4. Simplilearn: CISSP Certification
  • 5. Cybrary: CISSP
  • 6. SANS: MGT414: SANS Training Program for CISSP® Certification
  • 7. Global Knowledge: CISSP Certification Prep Course
  • 8. Infosec: CISSP Certification Boot Camp
  • CISSP exam FAQs
  • What are the prerequisites for the CISSP exam?
  • What is the format of the CISSP exam?
  • What are CPEs and how does the system work?

Was this helpful?

  1. Book
  2. Learning
  3. (ISC)2

CISSP

Last updated 1 year ago

Was this helpful?

Below you’ll find links to to help ensure you’re fully prepped come exam day. We also provide links to some of the best CISSP study guides and recommend some top courses to consider taking as part of your prep. Let’s get started!

Cheat sheets for studying for the CISSP exam

We’ve created the ultimate cheat sheets for helping you pass the exam. Follow the links below to see in-depth, and easy-to-navigate, sheets for each of the eight CISSP domains.

CISSP study guides and practice tests to help you prepare for the exam

If you’ve got the basic knowledge but you’re not quite at the level where all you need is a cheat sheet, there are some handy study guides available to help you with your preparation.

However, if you’re looking for alternatives, there are some great resources available. Note that many publishers of the books below provide mobile apps to accompany study guides, so you can prepare for your exam while on the go.

Study guide textbooks:

Many of the study guides above and the courses below include practice tests and questions. However, if you want a little extra training, here are some sets of practice tests you may want to get your hands on.

Additional practice questions:

Best courses for the CISSP exam

The cheat sheets and study guides above can help you in your preparation for the exam. But you might need more in-depth courses that teach you the full content of the CISSP certification. Depending on where you’re located, you may have in-class training available to you. However, these programs aren’t accessible to everyone, and can often cost thousands of dollars for a seat.

The other option is to take an online course, and while many of these are also pricey, some won’t break the bank at all. With so many available, it can be hard to choose the right option for you. Here are our top recommendations for courses that have fully online options:

Let’s take a closer look at each of these and what they have to offer.

The Complete CISSP Bundle from StationX is our top recommendation. It includes an introduction to CISSP certification, which is followed by 17.5 hours of training covering all eight CISSP Domains, and 578 pages of downloadable slides for all eight domains.

To keep your study on track, students have access to a downloadable CISSP study plan, and a CISSP CAT exam infographic. There are 1000 CISSP practice questions available, which cover all eight domains.

Students will learn how to study effectively, how to get free CPEs, and what to do when they pass or fail. They’ll learn how to answer questions from the “right point of view” i.e. how to understand IT Security and Cyber Security from a management-level perspective.

Certified Information Security offers a comprehensive program to get you prepped for the CISSP exam. It’s very reasonably priced considering what you get.

The course is produced and narrated by Allen Keele, an expert in (ISC)2 exam prep and is updated twice per year. It only includes content that is required for the exam, so you don’t have to waste time learning unnecessary topics.

This program is interactive and adaptive and includes:

  • More than 1,300 slides

  • 16.5 hours of narrated content

  • 54 domain and lesson exams

  • 8 timed mock CISSP exams (with 1,200 unique questions)

  • 40 CPE credits

  • A one-on-one session with course author Allen Keele

This is the official course offered by (ISC)2 itself. Obviously, the main bonus of this program is that you can be sure it’s one hundred percent relevant to the updated CISSP certification exam. It doesn’t have a huge price tag (compared to other courses), but might still be beyond the budget of many exam-takers.

Here’s what you can expect from this training program:

  • The Official (ISC)2 Student Training Guide

  • 30 hours of video instruction, comprising more than 300 recordings

  • Earn 40 CPEs

  • Interactive flash cards

  • Activities for independent reading

  • Real-world example scenarios and case studies

  • Checks on knowledge once each domain is completed

  • Assessment questions once you’ve completed the course

Students are provided with real-time feedback on their progress and 24/7 technical support via live chat.

The course material is available for 180 days — approximately six months — after payment. Students who do not pass the exam after attending the ISC2 Training Seminar are allowed to attend a second Training Seminar — free of charge.

Price: This course costs $995, which is reasonable compared to many others on the list.

Simiplilearn offers two options for its online course, both of which are large investments. One is to go with the Online Bootcamp, which involves attending online classes led by an instructor. This option includes 90 days of classes and lifetime access to the learning material. The only marginally less expensive Self-Paced Learning course provides you with unlimited access to course content but no classes.

Both options include:

  • 67 hours worth of learning

  • 24/7 support

  • 30 CPEs

  • 5 practice papers to help you prepare

  • A voucher for the CISSP exam

In most regions, Simplilearn offers an exam pass guarantee and will give you an additional exam voucher if you don’t pass the first time around.

Price: The Online Bootcamp costs $2,299, while the Self-Paced Learning program is slightly less at $2,200. There is a seven-day money-back guarantee which is valid as long as you haven’t accessed more than 25 percent of the course content or attended more than one online class.

Cybrary’s CISSP course comprises 19 hours worth of video instruction covering all CISSP domains. The video content for this course is free (you’ll need to sign up for a free account), but if you want to unlock additional features of Cybrary’s service, you need to purchase a subscription.

Extra features available to subscribers include virtual labs, which help you apply what you’ve learned and gain hands-on experience in your field, and practice tests to help you prepare for the exam.

This course advertises that it is worth !5 CPEs, although you may be able to check with (ISC)2 to see if you can claim 19 CPEs (one per hour). We discuss CPEs in more detail below.

Price: A Cybrary subscription gives you access to as many courses as you like, and costs $59 per month on a monthly basis, with the first month billed at $29.

The SANS Institute offers its CISSP course in several formats, including live in-class or on-demand online. This is the most expensive option on the list, so not a good solution if you’re on a budget. However, if you’re looking for a solid and comprehensive course, and maybe have an employer willing to foot the bill, this one will deliver. The SANS Institute is renown in the information security industry and has provided education and research programs for more than thirty years.

The course counts as 46 CPEs and aside from the lessons includes:

  • A coursebook for each domain

  • Over 300 knowledge testing and preparation questions for each domain

  • Audio files of the course content

MGT414 dissects each of the eight CISSP domains into its core components and explains how they relate to each other and other facets of cybersecurity. If you find the CISSP content dry (which many people do), then this could be a good option for you. One of the authors’ goals in creating the course was to bring the CISSP content to life using case studies, examples, and stories.

Price: This is a pricey course at $8.275.

Global Knowledge provides a CISSP Certification Prep Course in a virtual classroom. The course lasts five consecutive days and provides a comprehensive review of the CISSP content, focusing on the eight main domains.

Students receive a textbook, and access to practice test questions with complete answer explanations and flashcards. Classes last from 8am to 5.30pm on each of the five days.

The consecutive classes mean that this course isn’t suitable for those who prefer to work at their own pace. According to a company representative, students should be able to claim 40 CPEs for studying this program.

Price: The CISSP certification prep course costs $2,995.

Infosec courses are hailed for their content and the quality of the instructors. You can either take this seven-day course in-person or in a virtual classroom setting. The in-person option involves live instruction at a physical location, which includes course materials, catered lunches, and community forum access.

Infosec also offers a — lower-priced — self-paced CISSP training program. This comes comes with a dedicated student advising team, an exam voucher, and six-month access to course materials.

You may have to confirm with (ISC)² how many CPEs you can claim for this course, but you should be able to claim one per hour of class.

Price: You have to fill out a form to access pricing. We were quoted $4,299 for Boot Camp Training and $2,999 for Self-Paced Training.

CISSP exam FAQs

You’re almost ready to get studying and tackle the CISSP certification exam. But first, here are the answers to a few common questions:

What are the prerequisites for the CISSP exam?

What is the format of the CISSP exam?

The CISSP exam uses Computerized Adaptive Testing (CAT). With CAT, the exam is adapted to the examinee’s ability level during the test. Each subsequent question or set of questions is selected based on how you’ve performed on previous questions.

A bonus of this style of test is that you can prove your ability in less time. Before 2017, the CISSP exam took six hours to complete and comprised 250 questions. Nowadays, the exam lasts just three hours. Candidates are given a minimum of 100 questions and a maximum of 150 questions.

What are CPEs and how does the system work?

Once you’ve passed the CISSP exam, to keep up your certification, you’ll need to continuously earn CPEs. These may be earned in various ways, such as attending training and conferences related to your field.

To start, there are the . These include the Official (ISC)² CISSP Study Guide, the Official (ISC)² CISSP Practice Tests, CISSP For Dummies, Official CISSP Study and Practice Tests Apps, and Official CISSP Flash Cards.

Other resources you may find useful in preparation for the exam are the and .

1.

This course usually retails for $400, but you can get it at an incredibly low price of $52.

2.

Certified Information Security also offers low-priced programs for other infosec certifications including , , and .

for six months of access. However, if you don’t pass your exam within the first month, you get a free six-month extension. So you’re essentially paying for a year of access.

3.

4.

5.

6.

7.

8.

To receive a CISSP certification, candidates must hold at least five years of work experience in multiple (two or more) CISSP domains. Paid and unpaid internships are acceptable forms of work experience. Relevant education may substitute a maximum of one year of experience, but there are limitations. A four-year college degree or equivalent can count as one year of work experience. Alternatively, a , such as Certified Penetration Tester (GPEN) or Cisco Certified Network Associate Security (CCNA Security) can count as one year of work experience.

If you’re wondering which certifications you should aim for before CISSP, there are actually many pathways you can take. That said, is to obtain the CompTIA Network+ and CompTIA Security+ before pursuing (ISC)2 SSCP and finally (ISC)2 CISSP.

, referred to as CPEs, are awarded for education and training related to your field. They are required for maintaining your CISSP certification. You should earn 40 CPEs each year for a total of 120 in your three-year certification cycle.

You can earn CPEs by studying for the CISSP exam, including by taking the training programs above. that members can claim up to “40 CPE credits for the preparation or self-study work they did.” In addition, CPE credits associated with obtaining additional professional certifications are awarded for the time spent preparing for obtaining the additional credential “but not for achieving the certification.”

CPE credits associated with obtaining additional professional certifications are awarded for the time spent preparing for obtaining the additional credential “but not for achieving the certification.” Typically, one CPE is credited for each hour of a given activity, but there are exceptions. You can learn more about CPEs in the

Domain 1: Security and Risk Management
Domain 2: Asset Security
Domain 3: Security Architecture and Engineering
Domain 4: Communications and Network Security
Domain 5: Identity and Access Management
Domain 6: Security Assessment and Testing
Domain 7: Security Operations
Domain 8: Software Development Security
official study materials from (ISC)2
CISSP All-in-One Exam Guide, Ninth Edition
CISSP Study Guide 4th Edition
Eleventh Hour CISSP®: Study Guide 4th Edition (Pre-order)
CISSP Cert Guide (4th Edition) (Certification Guide)
CISSP For Dummies (For Dummies (Computer/Tech)) 7th Edition
CISSP Official (ISC)2 Practice Tests 3rd Edition
CISSP Practice Exams, 6th Edition
CISSP Exam Prep Questions, Answers & Explanations
CCCure Quiz Engine
CISSP reddit community
CISSP podcasts
StationX: The Complete CISSP Bundle
Certified Information Security CISSP Exam Preparation
Official (ISC)² CISSP Self-Paced Training
Simplilearn: CISSP Certification
Cybrary: CISSP
SANS: MGT414: SANS Training Program for CISSP® Certification
Global Knowledge: CISSP Certification Prep Course
Infosec: CISSP Certification Boot Camp
StationX: The Complete CISSP Bundle
BEST COURSE FOR CISSP EXAM:StationX is our #1 choice
Certified Information Security CISSP Exam Preparation
CISA
CISM
CRISC
Price:The course costs $1,795
Official (ISC)² CISSP Self-Paced Training
Simplilearn: CISSP Certification
Cybrary: CISSP
SANS: MGT414: SANS Training Program for CISSP® Certification
Global Knowledge: CISSP Certification Prep Course
Infosec: CISSP Certification Boot Camp
relevant (ISC)2-approved credential
one popular route
Continuing Professional Education credits
(ISC)2 says
(
ISC)2 CPE handbook.
https://www.comparitech.com/blog/information-security/cissp-certification-courses/#Cheat_sheets_for_studying_for_the_CISSP_exam