Here’s how I studied for the CISSP to pass on my first attempt. (Test has an estimated first-attempt failure rate of 50-60%). Not to lead anyone to think the below is likely all they will have to do, I have an extensive background in IT and have been using computers since I was four years old. This certainly helped a lot. Either way, though, the CISSP takes a great deal of studying no matter your experience level. You certainly don’t need my background but absent that advantage you’re probably going to have to study much more than I did. Anyone with 5+ years of IT experience I think can pass it, though, with the proper preparation — it just will likely be more involved than the below.

My first and main resources were these two books:

(ISC)² CISSP Certified Information Systems Security Professional Official Study Guide, 8th Edition

CISSP All-in-One Exam Guide, 8th Edition

I read those cover to cover and then went back and took notes on what I didn’t know or understand. This ended up being 62 pages of notes, and not in large type either. With the Official Study Guide, I did all the practice tests after each chapter and made sure I understood the answers fully, especially for the questions I missed.

Also, I made extensive use of the Boson CISSP ExSim practice exams. Crucially, they explain in detail why the correct answer is in fact correct. This was invaluable. I think I still might’ve passed without this expense but the exam would’ve been much, much harder.

In addition, I spent time on the (ISC)² website to study any available free material regarding the exam, including the free CISSP flash cards.

I did not watch any videos or use many other resources. Videos generally aren’t helpful to me in most cases — your results may vary.

The above resources, though, were what I spent nearly all my study time on. I estimate I studied about 200 hours for this exam over about two months. That’s about three hours a day for two months, every day.