It's time to move forward with the CISSP this year. I'm committing to the CISSP certification in 2019. This will be the first certification outside of CompTIA. I bounced around the idea of getting it for way too long.

Update 9/19: It's time! I'm taking the exam at the end of the month. The CISSP exam overview post is now up!

The featured image may be fake but this is not an April Fools joke.

In the coming weeks, I'll put together study notes like I've done previously for CompTIA certifications.

I may call it something like The Ultimate CISSP Study Notes Collection. Just a slight proclivity to assuming titles.

I went to an (ISC)² conference in 2015 and it was awesome. I want to attend another one. But this time as an (ISC)² member.

Free Study Resources

I'll be writing up my own notes to make sure I absorb the material but here are 3 free resources (say that 3 times fast) to get you started:

  • Kelly Handerhan Audio MP3s (Based on Kelly Handerhan's Cybrary CISSP Course)
    • Cybrary CISSP Bootcamp Slides PDF
    • Update: It appears the public links to the MP3s (https://content.cybrary.it/assets/level1/audio/CISSP/CISSP%208%20Domain%20MP3s.zip) and the PDF (https://content.cybrary.it/assets/level1/Class%20Asset%20Downloads/CISSP%208%20Domains.pdf) have been taken down.
  • Shon Harris Quizzes and Audio MP3s (All-in-one book based on the older 10 domain exam but still good info)
    • Update: It appears this resource (https://www.mhprofessionalresources.com/sites/CISSPExams/exam.php?id=AccessControl) has been taken down.

Update: Based on the feedback from other cyber professionals, the organization of the guide, and the accuracy of the guide, I can no longer recommend the Sunflower v2.0 CISSP Summary PDF (37 pages).

What Do You Think?

Do you think the CISSP certification is worth it? Some people don't think so, usually the technical people. this reminds me of a post I read somewhere:

[Person] is one of those guys that is super technical, and thinks that anyone or anything not technical is dumb. He's happy to be an individual contributor for the rest of his life being on call 24/7 to reboot edge switches. CISSP is about gaining the knowledge necessary to move up the chain and communicate with non-technical people. That dude would rather wear a band t-shirt to work and grow a long beard in order to pretend to be the smartest one in the room.

I won't be as condescending here, but the point remains. Getting this certification will depend on what your goals are and what is currently in demand in the job market. I have yet to see any data where a CISSP certification wouldn't be worth it, at least in my use case.

Is there a certification that you've been contemplating? What about your experience with (ISC)²? Are you thinking about getting the CISSP certification in 2019 (or beyond) as well?

Pin It on Pinterest