Choosing the right CISSP training course is one of the most important decisions you will make on your journey to become a Certified Information Systems Security Professional.
The difference between successfully passing or failing the CISSP exam largely depends on how well your study materials match your learning style and schedule. You will be spending hundreds or even thousands of hours studying, so it’s crucial to find the study guide that is right for you. Using the wrong prep course can cause you to score lower and fail your exam, costing you months of study time and additional exam fees. CRUSH is here to make sure that doesn’t happen!
So here’s the good news: we have personally researched all of the Best CISSP online courses on the market to make things easier for you! The comparison chart below will help you determine which one best fits your needs.
Best CISSP Certification Training Courses of 2019:
- ExamPractice CISSP Study Materials
- Master of Project Academy CISSP Review Course
- Transcender CISSP Study Materials
- SimpliLearn CISSP Review Course
|WEBSITE||CISSP ExamPractice||Master of Project CISSP||Kaplan CISSP||Simplilearn CISSP|
|VIDEO LESSONS||35+ Hours||10+ Hours||23 Hours||32 Hours|
|CPE CREDITS OFFERED||32 CPEs||30 CPEs||None||35 CPEs / 30 PDUs|
|FORMAT||Online, Self-Paced||Online, Self-Paced||Online, Self-Paced||Online, Self-Paced|
|GUARANTEE||None||30 Day Money-Back Guarantee||On Practice Exam Software Only||3 Day Money-Back Guarantee|
|FREE DEMO||Practice Exam Software Demo|
|FULL-LENGTH PRACTICE EXAMS||10 Quizzes||1 Full Length Exam|
|ONLINE ACCESS||6 Months||12 Months||12 Months||6 Months|
|GET STARTED||START NOW||START NOW||START NOW||START NOW|
1. CISSP ExamPractice
The Bottom Line: The educational content contained in CISSP ExamPractice is primarily video-based and offers a great deal of flexibility in terms of how students can complete it. Their free demo will help prospective students make a decision.
2. Master of Project Academy CISSP
The Bottom Line: Master of Project Academy offers a stress-free and highly versatile CISSP training tool that also provides CPE credits. A free demo and money back guarantee ensure that students avoid any buyer’s remorse.
3. Kaplan CISSP
The Bottom Line: In addition to their flexible curriculum and free demo, Transcender appeals to aspiring InfoSEC professionals with their large volume of course content and instructor-led training.
4. SimpliLearn CISSP Prep Course
The Bottom Line: SimpliLearn’s online CISSP training program provides students with several comprehensive practice tests that contain a total of over 1,000 practice questions, perfect for exam prep. They also serve as an excellent CPE resource.
CISSP Certification Tips & Tricks
The ever changing cyber world of information technology is growing at an enormous pace. The dependence of governments, business and people on the IT infrastructure has made it an attractive jackpot for criminals. The cost of cyber attacks, vandalism and hacking have cost companies billions. Latest wanna-cry ransomware attack has already expose several vulnerabilities.
An important reason for failed security measures that cripple in front of advance threats is the incompetency of information security professionals. IT security is normally considered a job of high tech professionals expert in coding, scripting but with no business acumen. This has resulted in efforts that were not aligned with business objectives and goals.
Several certifications are available in market that accredit the expertise of information security professionals. The certifications help potential recruiters and market as a whole to verify the information security expertise of a professional. In the sea of growing certifications Certified Information System Security Professional (CISSP) emerged as the gold standard due to its excellent alignment between technical expertise and business knowledge. CISSP is the most globally recognized certification in the information security market. Required by the world’s most security-conscious organizations, CISSP is the industry-leading credential that assures you have the deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.
Definition and purpose of CISSP is clearly elaborated by ISC2, the organization that conducts CISSP certification program. They state
“The vendor-neutral CISSP certification is the ideal credential for those with proven deep technical and managerial competence, skills, experience, and credibility to design, engineer, implement, and manage their overall information security program to protect organizations from growing sophisticated attacks”
Hence CISSP exam tests and verify the person’s knowledge and skills both in technical and managerial domains. In the following section I will elaborate various questions that arise in the mind of CISSP aspirants.
How Can I Pass The CISSP?
You can if you have 5 years of information security experience in any two fields out of 8 domains of CISSP and you pass the test. CISSP covers a wide array of topics and that makes it worthy. The 8 domains of CISSP are
- Security and Risk Management
- Asset Security
- Security Engineering
- Communications and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
So if you have more than 5 years of experience in the desired fields, you just have to get started. However CISSP does not come at a cheap cost. A considerable amount of investment is required attending CISSP boot camps, CISSP training and buying CISSP learning material. CISSP exam itself cost $600. Most of the free material available on internet is from old 10 domains pattern.
What Is On The CISSP Test?
A successful journey starts once the goal is well defined and understood. Understanding CISSP test, what it is, how it test you and how tough it is can really set you on strong base for the gigantic task. The long 6 hour 250 multiple choice questions test, test your knowledge, patience and persistence. It requires a lot of study, practice tests, practical experience and strong conceptual grasp on CISSP knowledge areas.
The test consist of multiple choice questions with the following distribution percentage of questions.
|1. Security and Risk Management||16%|
|2. Asset Security||10%|
|3. Security Engineering||12%|
|4. Communication and Network Security||12%|
|5. Identity and Access Management||13%|
|6. Security Assessment and Testing||11%|
|7. Security Operations||16%|
|8. Software Development Security||10%|
As you witness the questions will be well spread across all domains and sincere efforts have to be made to master all 8 domains. All the questions in CISSP do not carry equal marks. The value of each questions is based on its difficulty level. In addition to this 25 questions are experimental and added for test purpose only. These questions are not rated for calculating your final score. However you cannot differentiate between these experimental test questions and the graded ones.
How to prepare for the CISSP Test
CISSP requires knowledge of all the 8 domains mentioned above. You will need the following four resources to prepare for the exam.
- Video lectures
- CISSP boot camp or CISSP trainings
- Practice tests
I will explain each in resource in detail
Your choice of book will help you determine the scope and milestones of your study. I would recommend CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide 7th Edition. It’s one of the highest rated book on amazon with various 5 star reviews. The book is well written and concise. The information given is to the point and there is no extra detail that is not related with CISSP exam. The book is divided into 21 chapters that are curated to make the reading and understanding easy.
In addition to this main book you can always consult additional books for in depth understanding of concepts. CISSP All-in-One Exam Guide is an excellent book for going through your weak topics. However the detail oriented book should only be used as reference instead of using it as one and only book. Books by Eric Conrad are also praised and highly rated by CISSP test takers.
- Video Lectures
There are a lot of free and paid video lectures that are available on internet. The most effective lectures are provided by Kelly Handerhan on Cybrary. Her lectures are concise, to the point and creates the mindset that is very important for successful CISSP test. CISSP puts you in a position of risk manager, hence all your decisions and choices must be based on that context. The lectures are free.
3. CISSP boot camps
CISSP market demand has made it an attractive certification which is seek by huge number of IT security professionals. A lot of companies offer online and onsite CISSP trainings. These CISSP classes provide a quick head start for students and helps significantly in understanding the scope and knowledge areas of CISSP. You can view our comparison at the top of this page for the best CISP boot camps available.
4. Practice Tests for CISSP Training
Successful CISSP test attempt is based on extensive practice sessions. Practice questions must be used topic wise and in mix format to consolidate information security concepts. One reason for CISSP difficulty level to be high is that no practice questions come close to original questions asked in exam.
Therefore practice questions from multiple source must be used to diversify the test experience. Some of the resources used by me are
- Sybex Test Bank: This comes along with the book and adds significantly to the value. There are 20 questions for each chapter along with (4) 250 questions full exams.
- MCGraw Hill practice exams. These CISSP practice questions and audio lectures were developed by Shon Harris and the Logical Security development team. We worked hard to develop a comprehensive set of questions and lecture files that will better prepare you for the CISSP.
*A sample from each of the sources is included at the end
Ongoing CISSP certification
The CISSP credential is valid for three years; most holders renew by submitting Continuing Professional Education (CPE) credits. There is also a yearly membership fee of $85 required to maintain certification
According to the study, the highest population of CISSPs are located in DC, NYC and Atlanta Georgia. The city with the highest average salary was NYC, coming in at $119,840/yr.
CISSP Certification Concentrations
Holders of CISSP certifications can earn additional certifications in areas of specialty. There are three possibilities:
- Information Systems Security Architecture Professional (CISSP-ISSAP). The architect plays a key role within the information security department with responsibilities that functionally fit between the C-suite and upper managerial level and the implementation of the security program.
- Information Systems Security Engineering Professional (CISSP-ISSEP), an advanced information security certification issued by (ISC)2 that focuses on the engineering aspects of information security. ISSEP is the guide for incorporating security into projects, applications, business processes, and all information systems.
- Information Systems Security Management Professional (CISSP-ISSMP), an advanced information security certification issued by (ISC)2 that focuses on the management aspects of information security. An ISSMP establishes, presents, and governs information security programs demonstrating management and leadership skills
Sample Sybex Test Questions
- What security flaw conveys information by writing data to a common storage area where another process can read it ?
- Covert timing channel
- Buffer overflow
- Covert storage channel
- Maintenance hook
A covert storage channel conveys information by writing data to a common storage area where another process can read it. Securing data in such a way introduces a security flaw that allows unauthorized user to access the data.
- A user’s privacy
- The public’s freedom
- Intellectual property
- A company’s right to audit
Sample CCCure Quizzer question
- Jean is an internal auditor who consistently uses the audit logs of various network systems to product reports. In an email to the VP of IT, she stresses how important it is that proper protection controls are put in place to protect the audit logs. Of the justification listed below, which is the weakest.
- Unprotected audit logs can be easily altered by an intruder after committing a crime.
- Unapproved changes to audit logs hurt the consistency and efficiency of automating reporting.
- Audit logs often contain sensitive information and must be protected.
- In the event of an investigation, an unprotected audit log may be deemed inadmissible in court.
Unapproved changes to audit logs, which can negatively affect the automation process of reporting, are not the main concern of security. Audit logs are protected to ensure the integrity and confidentiality of logs.
Sample McGraw Hill question
- What is the first step in developing a DRP(Disaster Recovery Plan)
- Identify all critical systems and functions of the company
- Decide if the company needs to perform a walk-through, parallel or simulation test.
- Perform a BIA(Business Impact Analysis)
- Interview a representative from each Department
A BIA includes identifying critical systems and functions of a company and interviewing representatives from each department. Once management’s support if solidified, a business impact analysis needs to be performed to identify the threats the company faces and the potential costs of these threat.
Top 3 CISSP Online Training Courses
|CISSP Course||CISSP ExamPractice||Transcender||SimpliLearn|
|Video Lessons||35+ Hours||23 Hours||32 Hours|
|Guarantee||None||On Practice Exam Software Only||3 Day Money-Back Guarantee|
|Online Access||6 Months||12 Months||180 Days|