CISSP Study Plan

I am considering taking on the CISSP as my next certification. I am finishing up the ECSA (review to come), and I am already leveling my sights on the next target.

CISSP vs. eLearnSecurity

I was debating on what my next target should be. Seeing as the next semester starts up in 3 weeks, I was hesitant to commit myself to something too big, but still wanted a good goal. I had long been wanting to enroll in the eLearnSecurity Pro Pentesting Course, but for some reason I could never justify the cost. What I mean is that under threat of a new version, the obscurity and lack of credibility of the certification, and the fear that the course delivers less than it advertises, I am skeptical to invest in that course. Nevertheless, it still remains something I would like to try.

On the other hand, the CISSP still remains the defacto gold medal for Security professionals. Although not Penetration Testing focused, it is the top dog of the DoD 8570 and packs lots of credibility. The CISSP is no simple task, and (from what I have seen) yields an 80% failure rate. However, seeing as my past certification history has always resulted well due to good study, I believe I could do it.

So for those reasons I have decided to work for the CISSP rather than the eLearnSecurity course (eCPPT). If you think i am making a mistake in that choice, please share with me your comments.

So how do I prepare?

After much studying and researching, I figured out that my best choice for prep material would stem from 2 books.

  1. Official (ISC)2 Guide to the CISSP CBK, 2nd Edition by (ISC)2 Press)
  2. CISSP All-In-One Exam Guide 5th Edition by Shon Harris

These seem to be the best books to use. I will also use the Shon Harris exam mentor CBT, as well as the site and practice exams.

Spending at least 5-10 hours a week, I am wondering how soon I will be prepared. Earliest I could take the exam is November 20th, but more than likely Ill end up taking it in January (the exams are live, proctored exams that are scheduled in different regions at different times).

I think I might try to follow the outline of this fellows study plan.

If anyone has taken the CISSP or is preparing for it, please contact me. I would love to compare and discuss study helps and such!

One Response to “CISSP Study Plan”

  1. Good article. As someone who is taking elearnsecurity’s PTP course, I’d like to note several flaws with the course offering.

    + The course content needs an overhaul. Big time. The content mainly consists of flash cards, yup flash cards. Nothing to take back from the course. Secondly, many concepts are poorly elucidated. Nobody thought to use spell check? For $600+ it better be ready for prime time! It’s dreadful. Don’t bother unless version 2 is up. Period.
    + Nobody is around to help you. The forums are quiet, save for the odd post here and there saying “like what I can do”. Not helpful. At all. The guy who runs the course doesn’t bother to show up much at all in the forums… so you can’t even try and pick his brain.
    + Cost. At first glance, I thought it was a steal provided I had a shot at a cert and was receiving training that was promoted as “highly advanced” and hailed as a “CEH killer”. I gotta say, I didn’t get that vibe. I feel like I overpaid for a shit load of flash cards. Again, flash cards you can’t even download and use later.
    + Course claims to cover pen-testing report writing. I have yet to see that. Honestly. I found a PDF covering some sparse topics, such as a diagram-making tools. I couldn’t help but ask “this is all there is”?

    So there’s my 2 cents on elearnsecurity’s offering. I give it 1.5 stars out of 5. I think I’m done with online courses for awhile.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: