You Studied, But Didn’t Pass the CISSP Exam.
Updated September 2021
The CISSP (Certified Information Systems Security Professional) certification from (ISC)² has been one of the most popular and in-demand cybersecurity certifications in the years following its original introduction in 1994. (ISC)² reports active membership of over 160,000 practitioners – with a majority of those being CISSPs.
For anyone looking to earn their CISSP cert and be part of this elite club, there is an obvious reason the CISSP is so valuable: it’s a difficult exam. Though the pass rates for the CISSP are not publicly released, it is widely assumed that pass rates are well below 50%. The CISSP exam is designed to evaluate your deep technical and managerial competence across eight diverse domains. In other words, it’s hard and there is a ton of material. Adding insult to injury, the CISSP content has changed earlier this year, leaving those already in preparation with even more to digest.
Willing and eager hopefuls quickly turn to studying to earn this coveted cert. Unfortunately, evidence shows that not all forms of studying equate to success on any standardized exam, including the CISSP. Don’t make the test harder than it already is; help yourself and avoid these common studying and test-taking pitfalls.
1. You Crammed
Not only is cramming a scientifically proven ineffective study method, but it also doesn’t allow you to retain the information for the long term. The CISSP certification is not just about passing a test. It’s about learning real-world skills that you can apply in your professional career. Studying without learning is missing the point.
Despite the well documented flaws of cramming, the “boot camp” study model is still the predominant method of CISSP test prep. These boot camps attempt to force hundreds of hours of content into just a few days, or a week, of lectures. Squeezing in hundreds of PowerPoint slides leaves little time for your brain to process and help you retain the information. This method isn’t great for your passing odds, poor for your knowledge retention, and often damaging to your wallet.
2. You Studied Aimlessly
Speaking of managing your time well, take time to identify what topics you need to study. Don’t study blindly. Find out what your strengths and weaknesses are so you can develop a real study plan. Even better, take a diagnostic exam (think pre-test) and really figure out where you need to focus your study efforts.
The CISSP exam is often referred to as a “mile wide, but only an inch deep.” When studying, it’s easy to venture into minute, technical details. What the exam really requires is a high-level, managerial perspective. Studying the wrong material is just as harmful as not studying at all.
3. You Hit a Wall
The CISSP exam is a challenging, 125 to 175-question marathon of a test taking up to three hours. The new CAT format can play physiological games with test takers as the questions vary in difficulty based on your previous submissions. “This question seems easy, did I get the last question wrong?” you’ll ask yourself. While you’re confined to a small, poorly-lit, beige testing center, be sure to take mental and physical breaks to make sure you don’t burn out during the exam. Don’t just take a pause from answering questions and look around, actually get up, take a walk, change your scenery, and indulge in a snack and drink. Give both your mind and body a break. After a break your mind is refocused, and you are ready to return to the material with a fresh perspective.
4. You Fell for the Test Maker’s Traps
Here’s the situation: You’ve spent 200+ hours preparing for the CISSP exam, you’ve taken the practice tests, and you’ve worked to memorize key terms. An hour and six minutes into the exam, you get hit with this: “You are designing a server room. What is the ideal percentage of humidity required to prevent damage to electronic equipment?”
You’re not IBM’s Watson so you don’t know the answer. Something like this will happen – and it’s by design. The exam contains material that you will be completely unfamiliar with, despite your hundreds of hours of preparation. Don’t let this frustrate you. Pick an answer choice and move on. Don’t let one question experience affect the others. [That said, the answer is between 40-60% humidity – mostly to avoid the risks associated with static electricity.]
Another trap you’re guaranteed to encounter is the honeypot question. Test makers try to lure you into picking the wrong answer with misleading answer choices. These choices may appeal to your technical background or prey upon your fatigue on test day. Familiarize yourself with common honeypots so you can avoid them.
We Got You
CyberVista’s online CISSP training course is backed by learning science best practices and is designed to address these common pitfalls to help you perform at your best. Our online course has multiple study tools and interactive learning to help you avoid cramming, our diagnostic test creates an efficient and personalized study plan, and our focus on test-taking strategies (including a simulated CAT final exam) will give you an edge on test day. Earning your CISSP certification is a journey. CyberVista is excited to be your partner along the way.