Is Passing CISSP Difficult?


Content Written By Henry Dalziel, 2020

TL;DR
We interviewed a bunch of people that can help you out if you’re interested in passing the CISSP first time.

Certifications we’ve asked for advice from professionals that passed them include:

We Asked InfoSec Professionals: Is CISSP Difficult?

70% of respondents so far answered that “Yes”, CISSP is a ‘difficult’ Certification.

Of course, the real answer to this question is: ‘it depends.’

Whether or not you find CISSP hard to pass the first time depends greatly on your experience and ability to learn.

CISSP is a senior IT Security Cert and it does require in-depth knowledge.

Love it or loathe it let’s just agree that HR and Recruiters tend to love this Cybersecurity Certification. Indeed, many recruiters consider CISSP as an essential part of the recruitment process.

To help you we thought we’d contact Cybersecurity Professionals that have taken and passed CISSP what for their thoughts and experience on how they studied for and passed CISSP, and, whether having the designation has helped their career.

Without stating the obvious, CISSP is certainly one of those InfoSec certs that is aimed squarely at Senior Cybersecurity Management.

Dirk Groben | CISSP, CSIRT

Senior Cyber Security Expert

I’ve read books for CISSP examinations. But forget the brain dumping stuff. The exam is about thinking differently. And you need to learn to gain your thoughts straight and understanding all vectors included in the process.


Roberto Contreras | CISSP, CISM, CEH, CISA, CPTE

Cybersecurity Director

A lot of reading and practice.


Xerxes Kiok Kan | CISSP, PIMS, CISM, CRISC, C|HFI

Head of Security & Controls at Anglo-Eastern

This exam will test your knowledge in Information Security Field, it is a Kilometer wide topic and an inch deep. Understand the domain and how it will be implementing real situations rather than theories only or memorization.


David Schwartzberg | CISSP, GIAC GMOB

Technical Solutions Architect at Cisco

Study for at least 3 months prior to sitting. 1 month prior to sitting for the exam answer practice questions daily.


Danny Ha | CISSP, PhD, FCRP, PMP, ITIL

AI Fintech ERM Advisor

I studied CISSP in 2000. There were not many good textbooks that year. I studied all the domains according to the given syllabus from ISC2 and tried very hard to find the related material on the internet including the below textbook. I passed the CISSP in 2000. After starting to conduct CISSP training in 2001, I wrote praise on the endpaper to recommend the book CISSP All-in-One Exam Guide by Shon Harris in 2002. After all these years of teaching until now, I still recommend this textbook. The book could explain security management concepts from basic, linking up to other topics well, and easy to understand. It is the 7th Edition now. I do not have this book, but I think it is fine as well.


Anthony Leece | CISSP, GCIH

Information Security Consultant

I found the study guides to be the most helpful. They distilled the main information points to a more digestible form than the ISC2 CBK book. Practice tests are also helpful, but they can create a situation where not all information is covered, so be sure to read the material that goes along with it.


Leighton Johnson | CISSP

Information Security Consultant

Study the areas you don’t know first, but review all domains.


Kevin Tighe | CISSP, CEH, MCP

Senior System Analyst at Steampunk

Don’t rely on what you know, follow the book and answer the way the test writer wants, even if it is not necessarily best practice in real life.


Richard Starnes | CISSP, ISSA and BCS Fellow

Chief Security Strategist, Capgemini

Go through the CBK and honestly evaluate your strengths and weakness. Study the weaknesses first. The study, Study some more. Take practice exams. Take the ISC2 course if you can. Get a good night’s sleep and pack lunch for the test. Take a break halfway through the exam. Don’t fight the question. Pick the right answer even if you don’t agree with it. Don’t change your answer once you have made it.


Michalis Papachristoforou | CISSP, PECB-CDPO, PRINCE 2

Data Risk Manager

Study hard and obtain hands-on experience on the CISSP domains.


Andreia Goncalves Pinheiro Santos | CISSP, CEH

Senior Cybersecurity Consultant at PwC

Study and study… Make the concepts simple in the mind.


Saad Moten | CISSP, CISA, CISM, CDCS, CDCP, PMP, ITIL

Senior Information Security Manager at Nokia

Passion for the study and take as a challenge.

Henry, "HMFIC"

I'm Henry, the guy behind this site. I fancy myself as a bit of a Cyber Expert Specialist and I've been Growth Hacking since 2002, yep, that long...

4 thoughts on “Is Passing CISSP Difficult?

  1. Very difficult, although I passed at 100 questions I felt like I was failing the whole time. This certification is not for anyone, you really need to have a background to understand many of the core concepts. Make sure you do due diligence looking into the content before you embark in taking on this challenge. Good luck

  2. You’ll never be confident during the exam because the questions are not based on the factual statements in any textbook, even the official ISC2 CISSP CBK textbook. Having said that, understanding as much as you can about each domain will help so reading all the recommended study guides and doing thousands of practice questions will be extremely helpful. Don’t get too hung up on “wrong” answers. When you review your wrong answers, you will need to make an assessment on why you were wrong and if you were wrong because terms were specific to the practice exam study materials or if you didn’t understand the underlying concepts well enough. This in itself is sometimes the biggest challenge. You will never be 100% certain you are acquainted with every term that could be asked on the real exam. You need to be as familiar as you can with as many terms as possible and just as importantly, work on your skills in understanding questions and how you can infer and dissect the questions being asked. This is the number one reason why no one is ever confident if they are dong well during the exam. You just won’t know if you are interpreting the questions correctly and you’ll see some terms you have never seen before but it is possible to decipher their meaning if you have the breadth of knowledge. This is a hard exam. It’s an inch deep but for some two inches or even three inches will help with truly understanding a topic. Passing the exam requires a lot of effort but is quite rewarding at the end of the journey.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Recent Content