π Introduction
I passed the CISSP exam on February 20, 2025!
This post summarizes how I, a fresh graduate with no security experience, studied for and passed the CISSP exam.
When I was preparing, I relied on many study experiences shared online. However, no one followed exactly the same method I used, so I hope my story will help someone out there.
Intended Audience
- Anyone preparing for the CISSP exam
- People thinking they need more work experience before attempting CISSP
β οΈ Disclaimer:
This article doesnβt guarantee passing the exam β itβs just my personal journey!
π What is CISSP?
CISSP stands for Certified Information Systems Security Professional, a globally recognized cybersecurity certification offered by ISC2.
CISSP certifies professionals who deeply understand the "ISC2 CISSP CBK" (Common Body of Knowledge) β often called the "common language of security."
More official details: ISC2 Japan (Japanese site)
π€ About Me
| Item | Details |
|---|---|
| Occupation | 1st-year fresh graduate (Security Technical Pre-sales) |
| Academic Background | Mechanical Engineering major (researched human tongue movement in medical engineering) |
| Other Exams | Failed the Japanese Applied Information Technology Engineer Exam (IPA) in Fall 2024 (Score: 55%) |
π Note:
The "Applied Information Technology Engineer Exam" is a nationally recognized IT exam in Japan that tests intermediate to advanced knowledge across IT fields.
Failing it before taking CISSP was a major blow to my confidence!
β° Study Timeline & Materials
Timeline & Study Hours
| Item | Details |
|---|---|
| Study Period | 3 months |
| Total Study Time | ~157.5 hours (avg. ~1 hour 45 min per day) |
| Study Coverage | 3 rounds of official domain questions + 2 rounds of mock exams + reading two supplementary books |
π Materials Used
π οΈ 1. Official Practice Questions (Kindle Edition)
Main resource for familiarizing myself with CISSP question formats.
Almost every successful study story I found mentioned this book. (Essential!)
π Official Practice Book (Amazon)
π οΈ 2. CISSP Study Notes (Japanese Resource)
A comprehensive free blog that organizes CISSP knowledge.
First place I checked whenever reviewing unknown concepts.
π CISSP Notes Blog
π Note:
This site is in Japanese, but extremely valuable even if you translate it.
I treated it as: "If it's here and I don't know it, it's my fault."
π οΈ 3. A History of Security Failures (Japanese Book)
A history book explaining why security technologies and organizations emerged.
π Book Link (Amazon)
π Japanese book β great for naturally absorbing background knowledge about security technologies.
Highly useful for contextualizing the otherwise dry acronyms found in CISSP questions.
π οΈ 4. Introduction to Cryptography - Alice in Secretland (Japanese Book)
Structured explanation of cryptographic basics.
π Book Link (Amazon)
π Japanese book β an excellent reference for solidifying cryptography fundamentals.
π Study Strategy
Hereβs how I structured my learning:
After solving questions:
β Review via CISSP Notes β Search online β Discuss with Copilot/ChatGPT.
Focus during review:
- What problem does this tech solve?
- Where is this tech used daily?
- Visualize it with image searches.
π Step-by-Step Breakdown
Step 1: Take Mock Exam 1
- Goal: Understand the exam scope and self-assess.
- Feeling: Total confusion. (Score: 52.67%)
Step 2: Solve All Domain Questions (First Round)
- Goal: Cover the breadth of the material.
- Feeling: Blind guessing. Took forever to review unknown terms.
Step 3: Systematic Input via CISSP Study Notes
- Goal: Organize scattered knowledge into a structured map.
- Feeling: Like finishing the frame of a messy jigsaw puzzle.
π₯ Tip:
I printed the notes and added my own comments to them β a huge help later!
Step 4: Solve All Domain Questions (Second Round)
- Goal: Eliminate unknown terms.
- Feeling: Finally "participating" instead of random guessing.
Step 5: Create a Knowledge Map
- Goal: Visualize relationships between terms and identify weaknesses.
- Feeling: Super fun β like playing a giant word association game!
π Example:
Step 6: Focus on Low-Scoring Domains (Third Round)
- Goal: Push all domains above 90% accuracy.
- Feeling: Knowledge connections naturally surfaced during questions.
Step 7: Take Mock Exams 1β4 (First Round)
- Goal: Find weak areas.
- Feeling: Still lots of gaps, but could eliminate wrong choices logically.
π₯ Tip:
Always have a reason for choosing each answer β even if it's a wild guess!
Step 8: Take Mock Exams 1β4 (Second Round)
- Goal: Solidify 90%+ scores and gain confidence.
- Feeling: Better conceptual grasp β recognizing patterns among options.
π Progress Over Time
Domain Score Progress
Mock Exam Scores
Domain Growth Charts
First Round
Second Round
Third Round
π― Exam Day Feelings
- I guessed the answer mentally before checking choices.
- It was extremely tough, but I felt I could "fight" with what I had prepared.
π Conclusion
- CISSP is a great opportunity to grasp the big picture of cybersecurity quickly.
- Even beginners can challenge it β just flipping through a CISSP book is already great learning.
- Creating a Knowledge Map was my most effective method to pass.
Top comments (1)
CISSP β achieved today! If you're preparing, donβt miss certifiedumps.com β their material really works.