The latest articles on DEV Community by Jesper James (@jesper_james_1786f729787a). https://dev.to/jesper_james_1786f729787a https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3462803%2Ff0519fbc-cefb-45f5-9ca8-4b2b36c8da8c.png https://dev.to/jesper_james_1786f729787a en Jesper James Thu, 28 Aug 2025 05:20:07 +0000 https://dev.to/jesper_james_1786f729787a/how-to-pass-the-cissp-exam-54h2 https://dev.to/jesper_james_1786f729787a/how-to-pass-the-cissp-exam-54h2 <h2> The 9 Steps I Took to Pass the CISSP in 2025 </h2> <ol> <li>Completed Thor Pedersen’s course and went through each domain carefully</li> <li>Took my first Boson ExSim exam and failed</li> <li>Hit a low point - felt stuck and nearly gave up</li> <li>Watched Kelly Handerhan’s CISSP videos on YouTube</li> <li>Created detailed notes for all exam domains to strengthen my knowledge</li> <li>Switched to Cert Empire practice tests and gained real confidence</li> <li>Learned on Reddit that Boson is often tougher than the actual exam</li> <li>Took the real exam the next day </li> <li>Passed on my first attempt! </li> </ol> <h2> Thor Pedersen’s CISSP Course </h2> <p>I started with <a href="https://www.udemy.com/course/cissp/" rel="noopener noreferrer">Thor Pedersen’s CISSP course</a> on Udemy. His pace is steady, and he breaks down all eight domains in a very structured way.</p> <p>The course was well put together, with examples, practice material, and downloadable notes that I found useful for review. It gave me a solid foundation, but I knew practice tests would be the real test of readiness.</p> <p>For beginners in security, <a href="https://www.comptia.org/certifications/security" rel="noopener noreferrer">CompTIA Security+</a> is also a smart starting point before moving up to CISSP.</p> <h2> Took my first Boson ExSim exam and failed </h2> <p>Once I wrapped up Thor’s course, I purchased the Boson ExSim practice exams. They’re known to be challenging and very close to the exam style.</p> <p>On my first try, I scored just over 60%. That was discouraging. I felt like I had prepared well, but clearly there were gaps in my understanding.</p> <p>Instead of quitting, I treated the score as feedback on what I needed to improve.</p> <h2> Hit a low point - almost quit </h2> <p>That poor Boson score really shook me. For a short while, I thought about postponing my CISSP attempt.</p> <p>But I had already invested months of work, and I wasn’t willing to walk away. So I looked for other study resources to rebuild my confidence.</p> <h2> Kelly Handerhan’s CISSP videos on YouTube </h2> <p><a href="https://www.youtube.com/watch?v=9sGgZ3kYbz8" rel="noopener noreferrer">Kelly Handerhan’s CISSP playlist</a> was a turning point for me. Her famous “Why You WILL Pass the CISSP” video is incredibly motivating.</p> <p>She often reminds students: “<strong>Think like a manager, not an engineer.</strong>”</p> <p>That simple advice reshaped how I approached practice questions. It also reminded me of the similar managerial mindset behind <a href="https://www.isaca.org/credentialing/cism" rel="noopener noreferrer">ISACA’s CISM certification</a>.</p> <h2> Created detailed notes for all exam domains </h2> <p>I printed the official <a href="https://www.isc2.org/certifications/cissp" rel="noopener noreferrer">CISSP exam outline</a> from ISC2 and used it as a checklist.</p> <p>I rewrote concepts for each domain by hand — security operations, asset management, cryptography, and others. My desk was full of sticky notes, diagrams, and quick reference sheets.</p> <p>I also summarized key frameworks like NIST and ISO 27001. Writing everything out helped me memorize and also showed me the areas I still needed to revisit.</p> <h2> Switched to Cert Empire practice tests and gained real confidence </h2> <p>This was the game changer. After struggling with Boson, I turned to <a href="https://certempire.com/exam/cissp-pdf-dumps/" rel="noopener noreferrer">Cert Empire’s CISSP practice tests</a>.</p> <p>Here’s why they worked better for me:</p> <ul> <li>The questions felt closer to what the real CISSP exam asks</li> <li>Each explanation broke down the logic clearly</li> <li>The content was aligned with the ISC2 domains</li> </ul> <p>Unlike Boson, which left me feeling defeated, <strong>Cert Empire</strong> boosted my confidence and helped me prepare realistically.</p> <h2> Learned on Reddit that Boson is harder than the actual exam </h2> <p>To double-check my experience, I looked at <a href="https://www.reddit.com/r/CertMage/comments/1l1t0f9/why_cert_mage_is_the_best_exam_dumps_website_in/" rel="noopener noreferrer">Reddit discussions</a>. Many candidates agreed that Boson goes deeper than the exam itself.</p> <p>The consensus was clear: Boson is excellent for drilling knowledge, but CISSP questions are more about leadership decisions and scenario-based thinking. That matched my own experience.</p> <h2> Took the real exam the next day - and passed on my first attempt! 🎉 </h2> <p>With my confidence restored, I booked my test the next day through <a href="https://home.pearsonvue.com/isc2" rel="noopener noreferrer">Pearson VUE</a>.</p> <p>The six-hour exam was intense, but sticking to the “manager’s perspective” strategy helped me answer logically. When I saw “Congratulations,” I knew my preparation had paid off.</p> <p><strong>Tip:</strong> If English isn’t your first language, ISC2 lets you request additional exam time. It’s worth considering if you need that cushion.</p> <h2> Summary </h2> <p>Here’s what made the difference for me:</p> <ul> <li>Thor Pedersen’s CISSP course helped me build a foundation</li> <li>Boson exposed weak areas (but also knocked my confidence)</li> <li>Kelly Handerhan’s CISSP videos shifted my exam mindset</li> <li>Cert Empire’s CISSP practice tests prepared me realistically for exam day</li> </ul> <p>Boson is useful for detailed learning, but <strong>Cert Empire</strong> mirrored the real test much better - and that’s why I cleared CISSP <strong>on my very first attempt in 2025.</strong></p> isc2 cissp cybersecurity security