DEV Community

Cover image for How to Pass the CISSP Exam
Jesper James
Jesper James

Posted on

How to Pass the CISSP Exam

#cybersecurity #cissp #security #isc2

The 9 Steps I Took to Pass the CISSP in 2025

  1. Completed Thor Pedersen’s course and went through each domain carefully
  2. Took my first Boson ExSim exam and failed
  3. Hit a low point - felt stuck and nearly gave up
  4. Watched Kelly Handerhan’s CISSP videos on YouTube
  5. Created detailed notes for all exam domains to strengthen my knowledge
  6. Switched to Cert Empire practice tests and gained real confidence
  7. Learned on Reddit that Boson is often tougher than the actual exam
  8. Took the real exam the next day
  9. Passed on my first attempt!

Thor Pedersen’s CISSP Course

I started with Thor Pedersen’s CISSP course on Udemy. His pace is steady, and he breaks down all eight domains in a very structured way.

The course was well put together, with examples, practice material, and downloadable notes that I found useful for review. It gave me a solid foundation, but I knew practice tests would be the real test of readiness.

For beginners in security, CompTIA Security+ is also a smart starting point before moving up to CISSP.

Took my first Boson ExSim exam and failed

Once I wrapped up Thor’s course, I purchased the Boson ExSim practice exams. They’re known to be challenging and very close to the exam style.

On my first try, I scored just over 60%. That was discouraging. I felt like I had prepared well, but clearly there were gaps in my understanding.

Instead of quitting, I treated the score as feedback on what I needed to improve.

Hit a low point - almost quit

That poor Boson score really shook me. For a short while, I thought about postponing my CISSP attempt.

But I had already invested months of work, and I wasn’t willing to walk away. So I looked for other study resources to rebuild my confidence.

Kelly Handerhan’s CISSP videos on YouTube

Kelly Handerhan’s CISSP playlist was a turning point for me. Her famous “Why You WILL Pass the CISSP” video is incredibly motivating.

She often reminds students: “Think like a manager, not an engineer.

That simple advice reshaped how I approached practice questions. It also reminded me of the similar managerial mindset behind ISACA’s CISM certification.

Created detailed notes for all exam domains

I printed the official CISSP exam outline from ISC2 and used it as a checklist.

I rewrote concepts for each domain by hand — security operations, asset management, cryptography, and others. My desk was full of sticky notes, diagrams, and quick reference sheets.

I also summarized key frameworks like NIST and ISO 27001. Writing everything out helped me memorize and also showed me the areas I still needed to revisit.

Switched to Cert Empire practice tests and gained real confidence

This was the game changer. After struggling with Boson, I turned to Cert Empire’s CISSP practice tests.

Here’s why they worked better for me:

  • The questions felt closer to what the real CISSP exam asks
  • Each explanation broke down the logic clearly
  • The content was aligned with the ISC2 domains

Unlike Boson, which left me feeling defeated, Cert Empire boosted my confidence and helped me prepare realistically.

Learned on Reddit that Boson is harder than the actual exam

To double-check my experience, I looked at Reddit discussions. Many candidates agreed that Boson goes deeper than the exam itself.

The consensus was clear: Boson is excellent for drilling knowledge, but CISSP questions are more about leadership decisions and scenario-based thinking. That matched my own experience.

Took the real exam the next day - and passed on my first attempt! 🎉

With my confidence restored, I booked my test the next day through Pearson VUE.

The six-hour exam was intense, but sticking to the “manager’s perspective” strategy helped me answer logically. When I saw “Congratulations,” I knew my preparation had paid off.

Tip: If English isn’t your first language, ISC2 lets you request additional exam time. It’s worth considering if you need that cushion.

Summary

Here’s what made the difference for me:

  • Thor Pedersen’s CISSP course helped me build a foundation
  • Boson exposed weak areas (but also knocked my confidence)
  • Kelly Handerhan’s CISSP videos shifted my exam mindset
  • Cert Empire’s CISSP practice tests prepared me realistically for exam day

Boson is useful for detailed learning, but Cert Empire mirrored the real test much better - and that’s why I cleared CISSP on my very first attempt in 2025.

Top comments (1)