ระหว่างที่เตรียมตัวสอบ CISSP ได้เห็นคำแนะนำหลายๆ อย่าง จากเหล่า CISSP ที่อยู่ใน Certification Station Discord และ Reddit รู้สึกว่าเป็นแนวคิดที่ดีและน่าสนใจ เลยเอามารวบรวมไว้ เผื่อใครจะเอาข้อที่เข้ากับตัวเองไปปรับใช้ได้ครับ 🙂

1.

For 95% of questions you will know whether you know it or not. If you do answer it and move on. If you do not, read it once more, take your best guess and move on.

The remaining 5% will be ones you feel like you should know but also feel like something is off, or you are forgetting a small part. On these questions, read the question a few times, eliminate the answers you know are wrong and you will either be able to determine the answer, or you can’t. Either way pick the one that feels right and move on.

Finally, you can’t go over or re answer questions, so once you answered and click next, forget about the previous question. Waste no time re thinking old questions you can’t change.

– @Tresharley

2.

Be careful of words like All, Always, Never, and so forth as most things are not absolute and often if you see an absolute it can be a good way to dismiss an answer. But that doesn’t mean it automatically makes it wrong.

– @Tresharley

3.

The single biggest thing that led to my success was framing everything from chapter one to the last of the OSG in terms of risk avoidance, risk transference, risk mitigation, or risk acceptance.

I see a lot of people getting hung up on the technical and small small details. This is undoubtedly important but if you think about the test, specifically the CISSP in terms of risk and can relate almost everything to this in a concise manner you are going to pass this thing.

– @studyingtilldeath

4.

Some practice questions are bad question. You’ll know it when you see it so don’t pay much attention to it.

– @ins0mnicat

5.

You need to identify ONE primary resource - video series, book, boot camp - and build upon it.

For me, reading the OSG cover-to-cover was my foundation; for somebody else, watching Adam’s paid video course was their foundation.

Regardless, you need to pick ONE foundational resource and let it act like the hub of a wheel.

– @Lou_JustLou

6.

You are the middleman. You are not the boss but you aren’t the minion doing the server update.

But you are the person who calls someone in case there is an issue. So you have to be knowledgeable enough to understand and escalate.

– @xyzzy

7.

Think of yourself as a security advisor on a Zoom call and they are asking you 125-175 questions of what to do.

– @Onyx

8.

Remember people, process, technology. In that order.

– @ILoveFaress

9.

Don’t use practice exams to gauge readiness, but instead to help you find topics you need to focus and study on more.

– CS Minion Bot

10.

Preparedness isn’t just knowing the material, it is:

  • Mindset
  • Understanding of written English
  • Getting your mind in control (anxiety etc.)
  • Test taking skills (which encompass the above)

– @DarkHelmet

11.

To be clear, the exam is NOT a memorization exam. You need to know and understand concepts and be able to synthesize and apply them to the majority of questions you’ll see on the exam.

– @Lou_JustLou

12.

The strongest indicator for exam readiness is a change in mindset: boredom, frustration, and desire to see the exam whether pass or fail.

– @Ritvik

13.

Don’t major in minors. If you’re wasting time memorizing key lengths, the inner working of a block cipher, or any other technical details, you’re doing it wrong. Understand the concepts, processes and principles. All the time spent memorizing technical details might help you with a question or two but hinder your studies for the other 123+.

– u/Loud-Towel