My CISSP Journey

Dhruv | Sep 8, 2023

Why CISSP?

My decision to pursue the CISSP certification was a strategic move aimed at advancing my career as an Infrastructure Security Engineer. Working predominantly with AWS and GCP cloud platforms, and utilizing DevOps tools like Terraform and GitLab, I have developed a technical skillset that is crucial for securing digital infrastructure. However, I recognized the need to supplement these skills with a globally acknowledged standard in cybersecurity to better position myself as an authority in the field.

The CISSP certification offers more than just a badge of competence; it provides a holistic understanding of information security, which is critical in today’s fast-paced technological advancements. With the increasing complexity and frequency of cyber threats, staying ahead of the curve is imperative. I saw the CISSP as a pathway to deepen my understanding of security governance, risk management, and advanced threat mitigation techniques, thereby allowing me to bring more strategic value to my role.

One of the key factors that drove me towards this certification was the opportunity for professional growth. The industry recognition that comes with CISSP often translates into better job prospects, career advancement, and even improved compensation packages. This certification not only solidifies my current skill set but also prepares me for higher-level responsibilities that require a nuanced understanding of information security at an organizational level.

Studying for CISSP

The CISSP’s reputation for being a comprehensive and rigorous exam meant that I couldn’t afford to specialize only in areas where I felt most comfortable. The breadth of topics was immense, covering multiple domains in the field of information security. This was a stark departure from the more focused certifications I had pursued earlier. Each study session felt like an enormous undertaking, as I was fully aware that failing to achieve this certification could be a setback not just for my self-esteem, but for my professional growth as well.

Destination Certification to the rescue

I studied using Destination Certification but I am not affiliated to them and just giving an honest review about my experience of CISSP and my course.

I scourged r/cissp day in and day out regarding how to prepare where i found about Destination Certification. Their reviews were good enough for me to take their course. I booked an exam date with 2 months time and purchased the course. I nearly spent 2-3 hours of studying per day for 5-6 weeks. The course was good and planned and made me study in a planned manner. The instructors were good enough and a book and a workbook were also delivered at my place. Writing what I was watching on videos and using book as a supplementary course helped me to remember many things. And their mindmap series are worth mentioning. They are free and on youtube as well. The instructors were awesome and spoke in a clear voice. Overall the content and schedule was good.

The certification costed me around USD 1000. While the content was good, their platform and apps were buggy. They have an awesome flashcards application which seems to get broken on its own a lot and there are some bugs in their platform as well. If you could look past them and focus on the content like I did, you would be prepared for the certification. Their question bank might seems bit less as well as compared to other apps/courses.

Regardless of the problems, the content and guidance was over the top and made me much confident in my preparation.

Minor anxieties

I had some anxieties while I was preparing for the exam because the content was a lot. I kept a good and regular pace of studying. It was more about being consistent and understanding. If one starts cramming all the stuff for CISSP, they are bound to fail. One thing that helped me a lot was sticky notes. I know we all love our gadgets but I bought some sticky notes and whenever I encountered tough things, I wrote them on sticky note and pasted on a wall near me. This way I could revise whenever I look at the wall or just walk in the room. Another part for which I was not sure of was to trust destination certification. I am not saying that they are bad but when everyone is studying using a plethora of materials you start to feel that you might not be doing enough. That happened to me. I was in contact of an instructor (Lou Hablas), and he helped me to understand that there is no need to keep diving into those things. I should focus on their material and that would help me clear it. Although still a little bit unsure, I trusted them and did just that.

Examination Day

The morning of the CISSP exam was a whirlpool of emotions for me. Despite months of preparation, meticulously combing through study materials, and countless practice tests, I woke up feeling an immense sense of anxiety. The gravity of what this certification could mean for my career as an Infrastructure Security Engineer was fully settling in. After all, this wasn’t just any test; it was a comprehensive evaluation of my expertise in information security, something I’ve dedicated years to mastering. As I sat down at the computer to begin the exam, I made a conscious decision to not let anxiety dictate my performance. For each question that stumped me, I reminded myself that it was just one question in a series and that perfection was not the goal. I had prepared to the best of my ability, and all that remained was to trust in that preparation.

I focused on the exam strategy:

  • Think like a CEO
  • Read question thrice
  • Hide the options
  • Focus on what the answer could be

In the end, my exam ended at 125 questions. I got a sheet which mentioned that I have passed the examination. All the months of intensive preparation, the anxieties, the sacrifices, and the relentless hard work had culminated in this victorious moment. I couldn’t help but smile from ear to ear as I collected my belongings and stepped out of the examination room, feeling like a tremendous weight had been lifted off my shoulders.