Study Plan
CISSP 6-Month Study Plan
CISSP (Certified Information Systems Security Professional)
24 weeks12 hrs/week
Domains 1-2
Weeks 1-5Security & Risk Management, Asset Security
- Read OSG chapters on risk management frameworks
- Understand CIA triad and security governance
- Study data classification and handling
- Complete domain practice questions
Domains 3-4
Weeks 6-10Security Architecture, Communication & Network
- Deep dive into security models (Bell-LaPadula, Biba)
- Master cryptography concepts and algorithms
- Study OSI model and network security
- Learn secure network architectures
Domains 5-6
Weeks 11-15IAM, Security Assessment
- Study authentication and access control models
- Learn penetration testing methodology
- Understand vulnerability assessments
- Master audit and logging concepts
Domains 7-8
Weeks 16-20Security Operations, Software Security
- Study incident response and disaster recovery
- Learn BCP/DRP planning and testing
- Understand SDLC security integration
- Study software vulnerabilities (OWASP Top 10)
Final Review
Weeks 21-24Integration and practice
- Take full-length practice exams weekly
- Review all 8 domains holistically
- Focus on 'think like a manager' mindset
- Practice CAT-format questions
Recommended Resources
Books
- • Official (ISC)2 Study Guide (OSG)
- • 11th Hour CISSP
- • CISSP All-in-One (Shon Harris)
Practice Tests
- • Boson
- • Official ISC2 Practice Tests
- • Destination Certification MindMaps
Video Courses
- • Thor Teaches
- • Destination Certification
- • Kelly Handerhan (Cybrary)
Pro Tips
- 1.Think like a security manager, not a technician
- 2.Understand concepts over memorization
- 3.The exam tests your ability to make decisions
- 4.Practice explaining concepts to non-technical people
Ready to start studying?
Get the complete guide with tips, resources, and FAQs.
View CISSP (Certified Information Systems Security Professional) Guide