📖 Introduction

I passed the CISSP exam on February 20, 2025!

This post summarizes how I, a fresh graduate with no security experience, studied for and passed the CISSP exam.

When I was preparing, I relied on many study experiences shared online. However, no one followed exactly the same method I used, so I hope my story will help someone out there.

Intended Audience

  • Anyone preparing for the CISSP exam
  • People thinking they need more work experience before attempting CISSP

⚠️ Disclaimer:

This article doesn’t guarantee passing the exam — it’s just my personal journey!

🔍 What is CISSP?

CISSP stands for Certified Information Systems Security Professional, a globally recognized cybersecurity certification offered by ISC2.

CISSP certifies professionals who deeply understand the "ISC2 CISSP CBK" (Common Body of Knowledge) — often called the "common language of security."

More official details: ISC2 Japan (Japanese site)

👤 About Me

Item Details
Occupation 1st-year fresh graduate (Security Technical Pre-sales)
Academic Background Mechanical Engineering major (researched human tongue movement in medical engineering)
Other Exams Failed the Japanese Applied Information Technology Engineer Exam (IPA) in Fall 2024 (Score: 55%)

📝 Note:

The "Applied Information Technology Engineer Exam" is a nationally recognized IT exam in Japan that tests intermediate to advanced knowledge across IT fields.

Failing it before taking CISSP was a major blow to my confidence!

⏰ Study Timeline & Materials

Timeline & Study Hours

Item Details
Study Period 3 months
Total Study Time ~157.5 hours (avg. ~1 hour 45 min per day)
Study Coverage 3 rounds of official domain questions + 2 rounds of mock exams + reading two supplementary books

📚 Materials Used

🛠️ 1. Official Practice Questions (Kindle Edition)

Main resource for familiarizing myself with CISSP question formats.

Almost every successful study story I found mentioned this book. (Essential!)

👉 Official Practice Book (Amazon)

🛠️ 2. CISSP Study Notes (Japanese Resource)

A comprehensive free blog that organizes CISSP knowledge.

First place I checked whenever reviewing unknown concepts.

👉 CISSP Notes Blog

📝 Note:

This site is in Japanese, but extremely valuable even if you translate it.

I treated it as: "If it's here and I don't know it, it's my fault."

🛠️ 3. A History of Security Failures (Japanese Book)

A history book explaining why security technologies and organizations emerged.

👉 Book Link (Amazon)

📚 Japanese book — great for naturally absorbing background knowledge about security technologies.

Highly useful for contextualizing the otherwise dry acronyms found in CISSP questions.

🛠️ 4. Introduction to Cryptography - Alice in Secretland (Japanese Book)

Structured explanation of cryptographic basics.

👉 Book Link (Amazon)

📚 Japanese book — an excellent reference for solidifying cryptography fundamentals.

🚀 Study Strategy

Here’s how I structured my learning:

After solving questions:

→ Review via CISSP Notes → Search online → Discuss with Copilot/ChatGPT.

Focus during review:

  • What problem does this tech solve?
  • Where is this tech used daily?
  • Visualize it with image searches.

📋 Step-by-Step Breakdown

Step 1: Take Mock Exam 1

  • Goal: Understand the exam scope and self-assess.
  • Feeling: Total confusion. (Score: 52.67%)

Step 2: Solve All Domain Questions (First Round)

  • Goal: Cover the breadth of the material.
  • Feeling: Blind guessing. Took forever to review unknown terms.

Step 3: Systematic Input via CISSP Study Notes

  • Goal: Organize scattered knowledge into a structured map.
  • Feeling: Like finishing the frame of a messy jigsaw puzzle.

🔥 Tip:

I printed the notes and added my own comments to them — a huge help later!

Step 4: Solve All Domain Questions (Second Round)

  • Goal: Eliminate unknown terms.
  • Feeling: Finally "participating" instead of random guessing.

Step 5: Create a Knowledge Map

  • Goal: Visualize relationships between terms and identify weaknesses.
  • Feeling: Super fun — like playing a giant word association game!

👉 Example:
Knowledge Map

Step 6: Focus on Low-Scoring Domains (Third Round)

  • Goal: Push all domains above 90% accuracy.
  • Feeling: Knowledge connections naturally surfaced during questions.

Step 7: Take Mock Exams 1–4 (First Round)

  • Goal: Find weak areas.
  • Feeling: Still lots of gaps, but could eliminate wrong choices logically.

🔥 Tip:

Always have a reason for choosing each answer — even if it's a wild guess!

Step 8: Take Mock Exams 1–4 (Second Round)

  • Goal: Solidify 90%+ scores and gain confidence.
  • Feeling: Better conceptual grasp — recognizing patterns among options.

📊 Progress Over Time

Domain Score Progress

Domain Score

Mock Exam Scores

Mock Scores

Domain Growth Charts

  • First Round

  • Second Round

  • Third Round

🎯 Exam Day Feelings

  • I guessed the answer mentally before checking choices.
  • It was extremely tough, but I felt I could "fight" with what I had prepared.

📝 Conclusion

  • CISSP is a great opportunity to grasp the big picture of cybersecurity quickly.
  • Even beginners can challenge it — just flipping through a CISSP book is already great learning.
  • Creating a Knowledge Map was my most effective method to pass.