(Part 2) Top products from r/cissp

Try this...

I started with the CISSP Study Guide, Second Edition: Eric Conrad, once I was done with that within 2 weeks, I read 11th hour by the same author. 11th hour was just a review/summary of the study guide so it was just to refresh what was read in CISSP Study Guide, Second Edition: Eric Conrad.
Any time I would get some free time in between while reading the two above mentioned books, if I go for a walk, drive to work or go for a run I would listen to Audio files from Shon Harris (I probably went twice through the entire Audio sessions (you can download here: http://www.mhprofessional.com/sites/CISSPExams/exam.php?id=AccessControl (see MP3 download under each domain) (I downloaded these and stored them on my phone so it was convenient for me to just hit play whenever I had some free time).
I also downloaded a CISSP App on google play that lets you take quizzes and study cards across all the domains (free app, so if you have an android device look for CISSP Flashcards by BH Inc.). I did these when I had some free time here and there.
I decided to get signed up with CCCure (https://www.freepracticetests.org/quiz/index.php?page=register ) for $50 you can take as many quizzes as you want for 6 months. This was well worth the money. I started taking practice exams about 50 questions per day. I selected (Study Mode, Hard, Closely related). I would do the 50 questions then the ones that I got wrong I would review within the engine as it had explanations.
I also the started reading Shon Harris All-in-One 6th edition (http://www.amazon.com/CISSP-All-One-Guide-Edition/dp/0071781749). Once I read that book (took me few weeks to finish it) (Boring book, but goo material, sometimes to deep, but good amount of information to prepare you for the exam), I installed the testing engine that came with the book called TotalTester, and started doing about 50 questions a day over all domains.
Throughout the day I would do 50 questions from TotalTester, and review the ones that I got wrong, and I would do 50 questions from CCCure, (but now I changed CCCure to Study Mode, PRO, closely related) and sometimes I would select un-attempted questions only, and then I would review the ones that I got wrong. For me was my goal to have 80%+ on the practice exams of 50 questions.
Now it was getting closer to the exam so I picked up AGAIN the CISSP Study guide from Erik Conrad the second edition, and would read a domain for a day or two, then read the summary ONLY from Shon Harris book for that domain (to refresh my memory even more), then take the total tester 50 questions just for that domain and review the questions that I got wrong, I would also do 50 questions on CCCure on that same domain and do the same review the wrong ones. If I was scoring 80-90% then I would move to the next domain and do the same.
Then the weekend before my test I reviewed again the 11th hour from Erik Conrad, and on Saturday I covered 5 domains, on Sunday I covered the next 5 domains to refresh my memory.
I personally though it was very important for me to keep taking practice exams every day so I felt like that every chance I got I would do exams of 50 questions between the two testing engines, sometimes resulting in covering 200+ questions a day. Some started being the same questions but that is I how I learn, by repetition and I would retain a lot that way.
Maybe I over did it and over prepared, but I just wanted to pass the exam…
The day before the exam I still felt unprepared, even thou I was scoring well on the practice exams and after all the material that I have covered. I guess its common human nature. So I tried my best to relax the day before my exam and tried to do something that would get my mind off the exam, go for walk, visit friends, go for coffee, watch a movie, and it is very important to STAY CALM the day before and while taking the exam.
When you get to the testing center, and start the exam, DO NOT RUSH… take your time and review each question carefully. Read all the answer choices for every question, you have 6 hours there…For questions that you are not sure of the answer mark them for review, and review them later once you reach 250th question.
For me the worse feeling was after I finished the exam and when it said to go and get my printout that would say if I passed or not. I felt horrible as I thought I did badly on the exam. The questions were tough and sometimes while you could rule out two answers as a definite NO, there would be two choices that are so close of being right. However, receiving the piece of paper, when I looked at it, it said Congratulations, …you have passed…I was happy to see that.
So remember when answering questions and making your decision on an answer, Human life is always #1. Standards, policies, and regulations always precede everything else. Think as a CEO and not a Sec Admin when it comes to $$$$. Read the question carefully as they will tell you, a System Admin, A security officer, a senior manager, make sure that when you see those in the question you try to think as that person and what would be the best for the company.
Know the formulas for ALE and SLE and study hard the BCP, BIA and DR. I also thought that I needed to know the most in Crypto so I spend a large amount of time covering cryptography as it was one of my weakest domains. I also watched this 90 minute video that kind a helped a bit as well: http://resources.infosecinstitute.com/mini-course/cryptography-cissp-training/

I was going to study for it through the remainder of the year. From what I have read on forums the following holds:

1. The Green Book from (ISC)2
   
   
2. Security Engineering by Ross Anderson
   
   
3. Security Patterns in Practice by Eduardo Fernandez (really good security architecture book in general, not that it will get you through the ISSAP test)
   
   
4. Security Patterns: Integrating Security and Systems Engineering by Markus Schumacher (good overall philosophy of integrating security into systems, again not that it will get you through the ISSAP test)
   
   
5. Anything on Crypto - seems to be a lot of it in the exam
   
   
6. SABSA/SOMF Frameworks
   
   
7. NIST SP 800-30, 48, 64. You might want to skim the draft NIST SP 800-160 as well on security engineering
   
   
8. Re-review your CISSP documents like the Shaun Harris AIO
   
   I passed the ISSEP exam about a month ago (1023 in the US last count) and have not heard back from the folk at (ISC)2 yet - can't put in on my tag line until then. The ISSAP looked interesting given my background in Software Architecture and Design/Systems Engineering. So I will start studying for it in the next 6 months.

Since you have your CISSP, the InfoSec material will be a breeze. If the CISSP is a mile wide and an inch deep, then I'd say the HCISPP is 3/8 of mile wide and a half-inch deep. You'll be fine.

​

For the Healthcare information, I know it touched on things like the healthcare industry, breach timelines, security and privacy regulation, technology specific to healthcare (EHR, EMR, coding, data exchange, etc.).

​

Looking through my notes, I see that I actually read this as well: https://www.amazon.com/Healthcare-Information-Security-Privacy-Murphy/dp/0071831797

The info is good but it is a pricey and painful read. Most may find the juice isn't worth the squeeze on this. It is a great sleep aid though. The paperback volumes together is around 9 pounds.

https://www.amazon.com/Computer-Security-Handbook-Seymour-Bosworth/dp/1118127064

I plan on taking mine in a week, a friend of mine who passed his suggested this book to me.
http://www.amazon.com/Fundamentals-Information-Systems-Security-Assurance/dp/1284031624

CCSP (ISC)2 Certified Cloud Security Professional Official Study Guide https://www.amazon.com/dp/1119277418/ref=cm_sw_r_cp_api_PovaCbDMHRFK2

This book? CISM Certified Information Security Manager All-in-One Exam Guide https://www.amazon.com/dp/1260027031/ref=cm_sw_r_cp_apa_i_F9FQCbP43DSF6

I agree - this is one course where going into it with no preparatory reading will leave you scratching your head throughout the tutorial period. The course is so broad that it's better to use the tutorial time to ask clarification questions about material you half-understand than to expect to be taught the material from scratch.

If you've been given the CBK breezeblock in advance, read it (or at least skim the lot).

If you haven't, then invest in a study guide. I love the Sybex one. YMMV.

But don't go in cold. You will regret it.

I used the Shon Harris Practice Exams

https://www.amazon.com/dp/1119278635

For "Shon Harris Q n A" are you referring to on online practice exam or the book "CISSP Practice Exams, Fourth Edition" by Shon Harris?

https://www.amazon.com/CISSP-Practice-Exams-Fourth-Harris/dp/1259585964

Let's talk about your books then: The Official (ISC)2 Guide to the CISSP CBK, Fourth Edition is a mess, and has poor reviews on Amazon. Are there any plans on publishing a revised version to address the issues mentioned here?