I put off this certification for years because it isn't that technical and I thought it was going to be boring. I also thought it was just about reading a book and taking an exam; I was wrong. The first mistake I made with this certification in the beginning was that I underestimated the amount of information there was to know. Even if you have worked in the common bodies of knowledge you still have to go through the CISSP's version and terminologies or you wont be ready for the exam.
The biggest piece of advice I can give for the exam is to focus on CONCEPTS. You really need to understand why things are the way they are in the CBK. I went through about 4000 practice questions on cccure.com but only about 5% of them were like the questions on the exam. I also used all the Shon Harris exam questions that came with the 4th edition of her book. But again, the questions were different on the exam. However, these are great tools to practice what you know. Instead of just memorizing answers, make sure you know WHY the answer is correct. I promise you, this is the best advice I can give.
Use multiple sources of information to study. I read this somewhere else but didn't really start utilizing this strategy until about half way through my studying. The reason this helps is because your brain will process the concepts in two different voices which actually helped me remember things during the exam.
My Study Strategy and Lessons Learned
Here are the resources I used to study:
- The official ISC2 CISSP Guide
- Shon Harris All in One 4th ed (there is a newer version now)
- CISSP Study Guide
- cccure.com practice tests.
I hated this entire process and the exam was hard but the worst part was probably waiting for your results. I got mine about 4 weeks after I took the exam. This was torture! I do think there is value in the content and I did learn a lot, more than I expected ;)
I hope this helps!