The Din of Dissonance: My CISSP Preparation

Created in March 10, 2026

2026   ·   certification   cissp   study   career   ·   certification   career


Link

  • Coming Soon!


The Reasoning

The CISSP is arguably the most recognizable certification in cybersecurity industry. This means that it could mark a significant milestone for your career. It shows up frequently in job descriptions, passes ATS filters easily, and signals a experience and managerial mindset that organizations are keen to find. It is such a HR-friendly certification that people outside of cybersecurity and give the nod of acknowledgement at the achievement. For people considering, the management track, the CISSP can be an expectaction validating you from base grunt to CISO. For me, the ATS filter benefit was enough for me. You can’t break things if you can’t get in the door. So, of course, I had to try.


The Situation

“A mile wide and an inch deep.” This is what Claude AI said to me when I asked how to prepare for the CISSP. That ended up with a 1100 page book about all of the minutiae that you never thought you could possible need to know. Seriously, there was a section on which type of fire extinguisher to use on what type of fire. And I am pretty sure there were two different sections confirming that fire is, in fact, hot. Checkmate! Tongue-in-cheek sarcasm aside knowing a mile wide is important when you site at the top because how else will you know what policies and play books to implement. And it was largely actually cybersecurity. The parts that I have read.


The Wall

So, as you can imagine, someone task oriented, with approaching triple digit boxes, two hands-on certs opening to my brand new book to chapter 1 and seeing the CIA triad. I think I read like five page before closing it to moving on to something else. In happy denial, a couple of pages/sections at a time. Plugging away. But the denial broke when I got to the buffer overflow section. You might have noticed, if you have been to other parts of this website, that I have a fondness for buffer overflows. But this section had like a paragraph and didn’t even mention registers. This is when the facade started to break and the distractions started to creep in.


Distractions

Ok. One more YouTube video then I will get back to studying. I think there was a super important article for work I had to read for work (spoiler: there wasn’t). Oh, and definitely have to clean the kitchen right now. You will be absolutely shocked by the amount of surprise responsibilities appear every single time I try and read. And they, of course, have to be remedied immediately. Who else will be the mighty purveyor of random YouTube videos if not for me? Had to be done. But luckily, these opportunities lead me to discover something one of the LLMs call ‘Productive Procrastination.’


Productive Procrastination

That is filling your time with useful procrastination so you don’t feel bad about doing the thing that you are supposed to be doing. During this study period I took double-digit boxes/Sherlocks (hint: which you can read about in the boxes section). I took an introductory course on AI because AI is the next, big thing. The funny things we do. I created a ‘rogue-like game’ with the practice questions. This is where I would open a review set, and if I got one wrong would have to restart the set. And just kept doing run. Maybe learning. Just to give you an idea of how bad, I sat for an entirely different certification (HTB CDSA) exam. While studying for one exam, sat for an entirely different cert. And my favorite productive procrastination technique? Wrote a blog post to whinge about not being able to focus on my studying.


Keeping Focused

So, what do you do? You are clearly a techie trying to do a normie exam. You have to keep the prize at the end of the rope in sight. You see, that first paragraph where I hyped up the CISSP, that was just reminding me what I am doing this for. The same thing we all do these certs for. The chance at something better. To end the journey better than when we started. Even if just marginally. Better job, promotion, or just to feel good about ourselves for accomplishing something. It is all valid.


Lessons Learned

What did I learn? Besides fire extinguishers? Well, I think the past tense is a bit of a misnomer. I am never not learning. Using the means to an end methodology, I am now at 13/21 chapters read, HTB CDSA exam submitted, portfolio update, and most importantly hopeful about the future. Because after I hit publish I will go back to reading. And when I am done, schedule the exam. When I finally pass, I will know I have one of the most recognized certs in the industry and feel good about myself. For about 15 minutes. Then, I start the next cert and it all starts over again.


Reflections

My biggest takeaway: remember the benefits you are hoping to gain. People take the CISSP for all kinds of reasons: management track, new job, promotion. Which sound fantastic until you see a 1100-1200 page book of definitions, frameworks, and methodologies (No labs). When the mind starts to wander to HTB, recenter and remember what you hope to gain from the short-term suffer. And Try Harder.

The best advice for people struggling on their studies:

Remember the benefits you are hoping to gain; it is a means to an end.


Similar Content:

  • Coming Soon!

I appreciate giving my post a read. If you are facing the same struggle, I’d love to hear what you have to say.