Studying for the ISC2 Cyber Certified Exam

Studying for the ISC2 Cyber Certified exam was an intense and rewarding challenge. Despite years of exploring cybersecurity concepts and preparing for various certifications, I had never actually sat for a certification exam—until now. I decided to push myself further by preparing for this certification in just one week to fit around my already busy work and university schedule.

A Week of Focused Preparation

With a week of annual leave from work, I saw this as my best opportunity to dedicate myself entirely to the exam. Each day, I tackled different domains, starting with the fundamentals like the CIA Triad—Confidentiality, Integrity, and Availability—which form the backbone of security principles. Understanding how these principles apply in real-world scenarios, such as the importance of encryption in maintaining confidentiality or how redundancy mitigates availability risks, was crucial.

As I progressed through domains like Network Security and Risk Management, I encountered topics that required extra effort to fully grasp. Studying attack vectors such as ARP poisoning, social engineering, and Denial-of-Service (DoS) attacks gave me deeper insights into the evolving threat landscape. Having previously studied these topics during my degree and even experimented with some of these attack methods in controlled environments, I found it particularly interesting to revisit them from a certification perspective. Additionally, exploring risk management frameworks, including the identification of threats and vulnerabilities, highlighted how organizations balance security against business operations.

The Exam Experience

The exam itself wasn’t overly difficult, but it certainly had its tricky moments. Questions on access control models—such as the differences between Discretionary Access Control (DAC) and Role-Based Access Control (RBAC)—tested my ability to apply theoretical knowledge to practical security scenarios. Fortunately, my deep dive into topics like authentication factors (e.g., something you know, something you have, something you are) and business continuity planning paid off.

One key takeaway from my preparation was the importance of structured study materials. I chose to use a Udemy course to systematically cover most of the domains and reinforced my learning with the official study materials provided by ISC2. Personally, I find that writing handwritten notes first helps me process information better, before later transcribing them into a structured digital study document. This two-step approach not only reinforces what I’ve learned but also allows me to refine and organize my understanding more effectively.

Looking Ahead

Passing the ISC2 Cyber Certified exam feels like a significant milestone in my cybersecurity journey. With this certification under my belt, I’m excited to complement it with my ongoing Cybersecurity degree, which I’ll be completing in September 2025—just under nine months from now. This experience has strengthened my passion for cybersecurity, and I’m eager to see where this path takes me next.