I heard earlier this morning that I finally passed my CISSP. I am going to outline a few of the strategies that I used and followed while studying hoping that it may help someone.
First off, a disclaimer: I DO NOT KNOW ANYTHING MORE ABOUT THE CISSP THAN OTHERS WOULD! IF YOU FOLLOW THESE STRATEGIES THERE IS NO GUARANTEE THAT YOU WILL PASS. THIS IS JUST A RECOUNT OF HOW I STUDIED. NOTHING MORE, NOTHING LESS!!!
I started studying for the CISSP about 4 months in advance. Nothing too heavy about two hours a day and 6 hours on the weekend. During the entire time that I studied for the CISSP, I worked (50-60 hour weeks), ate out, partied, watched movies, etc, i.e. I led a normal life while studying.
First, let me tackle the question asked most often - did I attend an ISC2 seminar? The answer is yes and I found it useful. Not so much from a knowledge standpoint but more so from a strategy standpoint. I am not going to discuss the strategies discussed in the course because that is the 'secret sauce' for ISC2 and I cannot divulge that information. While I believe the course is useful, I also think that you can pass the exam without attending the course. This depends more on the individual themselves.
Arright now for my strategies:
1) The 80/20 rule: There is always a discussion of how deep someone's knowledge about a certain subject should be while studying for the CISSP. I would argue that I spent 80% of my time learning the breadth rather than the depth of a subject. So for ex. if I had choose between understanding the basics of the GLBA versus learning the details of implementations for HIPAA I would choose the former rather than the later.
2) Subject concentrationThough there is no exact indication of the concentration for the CISSP exam, I believe that all the subjects other than 'Law, Investigations and Ethics' and 'Physical security' are more important. I took about half the time I took to study the other topics.
3) Materials: I felt that materials from the ISC2 guide, the Shon Harris book and the Krutz and Wines book were all very important. I spent a significant amount of my time studying at Barnes & Nobles and Borders precisely for this reason. I would also like to say that the Advanced questions at the back of every chapter in the Krutz and Wines book were really good. The questions covered matter that I did not see covered anywhere else. Though I did not see any of those questions on the exam itself, it egged me to study topics not covered in any of the books.
4) The Bible: Ok, so it is not really the bible but the notes from is a condensed version of the Krutz and Wines book and also other references. I found these notes to be a very good resource. I kept reading it over and over and over again.
5) CCCure: This site by Clement Dupius is a good hangout for everyone studying for the CISSP and the message boards have prompt and in-depth, well thought out responses. The question engine also gives you a feel for the type of questions on the real exam.
6) 25 questions: I believe that every huge project can be broken down into a series of smaller equal parts. So I basically broke down the entire question set of 250 questions into 10 sets of 25 questions. I treated each set of 25 questions as an exam itself. This also allowed me to know how I was doing on time and allowed me to take a break pretty much every half hour and fill in the bubbles.
7) Time: Take all the time in the world you want. I left the exam hall after 5 hours and 50 minutes. I was the last one out but I had enough time to take two bathroom breaks(every two hours) and a small water break every half hour. I did not hurry myself into choosing an answer or got tired or tensed up while taking the exam.
That's all that I can think of for now. I hope this helps someone pass their CISSP. Good luck!