04 April, 2023

Ace CISSP Exam Prep with ChatGPT: Your AI Study Buddy

Ace CISSP Exam Prep with ChatGPT: Your AI Study Buddy
Jason Gillam
Author: Jason Gillam

Are you preparing for the CISSP exam or any other exam that requires a deep understanding of various topics in your field? Well, buckle up, dear InfoSec enthusiasts, because today, we are going to explore how ChatGPT, a large language model based on the GPT-4 architecture, can be your new best friend for exam prep.

We've all heard the exaggerated tales of AI's dark side - students cheating on homework (as if they didn't do that before AI), AI-generated confusion (as if humans never get confused), and the occasional false statement (gasp, an AI that isn't perfect?). But here's a plot twist: let's focus on the positive and uncover how ChatGPT can be a fantastic study aid for those of us looking to boost our knowledge while having a bit of nerdy fun.

GPT-4: The Master of Adaptive Conversations

While both GPT-3 and GPT-4 can generate multiple-choice practice questions, I found that GPT-4 takes it a step further. With its ability to lead adaptive conversational assessments using open-ended questions, GPT-4 acts like a tutor-on-demand, focusing on specific areas you need help (as long as you ask it to). This is a boon for those who are studying for the CISSP exam, which is itself an adaptive test.

Crafting the Perfect Query

To get the most out of your ChatGPT study session, you'll want to craft a prompt that encourages adaptive questioning. For example, here's a prompt that I tested with GPT-4 and got fantastic results:

I'm studying for the CISSP exam, and was wondering if you could quiz me on one of the chapters, using adaptive questions. Chapter 5 is about protecting security assets, which covers concepts like PII, understanding how to manage sensitive data, three data states, DLP, data roles, understanding data retention, CASB, tokenization, anonymization, security baselines, and related topics.


This type of prompt sets the stage for an engaging and interactive learning experience. Just make sure you provide enough context and specify the topics you want to focus on. Let's take a look at some of the conversation that resulted from this prompt:

Question 1: What does PII stand for and why is it important to protect it?
Personally Identifiable Information, it's important to protect because it is considered sensitive and can be used by attackers for identity theft related crimes.
That's correct! Now let's move on to the next question.
Question 2: Name the three states of data and provide a brief description of each.

------------------------------ < snip > ----------------------------

Question 4: What are the four primary data roles in an organization and their respective responsibilities?
Data Owner: ultimately responsible for the data
Data Custodian: responsible for maintenance of the data, such as ensuring backups and encryption
Asset Owners: develop and maintain the security plan related to the data
Data processor: processes data on behalf of a 3rd party
You've got most of them correct. There's a small mistake, though. Here are the correct primary data roles:

Data Owner: ultimately responsible for the data and its classification.
Data Custodian: responsible for maintaining the data, such as ensuring backups and encryption.
Data User: individuals who access and use the data as part of their job functions.
Data Processor: processes data on behalf of a 3rd party, often an external organization.


I included one example where I answered correctly and a second one where I answered almost correctly to demonstrate how ChatGPT handled different types of responses to its questions. It is important to note that ChatGPT is not referencing the official study guide, so sometimes its answers may not match exactly with the material you need to learn, but it still does a relatively good job of assessing how well you understand a topic. If you want to get a sense for how well you are answering the questions, at any time you need only ask a question like: "how would you rate my knowledge of this topic so far, on a scale of 1-100?"

What to Do and What NOT to Do

Here's a list of advice for crafting the perfect query:

  • Provide context and background information
  • Specify the topics you want to focus on
  • Ask for adaptive questions or conversation

  • Use vague or overly broad queries
  • Leave out important details about the subject matter
  • Rely solely on ChatGPT for your study materials


ChatGPT as a Complementary Study Tool

While ChatGPT can be an invaluable resource for deepening your understanding of various topics, it's important to remember that it doesn't replace other study tools. Make sure to incorporate a diverse range of resources into your study routine, such as reading textbooks, using cue cards, taking practice quizzes, and [joining a mentorship program](CISSP Class). Combining these traditional methods with the adaptive conversational power of ChatGPT will provide you with a well-rounded and effective learning experience.


The Cost of AI Brilliance

Before you get too excited, there's a catch: to access GPT-4, you'll need a ChatGPT Plus subscription, which costs $20/month. However, considering the value of a personalized, adaptive tutor, it might just be worth the investment.



In a world where AI often gets a bad rap, let's take a moment to appreciate the incredible study tool that is ChatGPT. With GPT-4, you have an adaptive, conversational tutor at your fingertips, ready to help you conquer the CISSP exam or any other subject you're studying. So go on, dear InfoSec warriors, and give ChatGPT a try. It's time to level up your study game with a dash of AI magic and enjoy a learning experience tailored just for you.

Join the professionally evil newsletter

Related Resources