Professional development

How to learn and pass your next certification exam

John Bandler
July 21, 2022 by
John Bandler

No matter your prior education, current knowledge or skills, you are here — wherever “here” is. The next question is: Where do you want to go? Where do you want to be in the next six months or year, and what should the “future you” be?

Wherever you are going, it is a good choice to learn and improve yourself — and add a cybersecurity or privacy credential.

You are in charge of your learning

You are in charge of what you learn, however you decide to pursue that knowledge.

Formal education is important but imperfect, and not accessible to all. It can be expensive and time-consuming. Formal degrees are worthy achievements but do not guarantee knowledge or competence. Some even obtain degrees without gaining sufficient knowledge.

I still remember a conversation from over twenty years ago with my friend, a state police sergeant. He had joined the state police before they implemented a college requirement, and his only academic credential was a high school diploma. He was puzzling over the report of a rookie trooper with a four-year college degree and called out to me from the sergeant’s office. 

FREE role-guided training plans

FREE role-guided training plans

Get 12 cybersecurity training plans — one for each of the most common roles requested by employers.

I went over, and he said, “Johnny, you’re a pretty smart and educated guy. Come here and look at this report. I’m just a dumb guy with a high school diploma. This kid has a four-year degree, but his report looks like garbage. Read this and tell me what you think.” Actually, his words were much more colorful.

He was right. The rookie trooper born in the U.S. with a degree could not write English well. The sergeant had no college degree but had the smarts, knowledge and skills, including reading and writing. 

The point is that you can continually improve your skills outside the formal academic environment. You do this with good strategy, reliable information and effort.

Tips to learn more effectively

Learning requires personal effort. Whether in high school or advanced education, merely being present or receiving a degree doesn’t give us knowledge. Our effort does.

If we are reading a book or watching an educational video, merely turning pages or streaming the video does benefit us; it is the effort. We can aid this process with “active learning,” which means we engage and do not zone out or coast on autopilot.

Some concepts, skills, and practices can help us learn better. There are techniques to aid learning and ensure we put in the effort and receive the reward. Here are a few:

  • Find reliable sources and facts.
  • Make sure your brain is engaged. 
  • Set a timer for 20 or 40 minutes and do nothing but focus on studying (reading, watching) until the timer goes off.
  • Have trouble focusing or feeling sleepy? Stand up as you study.
  • Repetition can imprint important facts into your brain. Handwrite them, type them, or repeat them aloud.

More tips are in my video, How to learn, study, and pass an exam within my CIPP/US learning path in Infosec Skills.

Certification exams are a learned skill

Learning for the sake of learning and improving our career prospects is wonderful. But sometimes, we also need to pass a test. You may be contemplating a certification exam.

Test-taking is a learned skill. Never tell yourself that you are a “bad test-taker” as if that is a fixed characteristic that cannot be changed — because you can improve. 

The most important thing is to prepare, study and learn the material so that, when test day comes, you have the knowledge and confidence. My main tips are:

  • Study and prepare.
  • Practice.
  • Read and know the test instructions.
  • Relax the night before and the day of.
  • Be early (even if you are taking the exam at your own desk).
  • During the test, relax, focus and do your best.
  • Keep track of your time so you get to every question.
  • No certification exam (or question) is perfect. You don’t have to get every question right, and don’t stress about baffling questions. 

Everywhere in life, people offer magic solutions for whatever challenges we face, which is also true for certification exam preparation. View these offers with healthy skepticism, and resolve to put in the work to study and learn. Here are some claims accompanied by what you should be thinking.

Claims vs. reality for certification test preparation

Claim What you should think
Passing is guaranteed! Read the fine print on what that guarantee entails. You still need to study!
We have the actual exam questions! We have exam dumps! Never trust anyone who openly advertises they are violating certification ethical rules. It is easier to just study the material!
With our secret, you can pass the exam without studying!

Only a tiny percentage of humans can get by without studying:

  • They are geniuses or have an incredible recall.
  • That's not me, probably not you.
We have the best materials plus secret information!

The certification body of knowledge is publicly available. Certainly, some materials are better than others.

Copyright John Bandler, 2022

Looking to earn a privacy certification? Try my Infosec CIPP/US certification preparation course.

Plan your exam results

Right now, you are planning your future self and exam outcome. Look forward six months to a year, and you could build one of several outcomes:

  1. You took the certification exam but unfortunately did not pass.
  2. You passed the certification exam and now hold a new certification, but you took shortcuts and never learned the material well.
  3. You hold a new certification earned after a hard effort, and you learned the material well.

Let’s choose option 3.


Wherever you are now, you can improve your knowledge and skills, including your ability to learn and take a test.

A year from now, your future self could be the best version of yourself you can build. That version will have additional knowledge and perhaps a certification, too.

Look at my video on Infosec Skills titled How to learn, study and pass an exam, part of my CIPP/US certification learning path. There are many other offerings from Infosec Skills to build your learning on various topics.

John Bandler
John Bandler

John Bandler is a lawyer, consultant, speaker, teacher, and author in the areas of cybersecurity, cybercrime, privacy, investigations, and more. He is the founder of Bandler Law Firm PLLC and Bandler Group LLC, legal and consulting practices that help organizations and individuals with cybersecurity, the prevention and investigation of cybercrime, privacy, legal compliance, and more.

John has expertise in many subjects, holds a number of certifications, and is a prolific writer and speaker. He is the author of Cybersecurity for the Home and Office, a comprehensive guide to understanding and improving information security. His second book is Cybercrime Investigations, an extensive resource regarding the law, technology, process, and skills for the investigation of cybercrime. John has authored many articles on a range of topics, teaches students at the undergraduate, graduate, and law level, and provides training for professionals.

Before entering private practice, John served in government for more than twenty years as a prosecutor, police officer, and military officer. John was hired as an assistant district attorney at the New York County District Attorney’s Office by the legendary Robert M. Morgenthau, where he investigated and prosecuted the full range of offenses including traditional crime, cybercrime, the global trafficking of stolen data, and virtual currency money laundering. Before that, he served for eight years as a state trooper in the New York State Police, assigned to a busy patrol station providing full services to the local community. He also served in the Army Reserves.