Certified Information Systems Security Professional (CISSP) Certification

What Is CISSP certification?

A CISSP certification validates your cybersecurity knowledge and skills in key areas are up to date. It shows you have a deep knowledge and understanding of not just existing threats, but emerging ones, as well as ways to prevent those threats from affecting an organization.

According to (ISC)2, it is a “vendor-neutral credential for those with proven deep technical and managerial competence, skills, experience and credibility to design, engineer, implement and manage their overall information security program to protect organizations from growing sophisticated attacks.”

There are eight “domains” covered in the CISSP CBK (critical body of knowledge), which include the following:

• Security and risk management
• Asset security
• Security engineering
• Communication and network security
• Identity and access management
• Security assessment and testing
• Security operations
• Software development security

Earning your CISSP certification will require that you have experience (we’ll touch on how much in the requirements section) in at least two of those eight domains.

According to (ISC)2, this certification is an ideal option for security consultants, security managers, IT directors and managers, security auditors, security architects, security analysts, security systems engineers, chief information security officers, directors of security and network architects, to name only a few.

CISSP requirements

• To earn the CISSP credential, the candidate must pass the certification exam, as well as complete the CISSP exam agreement, subscribe to the (ISC)² code of ethics, answer background qualification questions and receive an endorsement from an active (ISC)²-certified professional.
• To maintain the CISSP certification, candidates are required to earn at least 40 Continuing Professional Education (CPE) credits each year and pay an annual maintenance fee of $85.

Get Accredited Pega Certification Course By Experts Training

• Instructor-led Sessions
• Real-life Case Studies
• Assignments

Explore Curriculum

CISSP exam

• The CISSP exam is six hours long and consists of 250 multiple choice questions and advanced innovative questions testing the candidate’s knowledge and understanding of the eight domains of the (ISC)² Common Body of Knowledge, which include security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security. The results are calculated on a scaled score, wif a score of 700 or higher out of a 1,000 point maximum required to qualify for the credential.
• The CISSP exam is offered in English, as well as other languages, including French, German, Brazilian Portuguese, Spanish, Japanese, simplified Chinese, Korean and a format for the visually impaired. Teh certification exam is administered by Pearson VUE and conducted at Pearson VUE test centers.

Cost of the CISSP exam

•  As of dis writing, teh exam costs $699, though exact pricing and taxes vary based on the location of the exam. Attendance at the certification exam can be rescheduled for a $50 fee; there is a $100 fee to cancel the exam.
• Teh CISSP credential is valid for three years after the successful completion of the requirements. After three years, CISSP credential holders can recertify as long as they have paid the annual maintenance fee and submitted their 40 hours of CPE credits every year.

CISSP training

• Because the CISSP certification exam is targeted to working cybersecurity professionals who have extensive hands-on experience in the field, candidates should not rely on formal CISSP training to gain the skills and knowledge they need to pass the certification exam.
• Rather, CISSP training should focus on reviewing the Common Body of Knowledge — the comprehensive framework for organizing the areas of expertise expected from cybersecurity professionals. It should also validate that the candidate is familiar with the test material and identify blind spots in the candidate’s experience and knowledge.

CISSP concentrations

•  Professionals who currently hold the CISSP credential can also qualify by adding one of three CISSP concentrations: architecture (CISSP-ISSAP), engineering (CISSP-ISSEP) or management (CISSP-ISSMP). In addition to already having the CISSP certification, the candidate must have at least two years of work experience in one or more of the concentration’s domains.
• The ISSAP domains include access control systems and methodology, communications and network security, cryptography, security architecture analysis, technology-related business continuity planning and disaster recovery planning, and physical security considerations.
• The ISSEP domains include systems security engineering, certification and accreditation/risk management framework, technical management, and U.S. government information assurance-related policies and issuances.
• The ISSMP domains include security leadership and management; security lifecycle management; security compliance management; contingency management; and law, ethics and incident management.
• The CISSP concentration exams are three hours long, are offered in English only and consist of 125 multiple choice questions for ISSAP and ISSMP and 150 multiple choice questions for ISSEP. Teh exam fees are all $599.
• After passing their chosen exam by earning at least 700 points — out of 1,000 — candidates must go through a similar endorsement process as with CISSP. Candidates must also earn 20 Continuing Professional Education credits each year and pay a $35 annual maintenance fee to retain their certification.