CISSP is a globally recognized certification in the field of IT Security with strict requirements including a 75% ratio of correct questions. With official adoption by the U.S. Department of Defense in their DoDD 8570 certification and ANSI ISO/IEC accreditation, the CISSP designation represents a valuable certification that can help you to get or keep a job in IT or IS. With over 93,000 people certified in 149 countries, the CISSP is a global standard and sometimes required for a job position. If you are considering earning your CISSP designation, the following can help you on your path to certification.
What is the CISSP?The CISSP certificate or Certified Information Systems Security Professional is an accredited certification that tells potential employees that you are qualified to work in a range of IT and IS fields, with fields including security consultants and managers, IT directors, analysts, systems engineers, and more. With testing for 8 domains and 250 questions, the test is extensive and requires a lot of study. However, it is the first ANSI ISO/IEC accredited information security exam, which makes it highly desirable in many IT and IS job openings, especially for the U.S. government, which uses the CISSP for its certification standards.
CISSP RequirementsIf you are wondering how to get the CISSP certification, you can use the following guidelines. CISSP requirements include five years of work experience or four years of work experience and a four-year or higher degree in a related field. You also have to score 700 or higher with a maximum of a 1000 score. With 250 questions including 20 non-scoring statistical questions, this averages to a requirement of about 75% correct answers. Once you pass the test, you have nine months to complete the rest of the application, which includes getting an endorsement from an (ISC)² member, completing the Application Endorsement form and subscribe to the code of ethics. You also have to renew your CISSP every three years with 40 CPE continuing education credits per year or a total of 120 in three years.
CISSP CostsThe CISSP costs $549 if you register in advance for the full six-hour exam. Rescheduling costs $50 and cancelling costs $100. You can also choose to apply for the CITREP grant to get help with funding. Depending on where you take your test, you may have to pay an additional $50 processing fee when submitting your application. You also have to pay an annual $85 CISSP maintenance fee. These costs do not include the cost of studying or CISSP books, which do not come with the exam.
Studying For the CISSP ExamIt is important to study for the CISSP exam, even if you are already experienced in your field. The (ISC)² offers some gratuitous training materials, but the majority of options are not free. CISSP training options include offerings from (ISC)² as well as accredited third party instructors and prep courses. CISSP books are available with practice questions, practice exams and answer breakdown. The Official (ISC)² Guide to the CISSP is available in hardcover and as an eBook for easy self-study access. You can also download a practice test app, which charges for each short practice test of 25 questions. If you are not good with self-study, then a third party CISSP prep course is another option. These usually include CISSP books, practice exams, quiz banks, and sometimes instructor or tutor assistance. The (ISC)² offers several e-learning opportunities as well, including the ‘Entire E-Learning Course’ for $599 or individual course modules for $99 each, which you can choose based on whether you have to brush up on one domain or all of them. There are 17 official CISSP training providers in the U.S. as well as multiple third party providers with more in-depth e-learning and tutor courses. CISSP practice questions are available from the official (ISC)² app and guidebook or via third party apps. You can also download some practice questions and exams for free from the (ISC)² website. See the best CISSP online training courses.
Taking the CISSP ExamThe CISSP exam includes 250 questions taken in a maximum of 6 hours. You study based around eight domains including:
- Security and Risk Management
- Asset Security
- Security of Engineering
- Communication and Network Security
- Identity and Access Management
- Security Operations
- Software Development Security
- Security Assessment