CISSP is a globally recognized certification in the field of IT Security with strict requirements including a 75% ratio of correct questions. With official adoption by the U.S. Department of Defense in their DoDD 8570 certification and ANSI ISO/IEC accreditation, the CISSP designation represents a valuable certification that can help you to get or keep a job in IT or IS.
With over 93,000 people certified in 149 countries, the CISSP is a global standard and sometimes required for a job position. If you are considering earning your CISSP designation, the following can help you on your path to certification.
What is the CISSP?
The CISSP certificate or Certified Information Systems Security Professional is an accredited certification that tells potential employees that you are qualified to work in a range of IT and IS fields, with fields including security consultants and managers, IT directors, analysts, systems engineers, and more.
With testing for 8 domains and 250 questions, the test is extensive and requires a lot of study. However, it is the first ANSI ISO/IEC accredited information security exam, which makes it highly desirable in many IT and IS job openings, especially for the U.S. government, which uses the CISSP for its certification standards.
If you are wondering how to get the CISSP certification, you can use the following guidelines. CISSP requirements include five years of work experience or four years of work experience and a four-year or higher degree in a related field. You also have to score 700 or higher with a maximum of a 1000 score. With 250 questions including 20 non-scoring statistical questions, this averages to a requirement of about 75% correct answers.
Once you pass the test, you have nine months to complete the rest of the application, which includes getting an endorsement from an (ISC)² member, completing the Application Endorsement form and subscribe to the code of ethics. You also have to renew your CISSP every three years with 40 CPE continuing education credits per year or a total of 120 in three years.
The CISSP costs $549 if you register in advance for the full six-hour exam. Rescheduling costs $50 and cancelling costs $100. You can also choose to apply for the CITREP grant to get help with funding. Depending on where you take your test, you may have to pay an additional $50 processing fee when submitting your application. You also have to pay an annual $85 CISSP maintenance fee. These costs do not include the cost of studying or CISSP books, which do not come with the exam.
Studying For the CISSP Exam
It is important to study for the CISSP exam, even if you are already experienced in your field. The (ISC)² offers some gratuitous training materials, but the majority of options are not free. CISSP training options include offerings from (ISC)² as well as accredited third party instructors and prep courses.
CISSP books are available with practice questions, practice exams and answer breakdown. The Official (ISC)² Guide to the CISSP is available in hardcover and as an eBook for easy self-study access. You can also download a practice test app, which charges for each short practice test of 25 questions.
If you are not good with self-study, then a third party CISSP prep course is another option. These usually include CISSP books, practice exams, quiz banks, and sometimes instructor or tutor assistance. The (ISC)² offers several e-learning opportunities as well, including the ‘Entire E-Learning Course’ for $599 or individual course modules for $99 each, which you can choose based on whether you have to brush up on one domain or all of them.
There are 17 official CISSP training providers in the U.S. as well as multiple third party providers with more in-depth e-learning and tutor courses. CISSP practice questions are available from the official (ISC)² app and guidebook or via third party apps. You can also download some practice questions and exams for free from the (ISC)² website.
Taking the CISSP Exam
The CISSP exam includes 250 questions taken in a maximum of 6 hours. You study based around eight domains including:
- Security and Risk Management
- Asset Security
- Security of Engineering
- Communication and Network Security
- Identity and Access Management
- Security Operations
- Software Development Security
- Security Assessment
Each domain is divided up into multiple modules with specific focuses, allowing you to answer everything in a specific area at once. Most questions are multiple choice, but you may also be asked to answer written questions depending on where you choose to take the exam. While there are 250 questions, only 230 of them are graded, and the remaining 20 are statistical, but you have to get all of them correct in order to achieve a perfect 1000 score.
In most cases, your test results are handed out during the checkout process, immediately after you finish the exam. However, if instant results are not available, then you will receive them via mail within a maximum of eight weeks.
Once you receive your test results, you can fill out the CISSP Application Endorsement with proof of employment and education, your test scores, and an endorsement from an (ISC)² member. Should you fail the exam, you can pay to retake it again within 30 days, for a maximum of three tests within a one-year period.
CISSP Jobs and Opportunities
CISSP designated individuals qualify for a number of jobs including security consultants, security managers, IT directors and managers, security auditors, security architects, security analysts, security systems engineers, chief information security officers, directors of security, network architects, and more. Because the available jobs greatly vary for CISSP designations, salary levels vary quite a bit as well, but typically range from $60,000-$120,000 per year.
The CISSP is a respected and widely recognized certification and having one can help you to further your career in IT or IS, no matter what position you are pursuing. Studying and preparing yourself for the exam is important for ensuring that you pass with the highest possible score. Get more CISSP and cyber security jobs information here.