Home » Security Training and Tips » CISSP – All You Need to Know

CISSP – All You Need to Know

CISSP or Certified Information Systems Security Professional is an Information Security certification program administered and managed by the (ISC)² or the International Information Systems Security Certification Consortium. This certification is an essential qualification for Information Security specialists and ensures that certified professionals are fully aware of important Information Security standards and techniques and can apply them in the real world.

CISSP is also one of the very few Information Security certifications approved by the U.S Department of Defense (DoD). It is a mandatory certification for their Information Assurance Management (IAM) and Information Assurance Technical (IAT) personnel.

Certification Areas and Subject Matter

The CISSP certification exam is apt for Information Security professionals with 3 to 5 years of experience in the industry. The exam can be quite laborious and difficult.  The exam lasts for six hours, and the test takers must answer 250 questions. The 250 questions in the examination are divided into four sections. Twenty five questions are experimental and not graded. Once you have completed this certification course and exam, you will have a thorough knowledge of information and computer security.

Most importantly, successfully obtaining the CISSP certification guarantees better job prospects in the computer, information and network security domains.

The CISSP covers ten CBK domains, which are:

  1. Cryptography
  2. Information security ethics, laws, compliance and investigation
  3. Operations security
  4. Environmental or physical security
  5. Disaster recovery and business continuity planning
  6. Network and telecommunications security
  7. Access control methodologies and systems
  8. Security design and architecture
  9. Application, software and systems development security
  10. Information security governance and risk management

This certification is valid only for three years and certified professionals must retake the exam to renew their credentials. However, instead of taking the certification exam again, you can maintain your credentials by taking and submitting CPE or Continuing Professional Education credits. You need to earn and submit at least 20 credits every year and a minimum of 120 credits before the three-year certification period ends to maintain your CISSP certification.

Certification Requirements

Although the CISSP certification is aimed at computer security professionals having 3 to 5 years of experience, they must meet several criteria to obtain the certification:

  • Candidates must answer four questions about their criminal history and background
  • They must accept the CISSP Code of Ethics and must show proof of their professional experience and other certifications.
  • Candidates must have a scaled score of 700 out of a maximum possible 1000 marks on the certification exam.
  • Another CISSP certified professional must endorse the candidate’s qualifications and the fact that the candidate has a good standing in the computer security industry.
  • The candidate must have at least 5 years of work experience as a security professional in two or more of the CISSP CBK domains mentioned above. The work experience requirement can be relaxed by a year if the candidate has a Master’s degree or four-year college degree in Information Security. The same also applies if the candidate has earned other similar Information Security certifications.

To learn more about the CISSP program, contact Ashford Global IT today!

Tags: , , , , ,

About this author:


Mary is a leading trainer in Microsoft® and Business Applications.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.