Certified Information Systems Security Professional

CISSP (Certified Information Systems Security Professional)

The CISSP certification is an advanced-level credential that validates the knowledge and skills of information security professionals.

Focus

The Certified Information Systems Security Professional certification focuses on CompTIA Security+ is not a similar certification, CISSP is a highly advanced exam for information security professionals with at least 5 years of experience in the field.

Exam Duration

The Certified Information Systems Security Professional exam duration is 3 hours

Num of Question

The exam contains a total of 262

Exam Fee

The exam fee is $699.

Exam Validity

The CCRN-Pediatric certification is valid for 3 years.

Prior Certification

• The CISSP certification is an entry point to the CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP, and CISSP-EC-C council, but the CISM and CRISC are not similar certifications

Exam Format

The Certified Information Systems Security Professional exam is a Proctored computer-based exam

Passing Conditions

To pass Certified Information Systems Security Professional exam, applicants must achieve a minimum score of Passing score is the minimum score that exists which varies on the overall performance, about 700 out of 1000 at least on 60 percent

Who Should Take

The CISSP certification is designed for experienced information security professionals who have at least 5 years of full-time work experience in 2 or more of the 8 domains of the CISSP CBK.

• Information Security Consultant
• Chief Information Security Officer (CISO)
• Security Manager
• Security Architect

Prerequisites

5 years of full-time work experience in 2 or more of the 8 domains of the CISSP CBK

Or can substitute with certifications:

• Attend a CISSP review course and obtain a passing score of at least 70%
• Transfer credits from other certifications (such as CISM, CRISC) towards the CISSP certification

Certification Process

• Step 1: Meet the eligibility requirements
• Step 2: Sign up for the CISSP certification
• Step 3: Pass the CISSP exam
• Step 4: Agree to the CISSP Code of Ethics
• Step 5: Maintain your certification

Domains with Weights

• Security and Risk Management (15%): This domain covers the principles of risk management, security governance, and compliance with relevant laws and regulations.
• Asset Security (13%): This domain covers the protection of assets, including data, systems, and infrastructure, from unauthorized access and malicious activity.
• Security Engineering (13%): This domain covers the design and implementation of secure systems, including secure architecture, cryptography, and network security.
• Communications and Network Security (13%): This domain covers the protection of communication and network infrastructure from unauthorized access and malicious activity.
• Identity and Access Management (13%): This domain covers the management of identity and access to systems, networks, and data, including authentication, authorization, and accounting.
• Security Assessment and Testing (11%): This domain covers the process of identifying vulnerabilities and weaknesses in systems and networks, and implementing remediation measures.
• Security Operations (15%): This domain covers the implementation and management of security controls, including incident response, forensic analysis, and change management.
• Software Development Security (12%): This domain is new (published in 2019 CISSP CBK update) and covers the development of secure software including coding and development practices that can improve software security. This implies a shift to a user and business friendly way to develop the applications that the new norm in application are after.