The Certified Information Systems Security Professional (CISSP) qualification is one of the many elite certifications offered by the International Information Security Certification Consortium or (ISC)². This is one of the most sought-after credentials available today. It is a vendor-neutral qualification that encourages candidates to design, create and deploy security systems and protocols within the organization.
What makes this qualification even more prestigious is that you must have a minimum of five years of cumulative, paid full-time work experience relating to two or more of the eight domains of the (ISC)² CISSP common body of knowledge (CBK). Having a four-year college degree or regional equivalent or another credential approved by the (ISC)² will reduce the required experience by one year. Also, if the candidate does not possess the required experience, he or she may become an associate of (ISC)² by successfully passing the CISSP exam and will then have six years to earn the required experience.
The CISSP exam can be thought of as a tool to measure your ability to mitigate risk and increase security, while performing other IT security-related tasks, such as managing information systems and implementing security procedures. The fact that the CISSP is globally recognized means successful candidates will find ample opportunities regardless of their location.
What is the goal of the CISSP exam?
The goal of the CISSP certification exam is to test your technical skills, professional knowledge and experience in effectively designing, engineering and managing the overall security posture of an organization. The CISSP is the right choice for experienced security practitioners, managers and professionals including chief information security officers, IT directors and managers, security analysts and auditors and security systems engineers.
The exam will take you to the next level in your career by strengthening your skills, boosting your self-confidence and expanding your technical knowledge. The CISSP is DoD 8570.1 approved and is listed in the categories of IAT Level III, IAM Level II, IAM Level III, IASAE I and IASAE II.
CISSP exam schedule, duration and format
Candidates undergo a three-hour English exam consisting of 100 to 150 questions for the computerized adaptive testing (CAT); alternatively, they answer 250 questions in a six-hour testing window if taking the linear, fixed-form test administered in all other languages.
| Exam | Time Allotted | Items | Examination Availability |
|---|---|---|---|
| CISSP (English) | 3 hours | 100 – 150 multiple choice and advanced innovative items | English |
| CISSP (Non-English) | 6 hours | 250 multiple choice and advanced innovative items | French, German, Brazilian Portuguese, Spanish – Modern, Japanese, Simplified Chinese and Korean |
The CISSP exam contains multiple-choice and advanced innovative questions that can take a couple of different forms:
- Drag-and-drop: in this type of question, you need to drag one or more answers from one side of the screen into a box on the other side of the screen. Only drag the correct answer(s).
- Hotspot: questions require you to click on a specific point in a graphic representation, such as a diagram of network architecture. The question will usually ask you to identify where a particular component would be located or where a particular type of attack is likely to originate.
The CISSP examination ensures candidates are competent in the followingeight domains:
- Security and risk management (15%)
- Asset security (10%)
- Security architecture and engineering (13%)
- Communication and network security (13%)
- Identity and access management (13%)
- Security assessment and testing (12%)
- Security operations (13%)
- Software development security (11%)
To obtain view all of the exam objectives, you can view and download the CISSP exam outline.
When to schedule your exam
Scheduling will depend entirely on your level of preparedness for the CISSP exam. Give yourself time to study and complete as many practice questions as possible before taking the test. Make sure to use official, certified study materials to gain a thorough understanding of each topic covered, or take acertification preparation course from the many available online for this certification, choosing one that best fits your schedule, needs and learning style.
When you are ready, you’ll need to schedule your exam through the Pearson VUE website to confirm availability near you. Register for the exam by creating an account with Pearson VUE, and you’ll be presented with testing center and date options.
Booking and taking the exam
To book the exam, follow these easy steps to make sure you satisfy all of the requirements:
- Visit the Pearson VUE website
- Create an account and review the non-disclosure
- Select the (ISC)² certification exam you are pursuing
- Schedule your exam
- Select the best test center for your location
- Select an appointment date/time
- Pay for the exam
- Keep your confirmation email
After you complete the above steps, Pearson VUE will transfer your registration information to (ISC)², Inc. You can also register via telephone; the contact numbers for Pearson VUE can be found here.
What are the identification requirements for testing?
When you arrive at the testing center, you’ll need to provide staff with at least two valid forms of identification. The following ID options are acceptable:
- A valid state-issued driver’s license
- A valid state-issued ID card
- A valid military ID
- A valid passport
- A valid green card or resident card
More information regarding the types of acceptable identification to have on exam day can be found here.
What’s the exam arrival process like?
Plan to arrive at least 30 minutes before your CISSP examination is scheduled to begin. It is a good idea to familiarize yourself with the location of the exam center; make sure you are prepared for traffic and other factors that could affect travel time to the testing center. Arriving early also ensures that any identification issues or queries can be addressed without interfering with your certification attempt.
You will be photographed upon arrival and will have to leave all personal belongings outside of the testing room in a secure area. After you sign in, the test administrator will give you a short orientation and then lead you to your computer terminal.
What are the policies for rescheduling, late arrivals and cancellations?
Online cancellations and rescheduling must be done at least 48 hours before the scheduled examination time. Telephone cancellations and rescheduling must be completed at least 24 hours before the appointment. (Note: Pearson VUE charges a rescheduling fee of $50 and a cancellation fee of $100.) After this point, you must either take the test or forfeit your registration fees. Also, If you do not sit for your exam within 365 days of your initial scheduled exam date, you will not be refunded your exam fee.
If you arrive less than 15 minutes before the exam start time, you will be considered late. You will not be able to take the test and will forfeit your examination fee. Candidates are expected to arrive at least 30 minutes before the exam is set to start. The person overseeing the exam will use his or her discretion when deciding whether or not a candidate may take the exam after arriving late. If you are turned away due to late arrival, your exam result will appear in the system as a no-show.
If you fail the test, when can you retake it?
If you do not pass the exam on your first attempt, you will have to wait 30 days before you can retake the test. If you fail a second time, you will have a 90-day waiting period before you can take the exam again. Failing a third time requires a 180-day waiting period. You cannot attempt this exam more than three times in a calendar year, so you must be thoroughly prepared before booking and taking the test.
Note: failing candidates are provided with a breakdown of their proficiency level in each of the domains based on the percentage of questions answered correctly. Candidates are advised whether they reached below, near or above proficiency; this information is important to know the domains that they need to focus on in their further studies.
What is the cost of taking the CISSP exam?
The rates below are correct as of May 1, 2021, and may be subject to change.
- Americas and all other regions not listed below: $749
- Asia Pacific: $749
- Europe: EUR 665
- United Kingdom: GBP 585
- Middle East: $749
- Africa: $749
Scoring: What does it take to pass the CISSP exam?
The passing standard for the CAT version of the CISSP exam is identical to the old linear version, fixed-form test (consisting of 250 questions in a six-hour examination window that is administered in all other languages); it is 700 out of 1000 points.
For more tips on passing your CISSP exam on your first attempt, download our free ebook, CISSP exam tips from students and instructors.
Preparing and arriving on time for the CISSP exam
The CISSP has been used as a benchmarking tool for cybersecurity experts in the field of information security for years. It is a highly sought-after certification for any IT professionals who are looking to expand their skill sets and grow as security professionals.
The exam requires extensive experience on the part of the test candidate, so sound knowledge and practical hands-on experience are required for anyone who decides to attempt the new CISSP exam.
Sources
- CISSP, (ISC)²
FAQs
What is the passing score for CISSP 2021? ›
Candidates are given three hours to complete the exam. The questions are weighted differently, adding up to 1,000 points. To pass the CISSP exam, you must obtain a minimum passing score of 700. You only receive a score of pass or fail.
How long is the CISSP exam 2021? ›CISSP exam schedule, duration and format
Candidates undergo a three-hour English exam consisting of 100 to 150 questions for the computerized adaptive testing (CAT); alternatively, they answer 250 questions in a six-hour testing window if taking the linear, fixed-form test administered in all other languages.
In the CISSP-CAT format, the student will view a minimum of 100 questions and a maximum of 150 with a three-hour time limit. Of the first 100 questions, only 75 are graded and count towards your score. The 25 ungraded questions are not marked, and are interspersed throughout the first 100 questions.
How many questions do you need to get right to pass CISSP? ›Once you've answered a minimum of 100 questions, the exam will stop if the testing engine is 95% confident that you will either pass or fail the exam. (Technically, you only need to answer 75 “operational” questions to pass the exam, but I'll address that later.)
Can I pass the CISSP in 3 months? ›If you wish to complete your CISSP exam in 3 months, you can go for the Longer Method (3 months or more, 2 hours per day, with a focus on weekends). Just be careful not to skip anything when studying because you might be leaving out the information you'll need to know later.
How many people fail CISSP? ›For anyone looking to earn their CISSP cert and be part of this elite club, there is an obvious reason the CISSP is so valuable: it's a difficult exam. Though the pass rates for the CISSP are not publicly released, it is widely assumed that pass rates are well below 50%.
Is CISSP easy to pass? ›However, before you appear for the examination, you should know the difficulty in passing the exam. To answer the question- how hard is the CISSP exam? It is considerably tough. The course is designed in such a way that it makes sure that the people who crack it are well-suited for this industry.
How do I prepare for CISSP in 30 days? ›Set aside a regular study time.
If you can devote 90 minutes per day over the next 30 days to get through this process, by day 30 you'll have spent 45 hours of study time preparing for the CISSP.
The CISSP or Certified Information Systems Security Professional credential is made up of 150 multiple-choice questions that you must answer in 180 minutes or 3 hours. You need to pay an exam fee of $699 before you can sit for the exam. Candidates also need to achieve 70% or 700 points out of 1000 to clear the exam.
What is the passing score for isc2 CISSP? ›In the case of (ISC)², all raw scores are converted to scaled scores of 0-1000, with the passing scaled score of 700.
How hard is CISSP to pass? ›
70% of respondents so far answered that “Yes”, CISSP is a 'difficult' Certification. Of course, the real answer to this question is: 'it depends. ' Whether or not you find CISSP hard to pass the first time depends greatly on your experience and ability to learn.
How many CISSP are there in the world in 2021? ›CISSP logo
As of January, 2022 there are 152,632 (ISC)² members holding the CISSP certification worldwide. In June 2004, the CISSP designation was accredited under the ANSI ISO/IEC Standard 17024:2003.
Beginning June 1, 2022, the CISSP exam in the Computerized Adaptive Testing (CAT) format will contain 50 pretest (unscored) items, which will increase the minimum and maximum number of items you will need to respond to from 100-150 to 125-175 items during your exam.