With a legacy that runs decades, the CISSP certification has earned its place as a requirement for mid to senior information security professionals. This is a much needed certification to unlock the highest paying jobs in the industry. See below for CISSP 2018 Update exam details.
- Number of Questions: 100 questions (150 max)
- Duration: 180 minute duration, a little under 2 minutes to a little over a minute per question, depending on length of exam
- Score Range: 100-1000
- Passing Score: 700 (70%, not including experimental questions)
- Types of Questions:
- Multiple Choice – can have more than one answer
- Ordering – place blocks of text in order
- Matching – match text on left to text on right
- Security and Risk Management 15%
- Asset Security 10%
- Security Architecture and Engineering 13%
- Communication and Network Security 14%
- Identity and Access Management (IAM) 13%
- Security Assessment and Testing 12%
- Security Operations 13%
- Software Development Security 10%
The CISSP was first created in 1994. Since release, over 130,000 professionals have earned their CISSP certification in over 170 different countries.
In June of 2004, the certification was accredited under ISO/IEC 17024:2003. This is the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) standard for personnel certification.
The CISSP is also an approved certification by the Department of Defense (DoD) to satisfy the DoD 8570 and DoD 8140 directives.
Additional History Links
A current overview of (ISC)² CISSP 2018 Update exam.
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and Testing
- Security Operations
- Software Development Security
Additional Official CISSP Exam Resources
- Here’s (ISC)²’s offical CISSP Exam Outline.
- Here’s (ISC)²’s official Acronym Glossary.
- Here’s (ISC)²’s official Term Glossary.
This exam mostly evaluates your comprehension of theories and concepts but you occasionally need to know technical information. Similarly to CompTIA exams, this exam is vendor neutral but specific products may be mentioned.
Unlike CompTIA exams, you must answer questions before moving on since you can’t return to flagged questions. Take your time and read the question thoroughly, as the correct selection may not be the right answer, but best choice out of the 4 listed multiple choice possibilities.
After the Exam
- Requires endorsement from existing CISSP holder in good standing. Visit the Endorsement Application page after getting notified via email that you passed.
- If you’re not sure if you have the required 5 years of experience, check out their Experience Requirements page for more details. You’ll be surprised at everything that can waive a year of experience.
- Requires 40 Continued Professional Education (CPEs) every year after passing exam.
- Annual Maintenance Fee (AMF) start applying right after passing.
- Security Analyst
- Security Auditor
- Security Systems Engineer or Architect
- Network Engineer or Architect
- Security Consultant
- IT and Security Manager
- IT and Security Officer (ISO)
- IT and Security Director
- Chief Information Officer
- Chief Security Officer
- Chief Information Security Officer