The ultimate guide to the CISSP includes everything that you need to know about this premiere cyber security leadership certification. Expand your knowledge, develop your skill set, and lead.

A brief introduction…

Established in the early 1990s, the CISSP (Certified Information Systems Security Professional) qualification has become the most highly regarded, globally recognized security credential among employers worldwide.

Adding to its renown, in May of 2020, the U.K’s National Academic Recognition Information Centre classified the CISSP qualification as a Level 7 award, making it on-par with that of a Master’s degree.

A CISSP certification not only enables individuals to elevate contributions within existing roles, but it also significantly reduces the probability of their applications being cast aside when pursuing new opportunities.

The CISSP certification

Granted by the International Information System Security Certification Consortium (ISC)2, the CISSP qualification is considered a ‘gold standard’ among cyber security professionals and their employers.

The CISSP exam covers a range of topics. It is intended to validate an individual’s expertise in designing, implementing and managing a secure business environment.

Key domains

The CISSP exam addresses eight different domains. Each domain represents a critical area of information security. They are as follows:

1. Security and risk management

2. Asset security

3. Security architecture and engineering

4. Communication and network security

5. Identity and access management (IAM)

6. Security assessment and testing

7. Security operations

8. Software development security


CISSP candidates must have a minimum of five years of cumulative, paid and full-time work experience in two or more of the aforementioned domains.

However, candidates with a four-year college degree or another approved credential may be able to obtain a one-year experience waiver.

Benefits of a CISSP

  • Global recognition. The CISSP is recognized around the world, offering CISOs and their organizations a globally accepted standard for evaluating cyber security competence.
  • Comprehensive domain expertise. The CISSP covers a broad spectrum of security domains. As a result, professionals with this certification will have a comprehensive understanding of the various aspects of information security.
  • Reflects commitment to excellence. The CISSP qualification reflects a commitment to maintaining high cyber security and professional standards.

Preparation time requirements

The amount of time required to prepare for the CISSP exam is tough to predict. There isn’t a single, uniform recommendation.

If you have five years of experience in IT, with exposure to several of the domains that the exam focuses on, three months of studying may be adequate.

Anecdotes from present-day CISOs indicate that some put in as few as three weeks of (intense) studying, while others spent 5-6 months studying (and going through hundreds of practice exam questions).

Preparation strategies

Consider the following approaches when it comes to CISSP exam preparation:

  • Consider enrolling in a reputable CISSP training program that comprehensively covers all eight domains. Expert-led programs offer first-hand insights, detailed explanations of concepts, practice exams and more.
  • Explore official (ISC)2 study materials, practice questions and recommended reference books.
  • CISSP candidates may wish to find means of gaining additional, more expansive practical experience in some of the less familiar domains that the exam covers.
  • Candidates should also strive to stay up-to-date on the latest developments in the security field.

Passing the exam

The CISSP exam asks 100-150 questions. Individuals typically have 3-4 hours in which to complete the exam.

In order to pass the CISSP exam, individuals must score at least 700/1,000 or higher. If the exam isn’t passed on the first try, it’s possible to retake the test. Individuals can retake the exam 30 days after an initial attempt, and up to four times within a single year.

After passing the exam, individuals must obtain endorsement from a current certification-holder. The endorsement is intended to validate that a person has pursued the necessary work experience to have earned a CISSP certification.

Those who pass the exam have nine months to obtain an endorsement. In the event that an individual truly cannot find someone to endorse him/her, (ISC)2 may be able to act as an endorser.

Roles that require or request a CISSP certification include

  • Chief Information Officer
  • Chief Information Security Officer
  • Compliance Manager/Officer
  • Director of Security
  • Information Architect
  • Information Manager/Information Risk Manager
  • Security Manager
  • Security Administrator
  • Security Systems Engineer/Security Engineer


In the U.S., the CISSP certification exam costs $749.00. After completing CISSP exam training courses, individuals may be eligible to receive expense vouchers from partner organizations.

More information

All CISSPs must become (ISC)2 members, providing access to exclusive networking opportunities.

The vast majority of CISSP credential holders reside in the United States, followed by the United Kingdom, Canada, China, Japan and India, respectively.

Get more insights into popular cyber security certifications

  • Explore cyber security training courses – Enroll now 
  • If you work with Check Point products, consider these trainings & certs – Click here 
  • Get personalized recommendations and network with peers at this event – Register today 
  • Lastly, please sign up for the CyberTalk.org newsletter – Here