The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

Your CISSP Certification Blueprint is Ready

Do you have what it takes to sit for and pass the notoriously difficult CISSP exam from (ISC)²? If you aim to tackle the biggest cert on the cybersecurity block, then follow these steps to ensure success.

CISSP GC 7 17 computer sword and shield guyThe Certified Information Systems Security Professional (CISSP) is more than a mouthful to say, and it’s currently the leading certification among security professionals. But what does it take to achieve this coveted cert? Well, I liken it to Neo becoming the “One” in sci-fi adventure movie The Matrix. You won’t actually be the “One” — more like one of 740,000 — but achieving the credential will feel like nothing you have experienced before.


What you are up against — General


Much like Neo, who needed to learn about the threats posed by “agents,” you need to know what you are facing with this exam. The basics are something you can easily look up: Per (ISC)², the organization that operates the CISSP program, you will have six hours to complete 250 questions.


A passing score is 700 out of a possible 1,000 points. The price tag for the exam is $599, a cost of $2.40 a question, so you had better come prepared. Unlike with some credentials, even after successfully passing the exam, you will still need a current CISSP to vouch for you in order to complete the certification process.


What you are up against - Advanced


The CISSP exam will test candidate’s knowledge in eight specific domains weighted thusly:


● Security and Risk Management — 16 percent
● Asset Security — 10 percent
● Security Engineering — 12 percent
● Communications and Network Security — 12 percent
● Identity and Access Management — 13 percent
● Security Assessment and Testing — 11 percent
● Security Operations — 16 percent
● Software Development Security — 10 percent


Just as with Neo — in the movie, no one can be told what the Matrix is, they must be shown — it’s impossible to grasp the extent of the knowledge needed to pass the exam simply by looking at the domains covered. And you shouldn’t plan to just blow through a study and then make your appointment at the testing center.


You will need at least five years of paid full-time experience in in two or more of the above domains. Even then, (ISC)² wants to see your resume and have a current CISSP holder vouch for your experience. So as soon as you’ve committed to the credential, start making contacts — network! Knowing one or more current CISSPs will give you easy access to the “vouching” requirement when it’s time.


Discipline and Training: Neo


In The Matrix, Neo is required to undergo extensive training in the martial arts to prepare him to fight back against his foes. You won’t need fists of fury for the CISSP, but you will need a very detailed and disciplined study routine.


It is impossible to absorb all of the required information within a couple of weeks. That being the case, unless your employer wants to drop $2,500 dollars on a boot camp train you up, I suggest you opt for the self-study route. If you sincerely apply yourself, you will retain a broader and deeper level of knowledge for a longer period of time.


I recommend ate least two solid weeks of self-study, per domain. That is 16 weeks or around 4 months. Is it possible to do it faster? Yes. Is it possible to take the exam after a boot camp? Sure, but I would argue that the retention factor is far below what you can achieve through a well-planned and -executed self-study course.


Once you understand and appreciate exactly what you have to do, you will need a place to do it. A nice, quiet place that enables you to study nightly for 2-to-4 hours is essential. If you have children, like I do, then you may only cram in an hour or two of studying each night. In that case, you will have to make it up on the weekends, or by getting out of bed before everyone else does.


I have found flashcard sites to be very helpful. If you like practice quizzes, and I recommend that you try some because they are invaluable, then check out the CISSP quiz set right here at I also devour books, found inexpensively on Amazon, as quickly as I can get them.