The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security field. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.
The exam is administered as a variable length Computer Adaptive Testing (CAT) at Pearson VUE testing centers around the world. During the test, candidates respond to between 100-150 items based on their ability. Items in the exam are four-option multiple choice items with one correct key. At the end of the exam administration, candidates receive their pass/fail decision. Failing candidates receive feedback on their exam performance by domains; however, candidates who pass the exam receive their congratulatory letter describing their next step in acquiring the credential.
CISSP exam is updated on a regular basis by conducting job task analysis every three years and writing and pretesting many items throughout the year to maintain a robust item bank needed to administer a CAT examination.
The CISSP exam requires candidates to demonstrate the following knowledge, skills and abilities: Security and Risk Management (15%); Asset Security (10%); Security Architecture and Engineering (13%); Communication and Network Security (13%); Identity and Access Management (IAM) (13%); Security Assessment and Testing (12%); Security Operations (13%); and Software Development Security (11%).