The Certified Information Systems Security Professional (CISSP) is the most globally recognized certification in the information security market. CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.
The test is a variable-length computer-adapted test comprised of 100-150 items and the testing time allowed is three hours. It is a computer-based test (CBT). Items in the exam are primarily four-option multiple choice items with one correct key. At the end of the exam administration, candidates receive a provisional pass or fail decision. Failing candidates receive feedback on their exam performance by domains for complete exams; however, candidates who pass the exam receive a provisional congratulatory letter describing their next step in acquiring the credential.
The percentage (i.e., weight) of scored items by reporting domain:
• Domain 1. Security and Risk Management (15.6%)
• Domain 2. Asset Security (10.2%)
• Domain 3. Security Architecture and Engineering (12.9%)
• Domain 4. Communication and Network Security (12.9%)
• Domain 5. Identity and Access Management (IAM) (13.3%)
• Domain 6. Security Assessment and Testing (11.6%)
• Domain 7. Security Operations (13.3%)
• Domain 8. Software Development Security (10.2%)
