Frequently Asked Questions About CISSP Certification

Certified Information Security Manager


Posted by: Samuel Meisenberg
Published: June 13, 2019

The Certified Information Systems Security Professional (CISSP) remains one of the most valued and sought after cybersecurity certifications. If you’re considering earning the certification, you’ve probably got questions. And we’ve got answers.

What is the CISSP exactly?

The CISSP is a globally recognized standard that certifies an IT security professional's technical skills and hands-on experience with implementing and managing a security program. Developed by the International Information Systems Security Certification Consortium, also known as (ISC)², it is vendor-neutral, and it is accredited under the ANSI ISO/IEC Standard 17024:2003.

Why should I earn the CISSP?

CISSP certification is an investment, not just an expensive piece of paper. It’s access to an exclusive club of in-demand professionals who have the skills that companies will need for years to come. A CISSP certification is a great way to prove what you know. Maybe you’re a cryptography geek who studies the latest encryption practices. Maybe you have an aptitude for developing and implementing cybersecurity policies. Unfortunately, proving these facts to potential employers is often more difficult than it should be—especially if you lack professional experience in certain areas. Having CISSP next to your name proves you have knowledge that might not be easily discerned by scanning your résumé.

What are the benefits of earning the CISSP?

Mainly job prospects and career advancement. According to Burning Glass, 35 percent of cybersecurity job postings require a recognized certification and a much larger number list certification as a preferred credential. HR professionals activate keyword screens to include those magic certification letters. Without a certification like the CISSP, you might not even make it through the first pass. Career advancement is far more available with the right combination of letters next to your name. It’s also important to remember that education and dedication come with preparing for certifications. The act of preparing for, and passing, certification exams speaks volumes to current and future employers.

There is also earning power in holding a CISSP. According to Cyberseek and Glassdoor, the average CISSP salary is $126,770, and there are currently 72,700 job openings that prefer or require the CISSP. The certification is valuable, and CISSPs are in demand.

OK, you convinced me that I need the certification. What is the exam like?

The CISSP is a unique test-taking experience. Unlike the majority of other certification tests, it is a Computer Adaptive Test (CAT). The CAT is distinct from a linear exam in the following ways:

  • Every time you answer a question, the computer evaluates your ability to get the next question right based on your previous submissions and the difficulty of the questions.
  • As you get answers right, the computer delivers more difficult questions and increases its estimate of your ability. If you get things wrong, the computer serves up an easier question.
  • As you answer more questions, the computer’s estimate of your ability gets more precise.
  • Each question affects the next question, so there is no going back to change your answer to a previously answered question.
  • If you reach a point where it is no longer possible to earn a passing score, the exam will end automatically.

I managed to beat the CAT. Now, how do I become a CISSP?

To qualify for the CISSP certification, you must have at least five years of cumulative, paid, full-time work experience in two or more of the eight domains of the (ISC)2 CISSP Common Body of Knowledge (CBK). If you don’t have enough work experience, there are two ways you can proceed with becoming a CISSP. First, you can satisfy one year of required experience with a four-year college degree or an approved credential from the CISSP Prerequisite pathway. Your second option is to take and pass the CISSP exam to earn an Associate of (ISC)2 designation. You will be an Associate of (ISC)2 until you satisfy the experience requirements.

What do I do next?

Now that you’ve got the answers, go get certified! This step-by-step guide to becoming a CISSP can help. Good luck with your studies.

thumbprint representing information security protection

Free 5-Question CISSP Quiz

Curious about the types of questions you might face on the Certified Information Systems Security Professional Exam? Take our free 5-question quiz to get a glimpse of some of the topics tested on the CISSP exam.

Take the Quiz



Train Smarter

Keep on top of industry news with Kaplan IT Training. You'll also be the first to get our exclusive product promotions and discounts.