CISSP
What is CISSP?
CISSPA senior-level vendor-neutral security certification from ISC2 covering eight domains of the Common Body of Knowledge and requiring five years of paid work experience.
The Certified Information Systems Security Professional (CISSP) is issued by ISC2 and is widely regarded as the benchmark certification for experienced information security practitioners, managers, and architects. The exam covers eight Common Body of Knowledge (CBK) domains: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security. Candidates take a Computerized Adaptive Test (CAT) of 100 to 150 questions over up to three hours. CISSP requires five years of cumulative paid work experience across at least two CBK domains and an endorsement from an existing certified professional.
● Examples
- 01
A CISO renews CISSP every three years through 120 Continuing Professional Education (CPE) credits.
- 02
A security architect lists CISSP on their resume to qualify for government and Fortune 500 roles.
● Frequently asked questions
What is CISSP?
A senior-level vendor-neutral security certification from ISC2 covering eight domains of the Common Body of Knowledge and requiring five years of paid work experience. It belongs to the Compliance & Frameworks category of cybersecurity.
What does CISSP mean?
A senior-level vendor-neutral security certification from ISC2 covering eight domains of the Common Body of Knowledge and requiring five years of paid work experience.
How does CISSP work?
The Certified Information Systems Security Professional (CISSP) is issued by ISC2 and is widely regarded as the benchmark certification for experienced information security practitioners, managers, and architects. The exam covers eight Common Body of Knowledge (CBK) domains: Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Identity and Access Management, Security Assessment and Testing, Security Operations, and Software Development Security. Candidates take a Computerized Adaptive Test (CAT) of 100 to 150 questions over up to three hours. CISSP requires five years of cumulative paid work experience across at least two CBK domains and an endorsement from an existing certified professional.
How do you defend against CISSP?
Defences for CISSP typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for CISSP?
Common alternative names include: Certified Information Systems Security Professional.
● Related terms
- compliance№ 176
CISM
An ISACA management-level certification for information security managers covering governance, risk, program development, and incident management across four domains.
- compliance№ 150
CCSP
An ISC2 cloud security certification covering architecture, data protection, platform and infrastructure security, operations, and legal compliance across major cloud providers.
- compliance№ 175
CISA
An ISACA certification for information systems auditors covering audit process, governance, acquisition, operations, and protection of information assets across five domains.
- compliance№ 205
CompTIA Security+
An entry-level vendor-neutral cybersecurity certification from CompTIA covering foundational threats, architecture, operations, and governance for early-career practitioners.
- compliance№ 442
GIAC Certifications
A family of role-based cybersecurity certifications issued by GIAC and aligned with SANS Institute training, covering operations, incident response, forensics, and penetration testing.