As information systems become progressively more central to business operations, it becomes more critical that the staff in charge of them be well versed in the skills required to maintain them securely. To this end, the Certified Information Systems Security Professional (CISSP) certification was created to measure knowledge and skill around issues of security. It was developed by the International Information Systems Security Certification Consortium (ISC2). It has since been formally recognized by the United States Department of Defense and used by the National Security Agency as a basis for their own security certification.
CISSP certification is open to security professionals in a variety of specialties. The domains it focuses on, as listed by the ISC2, include: access control; application development security; business continuity and disaster recovery planning; cryptography; information security governance and risk management; legal, regulations, investigations, and compliance; operations security; physical (environmental) security; security architecture and design; and telecommunications and network security. Candidates for the certification must have at least five years of full-time experience doing work that involves at least two of these domains. However, if the candidate also possesses another certification on the approved list, they only need four years of experience.
There are additional requirements to becoming CISSP certified that are focused on ensuring that candidates have the right mindset and background for security work. They must accept the CISSP Code of Ethics. In addition, they need to answer several questions regarding their criminal background and other related information. Further, they must have a written endorsement from someone else who has already received the CISSP certification. In combination, these requirements and the knowledge and experience requirements assure employers that everyone who possesses this certification has both the skills and the temperament of a person who can be entrusted with sensitive information.
Formal CISSP Training vs. Self Study
The Certified Information Systems Security Professional (CISSP) Examination is a certification examination that covers a wide range of information security topics to certify information security professionals. The exam covers ten areas: access control, telecommunications and network security, information security governance and risk management, software development security, cryptography, security architecture and design, security operations, business continuity and disaster recovery planning, legal, regulations, investigations, and compliance, and physical security. The CISSP Examination is recognized internationally as standard of achievement.
To prepare for the CISSP certification examination, some individuals study independently and others complete certification courses. Individuals who study independently for the CISSP exam may become overwhelmed with the exam preparation material and have a hard time absorbing the vast amount of information. A certification course provides guided instruction to help applicants pass the examination. Many courses are taught by expert CISSP instructors and provide comprehensive exam prep, exam review, test prep questions, and group activities. Some courses are offered at on-site training facilities, and others are offered completely online. Many courses last five to seven days and include pre- and post-prep examinations to demonstrate how participants have learned throughout the course. Many courses require students to complete daily reading assignments to prepare for the next day in class. A lot of courses require participants to have at least five years of professional experiences in the information security field or a college degree and four years experience.
Benefits of Taking a CISSP Certification Course
• CISSP certification courses help individuals increase their security knowledge by focusing on the crucial elements of the ten areas.
• The courses help applicants prepare for the CISSP certification examination by addressing key issues and giving insight on what areas to focus on.
• The courses cover subject matter in a variety of information security topics and participants have the ability to explore a wide range of concepts and gain an understanding of how they work together.
• The courses provide a comprehensive review at the end and give students access to study plans and individual reviews.
• Students commonly receive various course materials such as an exam guide, workbooks and reference material, and a certificate of completion.
• Certification course instructors are commonly expert security instructors that use a variety of teaching methods to help participants take in and retain more information.
• Many courses enable students to customize their schedule to receive preparation beyond the standard format and retain greater knowledge.
• The courses provide related content such as case studies to enable students to draw examples of actual situations.
• A lot of courses offer unlimited support while individuals are preparing for the CISSP examination. This includes office hours, telephone support, and Internet communications. .
• Students learn how to understand and absorb the material to successfully pass the examination the first time they take it.
• There is a higher pass rate for individuals who have completed a certification training course versus those who studied independently.
About the Exam
CISSP training classes are the best way to prepare for the exam. The test itself is taken over the course of 6 hours and includes 250 questions. The amount of material is extensive, and the length of the test itself makes it a grueling process. It’s much more likely that a candidate will pass if they’ve gone through a structured program that guarantees that each of the fields covered by the exam is given adequate attention. CISSP classes provide this structure, and also ensure that the material is covered and reviewed over an extended period of time, which is more likely to result in real understanding and learning.
Maintaining certification requires an ongoing commitment to professional development. After three years it must be renewed. If desired, this can be done by taking the CISSP exam again, but it’s usually done by accumulating at least 120 Continuing Professional Education (CPE) credits during each renewal period. This can include taking classes (though they aren’t required to be specifically CISSP classes), teaching, writing, volunteering, and attending conferences. Generally, credits are earned at a rate of one per hour of activity, though certain tasks have been assigned a set number of credits.
The CISSP certification is the industry’s best way of identifying those professionals who can be trusted to meet the security needs of businesses. It covers every critical area of concern. It verifies that they have the knowledge, the experience, the attitude, and the commitment to ongoing development of their skills that together make a great security professional.
*This website is in no way affiliated with ISC2 and is solely meant as an educational resource as well as a resource for readers to find training in the Washington, DC, Maryland and Virginia areas.