CISSP :: Certified Information Systems Security Professional – Introduction
I have set myself a task this year to achieve CISSP – Certified Information Systems Security Professional. CISSP is a globally recognised certification that encompasses a broad range of IT Security topics. It’s vendor-neutral and well regarded in the industry.
To become a CISSP, you must meet the following:
- You must have completed a minimum of 5 years cumulative paid full-time work experience in two or more of the 8 domains (which I will list later)
- Schedule and pass the CISSP exam, which is a 6 hour exam made up of 250 questions
- Complete the Endorsement Process – you need to be endorsed by someone who has already achieved this certification
- Finally, you must maintain the certification – there is a renewal cost every 3 years, but you must also continue to earn Continuing Professional Education credits (CPEs) throughout each year. Alternatively you can resit the exam ever 3 years, though there is an additional administration cost associated with this on top of the exam cost.
There are 8 domains within the CISSP program, these are:
- Security and Risk Management (16%)
- Asset Security (10%)
- Security Engineering (12%)
- Communication and Network Security (12%)
- Identity and Access Management (13%)
- Security Assessment and Testing (11%)
- Security Operations (16%)
- Software Development Security (10%)
Over the coming months, I will be breaking each domain down in to several blog posts, providing a foundation on which you (and I) can build knowledge upon; this is not intended to get you exam ready alone, but will hopefully educate you on areas you will need to do more research in.
I look forward to writing these posts and I hope you find them to be of use!