What's Tested on the CISSP Exam?

CISSP, which stands for Certified Information Systems Security Professional, is a certification provided by (ISC)2 that indicates that an individual can design, implement, and maintain an information security program in a business. The CISSP exam is one step in the process of becoming a fully-certified CISSP.

About the CISSP Exam

The CISSP exam is a multiple-choice CAT exam offered at Pearson VUE Testing Centers. CAT stands for Computer Adaptive Testing, which is a means of assessing a test-taker’s level of knowledge with fewer questions and a shorter testing period than linear testing models. The computer will give you questions based on how you answered previous questions on the exam. As you correctly answer more difficult questions, the computer will anticipate your ability level and give you even more difficult questions to answer. This way, the computer can test the range of your abilities more quickly than it would have by giving you a larger, pre-determined set of questions.
Something to keep in mind: because each question informs the next question you’re given, there’s no way to go back and check your answers when you finish the exam; once you finalize an answer on a question, you can only move forward in the exam.
Based on the CAT, the CISSP exam is between 100-150 questions, with a time limit of 3 hours. You need to get 700 of 1000 total points to pass the exam.
The exam cost is $699 for students in the United States. You’ll pay this fee when you register for the exam (See “CISSP Exam Registration” below).
The CISSP exam covers eight fundamental domains of information security, listed and weighted approximately on the exam as follows:

  • Domain 1: Security and Risk Management (15%)
  • Domain 2: Asset Security (10%)
  • Domain 3: Security Architecture and Engineering (13%)
  • Domain 4: Communication and Network Security (14%)
  • Domain 5: Identity and Access Management (13%)
  • Domain 6: Security Assessment and Testing (12%)
  • Domain 7: Security Operations (13%)
  • Domain 8: Software Development Security (10%)

Check out CISSP exam prep options here.

To learn more about the anatomy of the CISSP exam, download this comprehensive guide to the exam. It includes info about the exam structure, content, application process, and general reasons as to why you should consider getting this in-demand certification.

CISSP Exam Registration

As mentioned previously, you’ll take your CISSP exam at a Pearson VUE Testing Center. In order to register for the exam, go to the Pearson VUE website and create a Pearson account. Once you’ve read through Pearson VUE’s Non Disclosure Agreement, you’ll be able to select an exam, exam location, and exam date/time. You’ll also pay the $699 exam fee at this time. After you register, Pearson VUE will send you a confirmation email.

After the CISSP Exam

You’ll be told if you passed or failed immediately upon completing the CISSP exam. You won’t have access to your numerical score–of you pass, you’ll simply be told that you passed. If you fail, while you still won’t have access to your numerical score, you’ll receive a diagnostic feedback assessing your performance on the different domains of the exam.
You can take the CISSP exam a total of 3 times within a 12-month period. If you don’t pass the exam the first time, you can take it again in 30 days. If you don’t pass the second time, you can take it again 90 days from your second test date. If you don’t pass the third time, you can take it again 180 days after your most recent attempt, as long as it’s outside of the 12-month period in which you can only test a total of 3 times.
Passing the CISSP exam doesn’t make you a CISSP–you also need to complete the required job experience and submit an endorsed application to (ISC)2.
Find out more about the process of becoming a CISSP!

For more info about how to get CISSP-certified, click here!