What is CISSP Certification

The CISSP (Certified Information Systems Security Professional) is an essential credential for a security professional to validate their competencies and skill set to deploy a diverse information security infrastructure for protecting the organization from potential cybersecurity hazards.



The course has been sponsored by (ISC)2, one of the world’s leading non-profit organization for providing healthy aids to the field of information security. The certification qualifies a candidate to effectively create, implement and evaluate the cybersecurity tools and technologies used to facilitate the healthy transfer of information across a diverse work environment.



CISSP has been the first credential in the field of information security to meet the stern requirements of ISO/IEC Standard 17024.

Why is CISSP Important

CISSP is important to obtain due to its globally recognized standard in Information Security.



It originates from an up-to-date, comprehensive and global common body of knowledge that guides security leaders to attain a better understanding and deep knowledge of all the latest technologies, regulations, threats, practices and standards.

Benefits of CISSP



CISSP certification affirms your commitment in the field you’re working and makes it more relevant to ongoing professional education and understanding of the most current and trending practices.

After being CISSP certified you can demonstrate your technical knowledge, abilities, and skills to develop a holistic security program set more effectively against the universally accepted standards.

You can easily stand out from other candidates for a desirable job opening in the market for information security.

You will be able to gain access to valued career resources, that would include networking and exchange of ideas with peers.

You can also authenticate your skills and competence that you have gained through years of experience in the world of information security.

Average Salary for CISSP



The salary of a CISSP certified professional is much higher as compared to the others who are not certified. However, the pay scale differs from country to country and the salaries given in the image below are of the CISSP certified professionals working in India.





Image Source: PayScale

How to get CISSP certification



Follow these simple steps to be CISSP Certified:



Step 1: Register

Register yourself in an IT training company who are the authorized partners of (ISC)², an international nonprofit membership association best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification.



Step 2: Enroll

Enroll yourself for the CISSP certification course.



Step 3: Get trained

Get started with the training process in accordance to an official courseware offered to you.



Step 4: Exam

After your training is over, you must sit for the exam and pass it to gain your CISSP certificate.



Step 5: Certification

After clearing the exam, you are now CISSP certified. Take your certificate and you are good to go.

How to Prepare for CISSP Exam



Explore and study all the following 8 domains of the CISSP Common Body of Knowledge (CBK) to prepare and pass the exam:



Security and Risk Management

Asset Security

Security Engineering

Communications and Network Security

Identity and Access Management

Security Assessment and Testing

Security Operations

Software Development Security

What is a passing score on the CISSP Exam?



The passing grade is 700 out of 1000 points to earn CISSP certification.



Exam information:



Length of exam 3 hours

Exam Delivery Method Computer Adaptive Testing [CAT]

Number of questions 100-150

Question format MCQ Based

Testing center Pearson VUE Testing Center



The delivery mode would be the same linear form for the candidates opting languages other than English as it was earlier

Exam weights



Domains Weight Security and Risk Management 15% Asset Security 10% Security Engineering 13% Communications and Network Security 14% Identity and Access Management 13% Security Assessment and Testing 12% Security Operations 13% Software Development Security 10% Total: 100%



Recommended reading: 17 Top IT Certifications for a Rewarding Career in 2017

CISSP Practice Exam Sample Questions Answers

These are a few sample question and answers for CISSP exam:



1. Which of the following ensures that the application’s hardware remain highly available?

a. Disk Mirroring

b. Clustering

c. RAI

d. RAIT



2. What is the advantage of digital signatures over message authentication codes?

a. Digital signature provides integrity verification while message authentication code can not

b. Digital signature provides confidentiality while message authentication code can not

c. Digital signature provides authenticity while message authentication code can not

d. Digital signature works faster than message authentication codes



3. What is not secured in end-to-end encryption?

a. Packet payload

b. Public key

c. Packet header

d. Private key



4. When due diligence and due care is observed it is said to be:

LOW TECH HACKING, CISSP,

NETWORK SCANNING 39 / 83

a. Prudent person rule

b. Proactive approach

c. Negligence

d. Reactive approach



5. Which of the following algorithms can be used for Kerberos encryption

a. DSA

b. RSA

c. DES

d. ECC



6. Which of the following provide isolation between subjects and objects?

a. Reference monitor kernel

b. Security monitor kernel

c. Trusted computing base

d. Security kernel



7. What is the purpose of using Secure Hash Algorithm in virtual private networks?

a. Authentication

b. Key validation

c. Integrity

d. Encryption



8. Which of the following documents has optional statements?

a. Policy

b. Regulation

c. Baseline

d. Guideline



9. Which of the following glass type you will use for windows opening at street level

a. Tempered glass

b. Wired glass

c. Laminated glass

d. Bullet resistant glass



10. If an IDS runs a script on firewall to block an attacking address, what type of control it is?

a. Corrective

b. Preventive

c. Detective

d. Compensating

CISSP Certification Requirements



CISSP certification suites or can be taken up by the following professionals:



Chief Information Security Officer

Director of Security

IT Director/Manager

Network Architect

Security Analyst

Security Architect

Security Auditor

Security Consultant

Security Manager

Security Systems Engineer



Although it is not limited to only these profiles, one can also get CISSP with:



A minimum 5 years of cumulative paid full-time work experience in 2 or more of the 8 domains mentioned below:



Security and Risk Management

Asset Security

Security Engineering

Communications and Network Security

Identity and Access Management

Security Assessment and Testing

Security Operations

Software Development Security



On the other hand, earning a 4-year college degree or regional equivalent or an additional credential from the (ISC)² approved list will waive 1 year of the required experience.



Note: Only a 1-year experience exemption is granted for education.



However, a candidate who doesn’t have the above-mentioned experience to be entitled as a CISSP can become an Associate of (ISC)² by passing the CISSP exam successfully. The Associate of (ISC)² will then have 6 years to earn the 5 years required experience.

Conclusion



CISSP (Certified Information Systems Security Professional) training is one of the best training course or certification offered by (ISC)2, an international non-profitable organization that provides essential certifications in the field of IT Administration, Cloud Security, Leadership & Operations that are globally recognized for professionals seeking a career in cyber security.