WIXLIB

THE ULTIMATEGUIDE TO THECISSPHow to achieve the world’s premier cybersecurity certification

AchieveMorein YourCareerYou prove every day that you havewhat it takes to secure criticalassets. But our profession is alwayschanging, and even the brightestminds can benefit from having aguide on the journey to success.(ISC)2 is here to help you discoverthe right path, create your planand thrive throughout your career.The Ultimate Guide to the CISSPcovers everything to know aboutthe world’s premier cybersecuritycertification. See how the CISSP –and (ISC)2 – can distinguish you as aglobally respected security leader.INSIDE » Is the CISSP Right for Me?» CISSPs from Around the Globe» Fast Facts About CISSP» Benefits of Being CISSP-Certified» Benefits of (ISC)2 Membership» CISSP Exam Overview» Official CISSP Training» Pathway to CISSP Certification» Free CPE Opportunities» Certification is Just the Beginning2

Is the CISSPRight for Me?The CISSP is ideal for information security professionals seekingto prove their understanding of cybersecurity strategy andhands-on implementation. It shows you have the advancedknowledge and technical skills to design, develop and managean organization’s overall security posture.ExperienceTo qualify for the CISSP, candidates must pass theexam and have at least five years of cumulative,paid work experience in two or more of the eightdomains of the (ISC)² CISSP Common Body ofKnowledge (CBK ).A candidate who doesn’t yet have the requiredexperience to become a CISSP may become anAssociate of (ISC)² after successfully passing theCISSP exam. The Associate of (ISC)² will then havesix years to earn the experience needed for CISSPcertification.Discover Your PathSee “Pathway to CISSP Certification”for more information.Jobs that Typically Use or Require the CISSP» Chief Information Officer» Security Architect» Chief Information Security Officer» Security Auditor» Director of Security» Security Consultant» IT Director/Manager» Security Manager» Network Architect» Security Systems Engineer» Security Analyst3

The CISSP has provided me withan increased level of credibility andtrustworthiness. It has also given me agreat opportunity to meet and collaboratewith other security professionals throughmy local (ISC)2 member chapter andindustry events such as the annual (ISC)2Security Congress conference.Walter SpeelmanSenior Security Specialist, IAMWalt Disney CompanyOrlando, Florida, USABeing an Associate of (ISC)2 has openedmany new doors and opportunitiesfor me. As a CISSP, I am immediatelyconnected to resources and a network oflike-minded people as we work togetherto inspire a safe and secure cyber world.Lucy ChaplinManagerWavestoneLondon, UKCISSPs from Around the GlobeWhen I achieved the CISSP, clients andother professionals in the field began toapproach me with full confidence. Becausethe CISSP extends beyond the technicalitiesand focuses on hands-on application ofknowledge, stakeholders know you caneffectively identify risks – and efficientlyevaluate how to mitigate them.Shashana CampbellManager, Cyber Risk AdvisoryGrant Thornton LLPPhiladelphia, Pennsylvania, USAPreparing for the CISSP gave me invaluableinsight to better manage and communicatewith different stakeholders, includingengineering and DevOps. Since passingthe CISSP exam, I have also attracted theattention and respect of employers andrecruiters, which brings great self-satisfaction.Samana HaiderManager, Security LabsForcepointDublin, IrelandJoin the (ISC)2 Community!Meet, learn from and ask questions of CISSPs in our virtual community. You don’t have tobe an (ISC)2 member to join relevant discussions with a network of security professionalsfocused on ensuring a safe and secure cyber world.4

Fast Facts About CISSPIntroduced in 1994DoD ApprovedMost Required SecurityCertification on LinkedInExam availablein 8 languages at882 locations in114 countriesFirst information securitycredential to meet thestrict conditions of ISO/IECStandard 17024CISSPs work in more than160 countries globallyMore than 129,000professionals currently holdthe CISSP certification93% of CISSPsare lifersComputerized AdaptiveTesting (CAT) introducedDecember 18, 2017Average CISSPSalary: US 131,030SHOUT-OUTSNamed theMOST VALUEDCREDENTIAL AMONGEMPLOYERSby a margin of 3 to 1— 2017 Cybersecurity TrendsSpotlight ReportMade“The Next Big Thing”Named one of theTOP CERTIFICATIONSIN BEST INFORMATIONSECURITY CERTIFICATIONS— 2018 article, Tech GigVoted“BEST PROFESSIONALCERTIFICATIONPROGRAM”list as the #2 certification AnnualSalary Survey respondents planto earn in 2018— Certification Magazinenumerous times— SC Magazine5

Benefits of Being CISSP-CertifiedCareer advancementRaise visibility and credibility,improve job security andcreate new opportunities.Versatile skillsVendor-neutral so skillscan be applied todifferent technologies andmethodologies.RespectDifferentiate yourself toemployers, clients and peers.Community of professionalsGain access to (and respect from)a global community of likeminded cybersecurity leaders.Solid foundationBe better prepared to stemcyber attacks and inspirea safe and secure cyberworld.Higher salariesOn average, (ISC)² membersreport earning 35% morethan non-members.Expanded knowledgeReach a deeper, better andbroader understanding of thecommon body of knowledgefor cybersecurity.Stronger skill setExpand the skills andknowledge needed to fulfillorganizational duties.6

Benefits of(ISC)2 MembershipOnce you earn your CISSP, you become an (ISC)2 memberand part of a professional community that never stopslearning and growing. You also gain access to a full suiteof benefits and resources for continuing education anddevelopment:» Free online (ISC)2 Professional DevelopmentInstitute courses» Free subscription to InfoSecurity Professional Magazine» Member pricing for (ISC)2 events» 50% off official (ISC)2 textbooks» Deep discounts on industry conferences» Expert-led webinars on the latest security issues» The ability to join or start a local (ISC)2 Chapter» Volunteer Opportunites» Safe and Secure Online program» Professional recognition through (ISC)2 Awards Programs» Digital badges to promote expertise» (ISC)2 Member PerksDigital Badges Show Off Your SkillsA digital badge is the cool (and secure) way to share your credentialonline. You can attach it to a website, digital resume, email signature orsocial network. And with one simple click, employers and colleagues canverify your credential – and all that’s required to earn it.Easy to claim and use, digital badges let you » Share abilities online» Prove verification of abilities in real time» Show the experience and knowledge required to earn your CISSP7

CISSP Exam OverviewThe CISSP examevaluates expertiseacross eight securitydomains. (Think ofdomains as topics youneed to master basedon your professionalexperience andeducation.) Passingthe exam proves youhave the advancedknowledge andtechnical skills toeffectively design,implement andmanage a best-in-classcybersecurity program.SECURITYAND RISKMANAGEMENTSOFTWAREDEVELOPMENTSECURITY15 %10 %ASSETSECURITY10 %SECURITYOPERATIONS13 %13 %SECURITYARCHITECTUREAND ENGINEERING12 %SECURITYASSESSMENTAND TESTING14 %13 %COMMUNICATIONAND NETWORKSECURITYIDENTITYAND ACCESSMANAGEMENT(IAM)100 - 150Number of items on the English CISSP CAT(Computer Adaptive Testing) exam3The non-English linear, fixed-form CISSP exam has 250 itemsMaximum amount of time forthe CISSP CAT examThe non-English linear, fixed-form CISSPexam allows 6 hours to complete700hrs.CISSP CATAs of December 18, 2017, all EnglishCISSP exams worldwide use CAT. NonEnglish CISSP exams are administered asa linear, fixed-form exam.Learn more about CATExam availability: English, French,German, Brazilian Portuguese, Spanish,Japanese, Simplified Chinese, Korean,Visually impairedTesting Centers: Pearson VUEScore you need out of 1,000to pass the exam8

OfficialCISSPTrainingWith self-paced orinstructor-led online andclassroom courses, (ISC)²has a training option tofit different schedulesand learning styles.Trainings, seminars,courseware and selfstudy aids directly from(ISC)² or one of ourmany Official TrainingProviders help you getready for the CISSP examby reviewing relevantdomains and topics.Classroom-basedOnline Instructor-LedPrivate On-siteOnline Self-PacedCISSP Study Resources» Exam Outline» Official (ISC)² Guide to the CISSP CBK» Official (ISC)² CISSP Study Guide» Official (ISC)² CISSP Practice Tests» CISSP For Dummies» Official CISSP Flash Cards» Suggested ReferencesCreate Your PlanGet your copy of the (ISC)²Certification Prep Kit.9

Pathway to CISSP CertificationObtain the Required ExperienceTo qualify for the CISSP, candidates must have at least five years of cumulative, paid full-time workexperience in two or more of the eight domains:Domain 1. Security and Risk ManagementDomain 2. Asset SecurityDomain 3. Security Architecture and EngineeringDomain 4. Communication and Network SecurityDomain 5. Identity and Access Management (IAM)Domain 6. Security Assessment and TestingDomain 7. Security OperationsDomain 8. Software Development SecurityIf you don’t have enough experience yet, you can still pass the CISSP exam and becomean Associate of (ISC)² while you earn the work experience needed.Study forthe ExamMany self-study resources are available from (ISC)² – the creator and keeper of theCISSP CBK – to help you prepare with confidence. Some CISSP candidates passthe exam with self-study, and many choose to attend an Official (ISC)2 Trainingseminar to review and refresh knowledge before sitting for the exam.Pass theExamCandidates are given a maximum of three hours to complete the 100 – 150-itemEnglish CISSP CAT exam, or six hours to complete the 250-item non-EnglishCISSP linear exam. If you’re ready now, schedule your exam by creating anaccount with Pearson VUE, the leading provider of global, computer-basedtesting for certification and licensure exams.GetEndorsedAfter you pass the exam, you will have nine months from the date of the exam tocomplete the (ISC)2 endorsement process.Earn CPEsOnce you are certified, you become a member of (ISC)² and recertify everythree years. Recertification is accomplished by earning continuing professionaleducation (CPE) credits and paying an Annual Maintenance Fee (AMF) to supportongoing development.120 CPEsU.S. 125 AMF3 yearsMembers with multiple (ISC)² certifications only pay a single AMF.

Free CPE OpportunitiesThe CPE requirement helps you maintain your competencies followinginitial certification. By developing and enhancing skills through CPEactivities, you make an important investment in yourself while increasingvalue to customers and employers.(ISC)² makes it possible for you to earn all your CPE credits withoutspending a dime.Join WebinarsThink TanksSecurity BriefingseSymposiumsSolutions SummitRead & WriteRead the bimonthly InfoSecurity Professional e-magazine and take a short quizSubscribe to and summarize an information security magazineRead a book directly related to CISSP and submit a 150-word reviewAuthor an information security article published in a journal or magazineReview an educational white paper related to the CISSPAttend Trainings & Events(ISC)² Chapter meetingsPrepare or attend an educational presentation related to the CISSP CBK domains(ISC)2 Professional Development Institute coursesVolunteerBecome a Safe and Secure Online Ambassador and spread your knowledge aboutcyber safety in your communityVolunteer to help develop (ISC)² Certification exams11