The Certified Information Systems Security Professional (CISSP) is quickly becoming one of the premiere Information Assurance certifications within the DoD as well as Corporate America.  Here at DoD IA Training HQ, we want to provide you with some general information that will help you obtain your CISSP certification.  There are many resources out there to help you study for the CISSP, but the best resource by far is the CISSP All-in-One Exam Guide, Fifth Edition by Shon Harris.  It is highly recommended!

General Info:

  • The Certified Information Systems Security Professional (CISSP) is a highly sought after certification by those who are looking to have a career in Information Security and/or Information Assurance
  • Started in January 2003
  • Required to have a minimum of five years of experience in one or more of the 10 topic areas (domains) that the exam covers

Test Information:

  • CISSP covers information from the (ISC)² Common Book of Knowledge (CBK), which covers the following topics:
  • Access Control
    • Categories and Controls
    • Control Threats and countermeasures
  • Application Development Security
    • Software Based Controls
    • Software Development Lifecycle and Principles
  • Business Continuity and Disaster RecoveryPlanning
    • Response and Recovery Plans
    • Restoration Activities
  • Cryptography
    • Basic Concepts and Algorithms
    • Cryptography standards and algorithms
    • Signatures and Certification
    • Cryptanalysis
  • Information Security Governance and Risk Management
    • Policies, Standards, Guidelines and Procedures
    • Risk Management Tools and Practices
    • Planning and Organization
  • Legal, Regulations, Investigations and Compliance
    • Major Legal Systems
    • Common and Civil Law
    • Regulations, Laws and Information Security
  • Operations Security
    • Media, Backups and Change Control Management
    • Controls Categories
  • Physical (Environmental) Security
    • Layered Physical Defense and Entry Points
    • Site Location Principles
  • Security Architecture and Design
    • Principles and Benefits
    • Trusted Systems and Computing Base
    • System and Enterprise Architecture
  • Telecommunications and NetworkSecurity
    • Network Security Concepts and Risks
    • Business Goals and Network Security

Cost for Test:

  • Early Registration Fee: $495
  • Standard Registration Fee: $59
  • Required to pay an additional $100 rescheduling fee if you miss the exam

Total Number of People Who Have the Certification:

  • 67,744 as of July 2010

The organization that provides the certification:

  • International Information Systems Security Certification Consortium (ISC2)
    Palm Harbor, FL, USA