Skip to content

ISC² CISSP #5

Description

@jacob-kraniak

[Certification] CISSP - Certified Information Systems Security Professional

Status: [Update with your current status, e.g. Certified / In Progress / Backlog]
Target Completion: [YYYY-MM or QX 2026]
Priority: High

Overview

The gold-standard, vendor-neutral certification validating broad knowledge across 8 domains of information security. Ideal for experienced professionals in security leadership, architecture, management, and operations roles.

Official Page: https://www.isc2.org/certifications/cissp
Exam Outline: https://www.isc2.org/certifications/cissp/cissp-certification-exam-outline

Prerequisites / Experience

5 years cumulative, paid, full-time work experience in 2 or more of the 8 CISSP domains (waivers of up to 1 year possible with a qualifying degree or additional credential).

Exam Details

  • Duration: 3 hours (CAT format)
  • Questions: 100-150 (multiple choice + advanced innovative items)
  • Price: ~$749 USD (standard registration; varies slightly by region)
  • Passing Score: 700 out of 1000 (scaled score)
  • Format: Computerized Adaptive Testing (CAT) at Pearson VUE

Domains & Study Checklist (Current weights as of 2024/2025)

  • Domain 1: Security and Risk Management (16%) — Governance, compliance, risk assessment, ethics, policies, BIA, etc.
  • Domain 2: Asset Security (10%) — Data classification, ownership, handling, retention, destruction.
  • Domain 3: Security Architecture and Engineering (13%) — Engineering principles, security models, crypto, secure design, vulnerabilities.
  • Domain 4: Communication and Network Security (13%) — Secure network architecture, communications, components.
  • Domain 5: Identity and Access Management (IAM) (13%) — Access control models, authentication, identity management.
  • Domain 6: Security Assessment and Testing (12%) — Testing strategies, vulnerability assessment, penetration testing.
  • Domain 7: Security Operations (13%) — Investigations, incident management, disaster recovery, resource protection.
  • Domain 8: Software Development Security (10%) — Secure SDLC, software vulnerabilities, coding practices.

Resources & Study Plan

  • Official ISC2 CISSP training (Self-Paced / Instructor-Led)
  • Official Study Guide + Practice Questions
  • Boson / CCCure / other practice exams
  • [Add your specific books, courses, notes, or subscriptions here]

Milestones / Tasks

  • Complete domain-by-domain study & notes
  • Practice exams (target consistent 80%+)
  • Schedule & take exam
  • Pass & claim badge on Credly
  • Update LinkedIn, resume, project board, and start tracking CPEs (120 required every 3 years)
  • Post-cert reflection / lessons learned

Additional Labels: isc2, advanced, architecture, grc, management

Metadata

Metadata

Assignees

No one assigned

    Projects

    Status
    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions