The Certified Information Technology Security Systems Professional (CISSP) examination is administered by the International Information Systems Security Certification Consortium or (ISC) 2, a worldwide nonprofit organization devoted to education and credentialing in information technology security. The examination process has been in operation since 1994, and makes use of a 6-hour test that consisted of multiple choice questions until 2014. In the 2014 examination, "advanced innovative" questions were introduced, which may have more than one correct answer. The examination is 6 hours in duration and has 250 questions yielding 1000 possible points, on which a score of 700 or greater is needed to pass.
 |
| Certified Information Systems Security Professional |
The exam is given at numerous Pearson VUE testing centers and can be taken in Korean, Japanese, Spanish, Portuguese, French, German and Simplified Chinese as well as English. The examination fee is $599 US or its equivalent as of 2015. The examination seeks to test knowledge of 8 domains of the Common Body of Knowledge (CBK) which have been codified since 1992. These are software development security, security operations, assessment and testing of security, identity and access management, communication security, security engineering, asset security and risk management. This was done with the traditional multiple choice questions prior to 2014, but the present and future examinations also include "drag and drop" questions, in which the candidate is asked to select answers from one column and drag them to another column, as well as "hot spot" questions, such as those in which the candidate indicates a particular place in a schematic or diagram as the answer.
These new questions are intended to cover wider areas than can be done with standard examination questions, measure a broader range of IT security abilities, test more than the traditional cognitive processes and more accurate replicate the in-the-field experience of IT security. The (ISC)2 has suggested that appropriate candidates for the examination include network architects, security architects and auditors, security directors, IT managers and corporate information security officers, security systems engineers and managers and analysts and consultants working in the field of IT security. The CBK tested in the examination is described in a number of publications and websites, and a revise of the CBK can be obtained from the (ISC) 2. This organization also publishes an outline of the examination, and operates an official training seminar.
Many books and websites offer information useful for CISSP preparation, "boot camps" are available for intensive review prior to the examination and courses are offered by educational institutions and at meetings related to IT security.
No comments:
Post a Comment