(ISC)² CISSP Exam Gets Major Updates

Have you heard that (ISC)² is changing its most famous certification, the CISSP? Effective April 15, 2015, the CISSP exam will be based on a new exam blueprint. While the full blueprint is available for download from the (ISC)² website, here’s a quick list of topics it will cover:

1. Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)
2. Asset Security (Protecting Security of Assets)
3. Security Engineering (Engineering and Management of Security)
4. Communication and Network Security (Designing and Protecting Network Security)
5. Identity and Access Management (Controlling Access and Managing Identity)
6. Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
7. Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
8. Software Development Security (Understanding, Applying, and Enforcing Software Security)

According to ISC, the CISSP exam is being updated to stay relevant amidst the changes occurring in the information security field. Refreshed technical content has been added to the Official (ISC)² CISSP CBK to reflect the most current topics in the information security industry today. Keep in mind that some topics have been expanded (e.g., asset security, security assessment and testing), while other topics have been realigned under different domains. ISC believes that the new CISSP exam will better reflect the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization’s information security program within an ever-changing security landscape.

Although the blueprint has gone down from 10 domains to 8, don’t be tricked into thinking that the exam has gotten easier – it’s not. The topics have been rearranged and refreshed, and the amount of information candidates should be proficient with has actually increased, not decreased.

The CISSP exam tests one’s competence in information security and  the (ISC)²^® common body of knowledge (CBK^®), which cover critical topics in security today, including risk management, cloud computing, mobile security, application development security and more. Candidates must have a minimum of five years of paid full-time work experience in 2 of the 10 domains. This vast breadth of knowledge and the experience it takes to pass the exam is what sets the CISSP apart. CISSP certification makes holders eligible for job functions like security consultant, security analyst, IT director, Chief Information Security Officer, and many more. CISSP certification is associated with some of the highest salaries in IT industry.

• Category: isc
• Tags: certification, cissp, exam, exam updates, exams, isc, isc2, it certification, it certification exam, it certification exams, it certifications, it security, security, updates