You are here:
Home »
Blog »
Other Accounting Certifications »
Best CISSP Online Training + CISSP Certification Ultimate Guide No ratings yet.

Best CISSP Online Training + CISSP Certification Ultimate Guide

By Susan L.
/ 2 COMMENTS

The CISSP certification is one of the most in-demand cybersecurity credentials. But is the CISSP the best choice for your career? And if so, do you know how to get the certification or where to find CISSP exam prep? Therefore, I’ll answer these questions and more in this ultimate guide to becoming a Certified Information Systems Security Professional. Plus, I’ll give my reviews on CISSP bootcamp programs and tell you where to find a good CISSP study guide.

What is CISSP?

The Certified Information Systems Security Professional (CISSP) certification was created by (ISC)² in 1994. As a result, you may already know that (ISC)² is the world’s foremost non-profit organization for security professionals. Therefore, the CISSP credential proves professionals have skills in the design, implementation, and management of effective cybersecurity systems. Plus, CISSP professionals control risks by executing security policies that keep their companies safe. And you can only become a member of (ISC)² once you have your CISSP in hand.

Who Needs the CISSP Certification?

The CISSP meaning is clear to anyone who reads it on your resumé. After all, it signals that you have a high level of skills needed to oversee an organization’s security systems. So really, the CISSP certification is for anyone who wants to sharpen their skills through CISSP test prep.

But mainly, the CISSP certification is intended for high-achieving professionals who already have experience in security systems. For example, if you fill any of the following roles, you may want to consider the CISSP:

Chief Information Security Officers
Cloud Security Managers
Directors of Security
IT Directors
IT Managers
Security Managers
Security Systems Engineers
Network Architects
Security Analysts and Auditors
Security Consultants

Benefits of the CISSP Certification

If you reach your goal of a CISSP certification, you can expect several benefits to your career:

More respect from your potential employers, peers, and clients.
Likewise, more opportunities for career advancement.
Versatile skills you can apply to multiple technology products and vendors.
Advanced knowledge that makes you better prepared for tomorrow’s security threats.
Additionally, you have higher salaries (up to 35% more) than your peers who are not members of (ISC).²

CISSP Certification Requirements

You can get the certification through the following CISSP prerequisites:

1. Learn about the CISSP certification exam

The CISSP exam covers everything you must know to be a successful information systems security professional. In the section below, you’ll find more information about the CISSP exam, including the exam format and information about the 8 domains (content areas) of CISSP.

The CISSP exam has two types of questions:

Multiple-choice questions, or MCQs. Some of the MCQs are fairly straightforward. However, others can be tricky and may ask you to identify the “best” or “most likely” answer.
What (ISC)² refers to as “advanced innovative items” that are most hands-on than MCQs and really test your skills.

2. Get your required education and/or work experience

You can sit for the CISSP exam once you have met the work experience requirements. Basically, you must have worked in at least 2 of the 8 content domains. (In a section below, you’ll find more information about the domains and the CISSP Common Body of Knowledge, or CBK.)

Here are your options:

Earn at least 5 years of cumulative years of paid, full-time experience in a minimum of 2 of the 8 domains in the CISSP CBK.
Have at least 4 years of experience in 2 of the 8 domains PLUS a four-year college degree.
Complete at least 4 years of experience in 2 of the 8 domains PLUS an advanced information security degree from the U.S. National Center of Academic Excellence in Information Assurance Education.
Have at least 4 years of experience in 2 of the 8 domains PLUS another credential approved by the (ISC)². You can get the full list here, but it includes other popular certifications like the CISM (Certified Information Security Manager) and CISA (Certified Information Systems Auditor).

However, you can actually take the exam before you have all of the needed CISSP requirements for experience. (ISC)² will allow you to take the CISSP exam. Upon passing, you have 6 years to meet the experience requirement and become certified.

3. Register for a CISSP course and exam and start studying

Once you think you’re ready to prove yourself as a CISSP professional, it’s time to register for a prep course and start studying for the exam. You’ll find some course reviews below.

4. Create a Pearson VUE account

You will take the exam at a Pearson VUE testing center. Luckily, there are Pearson centers all over the globe. So you can take the CISSP exam from just about anywhere. You must start by creating an online account with Pearson. Once you do that, you can find a test center near you and see when you can take the exam. Then, you can schedule or reschedule your test. (*Hint: When you’re searching the program list on the Pearson website, find the CISSP exam under ISC2.)

5. Take and pass the CISSP exam

When you create your Pearson VUE account, you’ll find a list of what to bring to the testing center. For instance, you’ll see information about acceptable forms of ID. Moreover, the CISSP passing score is 700 out of 1,000 scaled points. So depending on which version of the exam you take, you’ll have to answer 100 to 250 CISSP exam questions. If you failed a CISSP exam, don’t worry. Just re-focus your study efforts, take more CISSP practice tests, and re-schedule your exam.

6. Get your CISSP certification and celebrate!

After you pass the CISSP exam, the next step in your journey is to complete the CISSP endorsement process. The (ISC)² will direct you to an online portal where you can verify your work experience and agree to the (ISC)² Code of Ethics. Next, you’ll have 9 months from the date of your exam to complete the endorsement process. Then, you need to become a CISSP (ISC)² member by paying your $125 annual maintenance fee. You can only join the elite group of (ISC)² members after you’ve passed the CISSP exam. In fact, the organization only has about 141,600+ members, so you’re becoming part of an exclusive cohort of cybersecurity professionals.

7. Get your CPEs

To maintain your membership, you need to complete 120 CPE (continuing professional education) hours every 3 years. However, you have several options for your CISSP CPE hours. You could enroll in education opportunities like approved webinars, take an online course, or attend a conference, for instance. Or, you could publish an article, book, or even a whitepaper on topics related to information security systems. (ISC)² also grants CPE hours for volunteering for charitable organizations.

How to Prepare for the CISSP Exam

1. Learn the 8 Domains of CISSP

(ISC)² uses the term “domain” to refer to the broad topics that are tested on the CISSP exam. Therefore, you should master these topics before you sit for the exam. In the list below, you’ll find the 8 domains and the weight of each in the CISSP exam.

1 Domain: Security and Risk Management – 15%
2 Domain: Asset Security – 10%
3 Domain: Security Architecture and Engineering – 13%
4 Domain: Communication and Network Security – 14%
5 Domain: Identity and Access Management (IAM) – 13%
6 Domain: Security Assessment and Testing – 12%
7 Domain: Security Operations – 13%
8 Domain: Software Development Security – 10%

According to the (ISC)², each domain covers the following sub-topics.

Domain 1: Security and Risk Management

Understand and apply concepts of confidentiality, integrity, and availability
Evaluate and apply security governance principles
Determine compliance requirements
Understand legal and regulatory issues that pertain to information security in a global context
Understand, adhere to, and promote professional ethics
Develop, document, and implement security policies, standards, procedures, and guidelines
Identify, analyze, and prioritize Business Continuity (BC) requirements
Contribute to and enforce personnel security policies and procedures
Understand and apply risk management concepts
Understand and apply threat modeling concepts and methodologies
Apply risk-based management concepts to the supply chain
Establish and maintain a security awareness, education, and training program

Domain 2: Asset Security

Identify and classify information and assets
Determine and maintain information and asset ownership
Protect privacy
Ensure appropriate asset retention
Determine data security controls
Establish information and asset handling requirements

Domain 3: Security Architecture and Engineering

Implement and manage engineering processes using secure design principles
Understand the fundamental concepts of security models
Select controls based on systems security requirements
Understand the security capabilities of information systems
Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
Assess and mitigate vulnerabilities in web-based systems
Assess and mitigate vulnerabilities in mobile systems
Assess and mitigate vulnerabilities in embedded devices
Apply cryptography
Apply security principles to site and facility design
Implement site and facility security controls

Domain 4: Communication and Network Security

Implement secure design principles in network architectures
Secure network components
Implement secure communication channels according to the design

Domain 5: Identity and Access Management

Control physical and logical access to assets
Manage identification and authentication of people, devices, and services
Integrate identity as a third-party service
Implement and manage authorization mechanisms
Manage the identity and access provisioning lifecycle

Domain 6: Security Assessment and Testing

Design and validate assessment, test, and audit strategies
Conduct security control testing
Collect security process data
Analyze test outputs and generate reports
Conduct or facilitate security audits

Domain 7: Security Operations

Understand and support investigations
Understand the requirements for investigation types
Conduct logging and monitoring activities
Securely provisioning resources
Understand and apply foundational security operations concepts
Apply resource protection techniques
Conduct incident management
Operate and maintain detective and preventative measures
Implement and support patch and vulnerability management
Understand and participate in change management processes
Implement recovery strategies
Implement Disaster Recovery (DR) processes
Test Disaster Recovery Plans (DRP)
Participate in Business Continuity (BC) planning and exercises
Implement and manage physical security
Address personnel safety and security concerns

Domain 8: Software Development Security

Understand and integrate security in the Software Development Life Cycle (SDLC)
Identify and apply security controls in development environments
Assess the effectiveness of software security
Assess the security impact of acquired software
Define and apply secure coding guidelines and standards

2. Learn the CISSP exam format and delivery

The CISSP exam is available in 7 different languages: Brazilian Portuguese, Chinese (simplified), English, French, Japanese, Korean, and Spanish. In addition, a version is available for visually impaired candidates. Moreover, the non-English versions use linear, fixed-form exams that have 250 items to answer. You can take up to 6 hours to finish the exam.

CISSP CAT

However, if you take the exam in English, you’ll take the CISSP CAT or Computerized Adaptive Testing exam. The CISSP CAT has 100-150 questions that tailor the difficulty of each question to your individual ability. Your first question will be of a difficulty that is below the passing standard. Based on your answer, a scoring algorithm starts to estimate your skills and gives you questions accordingly. The best part of a CAT exam is that it allows you to prove your knowledge with fewer questions. So you’ll finish the exam sooner, maybe as little as half the time as a standard, fixed-form exam. But unlike the fixed-form version that gives you 6 hours to complete, the CAT exam must be completed in 3 hours.

So depending on which version you take, you’ll see between 100 and 250 questions.

The exam results are scaled to a range between 0 and 1000 points. CISSP questions are assigned a different number of scale points based on their difficulty, so it’s important not to skip the hard questions because they can be worth many points. The passing score, also referred to as a “cut score,” is 700.

3. Find the right CISSP training

When it comes to studying for the CISSP exam, you have three choices:

Option 1: Go it alone

In theory, you could go to the bookstore or library, read material recommended by (ISC)², and study for the CISSP exam on your own. After all, you may have confidence in your abilities because you’ve already worked in the field for several years. But keep in mind that the CISSP exam covers 8 domains. Most security systems positions don’t require you to work in all 8 domains, so it’s likely that you have some content gaps. But if you don’t follow a CISSP study guide or take any CISSP practice exams, the CISSP difficulty might surprise you on exam day.

Option 2: Enroll in an official (ISC)² training program

(ISC)² delivers training programs to get you ready for the CISSP exam. They have also partnered with other companies to provide official training materials like a CISSP official study guide and CISSP official (ISC)² practice tests. Some candidates prefer the official training programs. However, others feel that the (ISC)² programs present too much information. That is, they give equal weight to all concepts and topics, even though they aren’t equally covered on the exam.

Option 3: Enroll in a third-party review provider course

Several review providers on the market offer CISSP training courses that teach you everything you need to pass the exam. The prices and coverage of the study materials, so I’ve included some reviews of popular courses below. Although they’re all a little different, most training courses come with CISSP sample questions, CISSP notes, and timed practice exams. Students may have the option of in-person training or CISSP online training. Plus, you will find that some companies have CISSP boot camp programs that provide intense study sessions over a relativity short amount of time.

4. Download reliable free CISSP certification material

Before you take the CISSP exam, you should download and review the Certification Exam Outline from (ISC)².

However, be careful with sites that claim to have a free CISSP practice exam or sites that advertise a CISSP test dump. The exam changes from time to time, so I wouldn’t waste my time with this outdated content.

CISSP Training

If you’re looking for some recommendations about CISSP training programs, look no further! When you’re narrowing down your choices, think about the following:

First, do you want in-person or online study?
Second, does the training program have an access length that is long enough for you to study?
More importantly, is the training program led by CISSP experts?
In addition, does the training program meet your learning style? That is, if you learn best by going over and over CISSP practice questions, look for a program with a big CISSP question bank. Or, if you like to study on the go, consider a program with a CISSP audiobook.
Does the training have practice exams? For example, the best CISSP practice exams are timed and replicate the look, feel, and pace of the real CISSP exam.

	Our #1 Pick?	Access Length	In-Person Training Available?	Practice Exams Available?	Free Trial Available?	Price (before discounts)
Certified Information Security 2023 CISSP SuperReview	Yes	180 days	No	Yes – includes 8 timed mock exams	Yes – free Lesson 2 from CISSP Domain 3	$1,795.00
Infosec Institute CISSP Certification Boot Camp + Infosec Skills	No	90 days	Yes	Yes	Yes – 7 days	$5,368.00
Official (ISC)²CISSP Self-Paced Training with Exam Voucher	No	180 days	No	Yes	No	$1,260.00
CISSPExam Practice.com CISSP Certification Bootcamp On-Demand Course + Professional CISSP Practice Exams	No	180 days	No	Yes, but only with CISSP Practice Exams package (practice exams not included with bootcamp)	No	$698.00 for CISSP Certification Bootcamp On-Demand Course = $698; Professional CISSP Practice Exams = $59
Eleventh Hour CISSP Study Guide – 3^rdedition	No	N/A	No	No	N/A	$29.95

Certified Information Security

If you’re looking for a top-notch CISSP training course that is available online and on-demand, I urge you to consider the Certified Information Security 2023 CISSP SuperReview. Furthermore, you can be confident of their expertise because the company has been offering this training since 2006. And the online content is updated twice per year, so you know it’s always relevant.

Certified Information Security makes studying for the CISSP exam easy because they only teach you what you need for the exam. So don’t expect extra material that you don’t need to master to pass the CISSP test.

CISSP SuperReview package

With the 2023 CISSP SuperReview package, you’ll get the following:

5 narrated hours of course content
1,200 unique practice questions
8 timed mock exams
6 months of access to online materials
40 CPE credits when you complete the course

Allen Keele prepares and narrates all of the video lessons. What is more, Keele is a security systems expert with a long list of credentials, including CISSP, CFE, CISM, and CRISC. I subsequently suggest that you only review with professionals like Keele.

Plus, I really appreciate the personal support you get with the 2023 CISSP SuperReview. For instance, the course includes a one-on-one coaching videoconference with Allen Keele. Therefore, this feature allows you to get help with those tough concepts that you haven’t quite mastered.

And in the event that you fail the CISSP exam, the Certified Information Security training comes with a guarantee. Moreover, f you don’t pass the exam within 6 months from the time of your purchase, you can extend your training for another 6 months for free. You can’t beat a guarantee like that.

Official (ISC)² CISSP Self-Paced Training with Exam Voucher

Like I said before, you can choose to study with a third-party provider or directly from the (ISC)²itself. The Official (ISC)² CISSP Self-Paced Training provides an in-depth review of information security topics and best practices. It also gives you an intense review of all 8 domains on the CISSP exam. And just as importantly, all of the instructors are CISSP-holders and are experts in the field.

The Official (ISC)² CISSP Self-Paced Training includes:

300+ video lessons for a total of 30 hours
Flashcards
Learning activities and knowledge checks
40 CPE credits

Plus, if you get the bundle that includes an exam voucher, the price of the CISSP exam registration fee (a $699 value) is included in the purchase price.

Infosec Institute

The Infosec Institute is another option to consider for CISSP training. After all, the institute’s CISSP Certification Boot Camp is a popular choice for CISSP candidates that can afford the price tag. The program is geared toward information security officers, security systems administrators, security engineers and consultants, and anyone who manages security strategies.

The Infosec Institute Boot Camp has two main components: live CISSP training plus access to Infosec Skills.

The Infosec Institute’s live training is taken over 6 days. Experts lead students through learning modules that teach you everything you need to know for the CISSP exam. On the 7^th day of the boot camp, students are given time to take the exam.

Infosec Skills

Plus, all Infosec Institute boot camp students get access to Infosec Skills:

1,00 hours of on-demand skill training
2,000+ practice questions
Unlimited practice exam attempts
150+ hands-on labs and projects
80+ role-based learning paths

If you might be interested in the Infosec Institute boot camp, check out the company’s free 7-day trial of Infosec Skills. If you are someone who thrives on in-person, classroom-style instruction, check out their CISSP boot camp.

CISSPExamPractice: Bootcamp and practice exams

Another review provider to consider is CISSPExamPractice.com from SSI Logic, which offers a CISSP Certification Bootcamp On-Demand Course and a Professional CISSP Practice Exams package. They are both available online, and candidates don’t need to download additional software or plug-ins.

CISSP Certification Bootcamp On-Demand Course

The on-demand CISSP boot camp is an intense and comprehensive self-study course. It comes with the following:

15+ hours of interactive course lessons
CISSP study guide, which teaches you the key concepts covered in each course session
CISSP chapter quizzes
18 CUE credits from (ISC)²

The boot camp was created by subject matter experts who understand what it takes to pass the CISSP exam. Candidates benefit from interactive training lessons, which incorporate real-world situations to reinforce concepts. Plus, the instructors are all veterans in their field with many years of experience.

The entire boot camp course is available online. What’s more, you can access it on your computer or even mobile devices. However, you must be connected to the internet to use the course. The lessons are self-paced, so you can start and stop as needed. Therefore, this type, of course, is good for CISSP candidates with busy schedules who need on-demand learning.

Once you reach each milestone in the interactive lessons, you’ll have the opportunity to take a quiz that tests your knowledge. However, the boot camp itself does not include any practice exams. Therefore, I suggest purchasing the Professional CISSP Practice Exams from CISSPExamPractice, too.

CISSP practice exams

In addition to the boot camp, you can also purchase the Professional CISSP Practice Exams package, which is offered separately. This package includes the following:

Access to 1,000+ practice CISSP questions
19 mock exams that test the CISSP domains
Personalized reporting that tracks your performance as you practice exams
Free Exam Tip Guide

With this package, you get access to hundreds of sample CISSP questions that have been structured into practice exams. Or, you can take targeted practice exams focusing on specific CISSP domains, in case you only need to practice certain content. And finally, you can even create your own practice exams based on the unique material you want to drill. Additionally, all of the practice CISSP questions include detailed answer explanations. Without this feature, it’s hard to learn the exam content by practicing MCQs. And the questions are designed to be a little harder than the ones you’ll see on the real CISSP exam.

This online platform, which allows you to answer over a thousand practice questions, mimics the look and functionality of the real testing environment. That is, not only does it have the types of questions as the real exam, but the mock tests are also timed. This way, you can master the critical pacing of exam questions and won’t feel rushed on exam day.

One of the most important features of the CISSPExamPractice platform is that it tracks and analyzes your performance. So you can see your strengths and weaknesses and study accordingly.

11^th Hour CISSP

Finally, I want to give my review of the Eleventh Hour CISSP Study Guide books. Author Eric Conrad and his team of experts have prepared this CISSP study guide for students who prefer self-study. Moreover, the guide reviews the content of each of the CISSP domains and reviews what will be on the CISSP exam. You can subsequently purchase it online and from major booksellers.

However, if you go this route, make sure you purchase the most up-to-date edition. For example, the 1st edition goes over the ten domains…but there are only eight now. And the books don’t come with any practice exams, which are critical to a successful study plan. Plus, some candidates have complained that the Eleventh Hour material does not go in-depth enough to pass the exam. Therefore, you might want to consider it as a final review right before exam day. But otherwise, I recommend that you stick to a more comprehensive review provider.

Best CISSP Review

Although there are several good CISSP review providers on the market, the winner today is Certified Information Security. The course has plenty of material to study but doesn’t burden you with content that won’t be on the CISSP exam. The timed mock exams, each with 150 unique questions, are additionally a great study tool. Plus, the one-on-one coaching session with the course author can be the last study push you need to pass the exam. And you can’t go wrong with the company’s guarantee, so you can extend your access for 6 months if you happen to fail the CISSP exam.

I urge you to take advantage of the 2022 CISSP SuperReview free trial. Once you sign up, you’ll get to access Lesson 2 from CISSP Domain 3 for free.

FAQs

What does CISSP stand for?

CISSP = Certified Information Systems Security Professional

What is a CISSP certification?

“CISSP” refers to an information systems security professional who has passed the CISSP certification exam offered by the non-profit membership organization (ISC)².

Should I consider a CISSP concentration?

If you want to challenge yourself, consider a CISSP concentration. (ISC)² offers three of them:

CISSP-ISSAP (Information Systems Security Architecture Professional)
CISSP-ISSEP (Information Systems Security Engineering Professional)
CISSP-ISSMP (Information Systems Security Management Professional)

To qualify for these exams, you must first be a CISSP in good standing and have at least two years of paid work experience in these specific fields. You can find more information from (ISC)².

What is the CISSP pass rate?

The (ISC)² does not publish the pass rate of the CISSP exam. However, some experts think the pass rate is only about 20%.

What is the CISSP exam cost?

The following is the list of CISSP exam fees:

Registration in the Americas, Asia Pacific, the Middle East, or Africa: U.S. $699
Europeon registration: EUR 650
Registration in the United Kingdom: GBP 560
Exam reschedule fee: U.S. $50
Exam cancellation fee: U.S. $100

What is the CISSP certification cost?

Your overall certification cost will depend on the study materials you choose. However, here’s a basic breakdown:

Study materials and CISSP training program: Varies
Exam registration: U.S. $699
Travel expenses to a Pearson VUE test center: Varies

Where can I find good CISSP certification books?

If you prefer self-study and are looking for some good books to purchase, (ISC)² keeps a list online. In short, these books explain the content you need to master to pass the CISSP exam.

Where can I take the CISSP certification exam?

You can sit for the CISSP exam at a Pearson test center that has been approved by (ISC)². Click here for a searchable database to find a test center near you.

Where can I find the CISSP exam schedule?

Once you create a Pearson VUE account, you’ll be able to log in and see the CISSP exam schedule.

What is the CISSP retake policy?

If you fail a CISSP exam, you can retake it. Log into your Pearson VUE account to reschedule a failed exam after paying the additional registration fees.

Can I find out what CISSP certification questions I missed?

No—(ISC)² does not tell you what questions you missed or the correct answers to those questions. In fact, you don’t even get your raw score. Therefore, you don’t know how many questions you answered correctly or your overall percentage of correct questions. Instead, the (ISC)² only sends your scaled score.

However, if you fail your exam, (ISC)² will at least send you a ranked order of how you did in each domain. Most importantly, this will help you focus your studies as you plan to retake the exam.

What is a CISSP exam voucher?

Companies and exam review providers can purchase bulk CISSP exam vouchers. After that, the exams can be transferred to individual candidates after purchase. This exam voucher is, therefore, an easy method for companies to pay for their employees’ exam fees.

When will I find out my CISSP exam score?

You’ll get an official score onsite right after you finish your exam. Later, you’ll receive an email from (ISC)²with your official results.

What is an average CISSP salary?

According to (ISC)², the average CISSP salary is about U.S. $131,030.

What about CISSP vs CISM?

CISM, or the ISACA Certified Information Security Manager credential, is another IT security certification. In some ways, they are similar. For instance, they both require 5 years of relevant experience. In addition, they aren’t specific to any particular vendor and require CPE hours to maintain.

But to clarify, the certifications do differ in their focus. In other words, the CISM credential emphasizes management principles. The CISSP has both managerial and technical aspects, on the other hand. Plus, the CISSP certification is more widely known.

What about CISA vs CISSP certification?

Some CISSP candidates also consider the CISA certification or the ISACA Certified Information Systems Auditor credential. After all, CISSP is best for candidates who want a certification that covers a wide range of cybersecurity issues. Besides, if you have the CISSP, you’ll be eligible for many different jobs in the field. The CISA, however, only focuses on IT audits. So really, your intended career path will inform which certification is best for you.

Final Thoughts – Is CISSP Worth It?

I’m not going to lie: The CISSP is a lot of work. In other words, between needing 5-6 years of relevant experience and passing a tough exam, getting your certification is a long journey. However, if you’re serious about your career in information security systems, it might be worth it. After all, once you have that CISSP credential in hand, you’ll likely see more job opportunities and greater respect from your peers.

About the Author Susan L.

25 Nov, 2020

CRMA Exam Changes: CRMA 2021 Updates

03 Oct, 2018

Best CPA Course Discounts: 2023 CPA Review Coupons — CPA Exam Prep

18 Jan, 2018

IIA Certifications: CIA, CGAP, CFSA, CCSA, CRMA (Confused?)

04 Dec, 2017

How to Become a CCSA in Internal Audit?