ISC2 CISSP

Your ultimate CISSP FAQ

Firebrand Training wheel
Thiago Earp
09 September, 2015

The ISC2 Certified Information Systems Security Professional (CISSP) is a very popular and prestigious IT certification.

Here are the questions we receive most often about it.

What is CISSP?

CISSP stands for Certified Information Systems Security Professional. Achieving the certification proves you are accomplished at the management level of information security. Developed by the globally recognised ISC2, CISSP has become established and well-respected within the industry and is now a key component in the selection process of Chief Information Officers.

What does the CISSP course cover?

CISSP begins by ensuring that you understand the concepts and principles behind information security and why they are important. You’ll then learn how to protect your business from various angles and how to apply management skills to information security through ISC2’s eight domains.

Everything you’ll cover will be from the ISC2 CISSP Common Body of Knowledge (CBK). This ensures what you learn is approved and thorough, covering all components of information security management.

The 8 domains are:

  • Domain 1 – Security and Risk Management
  • Domain 2 – Asset Security
  • Domain 3 – Security Engineering
  • Domain 4 – Communication and Network Security
  • Domain 5 – Identity and Access Management
  • Domain 6 – Security Assessment and Testing
  • Domain 7 – Security Operations
  • Domain 8 – Software Development Security

How does CISSP help me on a daily basis?

The skills you learn on your CISSP course will improve the depth of your knowledge, filling in gaps, and making you more skilled at what you already know and do. You will also become more proficient and prepared for dealing with a vast range of security threats.

For example, the breadth of topics covered ranges from Cryptography to Implementing Disaster Recovery processes. Whatever your current or future job role in information security, you’re sure to gain knowledge and skills that will help you on a daily basis.

Who is CISSP for?

CISSP is an advanced certification. This means it is directly aimed at senior and experienced security professionals who will realistically be able to pass the exam and find it useful.

That being said, anyone looking into senior information security roles can target the CISSP as a long-term goal. Even if you’re not quite the perfect candidate to take CISSP yet, there’s nothing stopping you in the long term!

What jobs can I do with a CISSP?

CISSP has the potential to lift you into security roles that are the pinnacle of the field.

Here is just a small sample of job roles you could access after becoming CISSP-certified:

  • Chief Information Security Officer
  • IT Security Consultant
  • Senior Security Engineer
  • Head of Cyber Strategy
  • Security Specialist
  • Chief Security Architect
  • Security Assurance Analyst
  • Technology Consultant Manager
  • Cyber Security Senior Manager
  • Information Risk Manager
  • Head of Risk & Compliance



How much can I expect to earn with CISSP?

The salary you can earn depends on your full skillset, including CISSP, and the job roles listed above do have varying salaries.

According to itjobswatch.com, the lower tier of the jobs you could be doing average salaries between £40,000-£50,000. These are roles like IT Security Consultant, Security Specialist, and Security Assurance Analyst.

More senior roles like Chief Information Security Officer, Head of Cyber Strategy, Chief Security Architect, and Cyber Security Senior Manager average salaries between £70,000-£100,000. CISSP is one of the best certifications as a gateway to such high-level jobs with that kind of salary and responsibility – especially in a field with such intense competition.

Can anyone take the CISSP course?

Because CISSP is such an advanced certification, there are prerequisites you must meet before you're able to sit the course.

Initially, you must have at least five years of professional information security experience as well as a university degree. The nature of the security industry also requires you to agree and commit to the Code of Ethics and criminal history check. On top of this, after passing the certification, your application must be endorsed by another qualified information security professional.

However, do not be put off. These prerequisites are only in place to ensure that you and have the experience and ability to pass the course and put what you’ve learnt into practice in the real world afterwards.

What happens if I don’t meet the prerequisites?

If you don’t currently meet the requirements for CISSP, ISC2 offer a range of courses for various experience and skill levels.

For example, the Systems Security Certified Practitioner (SSCP) is designed for those who don’t meet the CISSP prerequisites. Also developed by ISC2 from its CBK, it covers seven very similar domains at a lower level. As a bonus, SSCP only requires one year of experience in information security – a fantastic stepping stone to get you onto CISSP.

In addition, many other Security certifications can help boost your skills. From the EC-Council Certified Ethical Hacker (CEH) to CompTIA Security+, there's a certification out there than can help you get the skills you want in the security industry, whatever your current situation.

What is the CISSP exam like?

The CISSP exam consists of 250 multiple-choice, four-option questions that you have six hours to do. It's a tough exam, but don’t feel daunted — it just takes commitment and hard work.

It’s also worth noting that exam questions change every two weeks, so you’re not facing the same questions each time!

What happens if I fail?

It's up to you — will you give up or try again? According to ISC2 policy, you can retake an exam 3 times in a year. If it’s the first time you’ve failed, you’ll be able to sit another exam just 30 days later.

How can I get CISSP-certified?

CISSP is one of the most popular courses we offer at Firebrand. Our accelerated course takes only six days and ends with the official ISC2 exam, allowing you to return to work certified in record time. Interested? See the course dates and register.

Get CISSP-certified with Firebrand

For the past twelve years in a row, we’ve been named one of the Top 20 IT Training Companies in the World.

We offer accelerated courses and training solutions to develop core IT skills.

Perhaps one of them is right for you?