The short and somewhat flippant answer to your question is:
- Have three or more years of on-the-job security experience
- Take and pass the CISSP exam
- Sign the ISC-squared's code of ethics
- Meet continuing education/re-certification requirements
The best way to really scope this out is to visit the ISC-squared Web
site at www.isc2.org. In particular, you will find the following URLs
Process for becoming a CISSP
About CISSP certification
I also recommend that you obtain a good study guide, some practice tests and start working your way through some serious bibliography to get ready for this exam. You will find the Shon Harris "CISSP All-in-One Exam Guide" (Osborne/McGraw, 2002, ISBN: 0072193530) and my forthcoming Sybex book, CISSP Study Guide, by Ed Tittel, Mike Chappell and James Michael Stewart to be useful resources.
Likewise, I recommend the following online resources beyond those you'll find at cramsession.com:
- CISSP Study Guides: The Web portal for the certified information systems security professionals. Exam guides, CISSP career, discussion forums and access to custom training services. (www.cissps.com)
- CISSP Open Study Group: Probably the most comprehensive collection of pointers and information available anywhere. (www.cccure.org) A condensed version of this information also appears at Clement Dupius' Resources for the CISSP Study Guide.
- Dan Houser's CISSP Study Guide List Version 3.2
This should be more than enough information to get you started. Good luck!
For more information on this topic, visit these other SearchSecurity.com resources:
Careers and Certifications Tip: Security certification CISSP
Ask the Expert: Passing grade and study preparation for CISSP
Ask the Expert: Advice on preparing for the CISSP
News & Analysis: CISSPs 'know' security
This was first published in January 2003