Rawf8 - stock.adobe.com
In 1989, (ISC)2 was formed to address the emerging need for a vendor-neutral infosec certification program. Five years after inception, the organization released its Certified Information Systems Security Professional, or CISSP, certification. In 2005, CISSP became the first credential to meet the ISO/IEC Standard 17024 requirements.
CISSP covers a wide swath of topics every IT security pro should understand, categorized into eight Common Body of Knowledge (CBK) domains:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management
- Security Assessment and Testing
- Security Operations
- Software Development Security
At 26 years old, CISSP has become known as the gold standard in infosec certifications. As of July 2020, there are more than 141,000 CISSP members.
CISSP is no easy undertaking. Depending on the applicant's background, it could take months or even years to properly prepare and successfully pass the exam -- preparation that includes independent study, virtual learning and seminars.
Fortunately, there are resources available to help CISSP hopefuls master the CBK domains, including CISSP All-in-One Exam Guide, Eighth Edition written by Shon Harris and Fernando Maymí and published by McGraw Hill.
If the CISSP exam is in your future, take this 16-question quiz, composed of two questions from each CBK domain, to test your knowledge of the material.
As the book notes, "Please remember that these questions are formatted and asked in a certain way for a reason. Keep in mind that the CISSP exam is asking questions at a conceptual level. Questions may not always have the perfect answer, and the candidate is advised against always looking for the perfect answer. Instead, the candidate should look for the best answer in the list."