Understanding the CISSP exam schedule: Duration, format, scheduling and scoring [updated 2021]
The Certified Information Systems Security Professional (CISSP) qualification is one of the many elite certifications offered by the International Information Security Certification Consortium or (ISC)². This is one of the most sought-after credentials available today. It is a vendor-neutral qualification that encourages candidates to design, create and deploy security systems and protocols within the organization.
What makes this qualification even more prestigious is that you must have a minimum of five years of cumulative, paid full-time work experience relating to two or more of the eight domains of the (ISC)² CISSP common body of knowledge (CBK). Having a four-year college degree or regional equivalent or another credential approved by the (ISC)² will reduce the required experience by one year. Also, if the candidate does not possess the required experience, he or she may become an associate of (ISC)² by successfully passing the CISSP exam and will then have six years to earn the required experience.
Earn your CISSP, guaranteed!
The CISSP exam can be thought of as a tool to measure your ability to mitigate risk and increase security, while performing other IT security-related tasks, such as managing information systems and implementing security procedures. The fact that the CISSP is globally recognized means successful candidates will find ample opportunities regardless of their location.
What is the goal of the CISSP exam?
The goal of the CISSP certification exam is to test your technical skills, professional knowledge and experience in effectively designing, engineering and managing the overall security posture of an organization. The CISSP is the right choice for experienced security practitioners, managers and professionals including chief information security officers, IT directors and managers, security analysts and auditors and security systems engineers.
The exam will take you to the next level in your career by strengthening your skills, boosting your self-confidence and expanding your technical knowledge. The CISSP is DoD 8570.1 approved and is listed in the categories of IAT Level III, IAM Level II, IAM Level III, IASAE I and IASAE II.
CISSP exam schedule, duration and format
Candidates undergo a three-hour English exam consisting of 100 to 150 questions for the computerized adaptive testing (CAT); alternatively, they answer 250 questions in a six-hour testing window if taking the linear, fixed-form test administered in all other languages.
The CISSP exam contains multiple-choice and advanced innovative questions that can take a couple of different forms:
- Drag-and-drop: in this type of question, you need to drag one or more answers from one side of the screen into a box on the other side of the screen. Only drag the correct answer(s).
- Hotspot: questions require you to click on a specific point in a graphic representation, such as a diagram of network architecture. The question will usually ask you to identify where a particular component would be located or where a particular type of attack is likely to originate.
The CISSP examination ensures candidates are competent in the following eight domains:
- Security and risk management (15%)
- Asset security (10%)
- Security architecture and engineering (13%)
- Communication and network security (13%)
- Identity and access management (13%)
- Security assessment and testing (12%)
- Security operations (13%)
- Software development security (11%)
To obtain view all of the exam objectives, you can view and download the CISSP exam outline.
When to schedule your exam
Scheduling will depend entirely on your level of preparedness for the CISSP exam. Give yourself time to study and complete as many practice questions as possible before taking the test. Make sure to use official, certified study materials to gain a thorough understanding of each topic covered, or take a certification preparation course from the many available online for this certification, choosing one that best fits your schedule, needs and learning style.
When you are ready, you’ll need to schedule your exam through the Pearson VUE website to confirm availability near you. Register for the exam by creating an account with Pearson VUE, and you’ll be presented with testing center and date options.
Booking and taking the exam
To book the exam, follow these easy steps to make sure you satisfy all of the requirements:
- Visit the Pearson VUE website
- Create an account and review the non-disclosure
- Select the (ISC)² certification exam you are pursuing
- Schedule your exam
- Select the best test center for your location
- Select an appointment date/time
- Pay for the exam
- Keep your confirmation email
After you complete the above steps, Pearson VUE will transfer your registration information to (ISC)², Inc. You can also register via telephone; the contact numbers for Pearson VUE can be found here.
What are the identification requirements for testing?
When you arrive at the testing center, you’ll need to provide staff with at least two valid forms of identification. The following ID options are acceptable:
- A valid state-issued driver’s license
- A valid state-issued ID card
- A valid military ID
- A valid passport
- A valid green card or resident card
More information regarding the types of acceptable identification to have on exam day can be found here.
What’s the exam arrival process like?
Plan to arrive at least 30 minutes before your CISSP examination is scheduled to begin. It is a good idea to familiarize yourself with the location of the exam center; make sure you are prepared for traffic and other factors that could affect travel time to the testing center. Arriving early also ensures that any identification issues or queries can be addressed without interfering with your certification attempt.
You will be photographed upon arrival and will have to leave all personal belongings outside of the testing room in a secure area. After you sign in, the test administrator will give you a short orientation and then lead you to your computer terminal.
What are the policies for rescheduling, late arrivals and cancellations?
Online cancellations and rescheduling must be done at least 48 hours before the scheduled examination time. Telephone cancellations and rescheduling must be completed at least 24 hours before the appointment. (Note: Pearson VUE charges a rescheduling fee of $50 and a cancellation fee of $100.) After this point, you must either take the test or forfeit your registration fees. Also, If you do not sit for your exam within 365 days of your initial scheduled exam date, you will not be refunded your exam fee.
If you arrive less than 15 minutes before the exam start time, you will be considered late. You will not be able to take the test and will forfeit your examination fee. Candidates are expected to arrive at least 30 minutes before the exam is set to start. The person overseeing the exam will use his or her discretion when deciding whether or not a candidate may take the exam after arriving late. If you are turned away due to late arrival, your exam result will appear in the system as a no-show.
If you fail the test, when can you retake it?
If you do not pass the exam on your first attempt, you will have to wait 30 days before you can retake the test. If you fail a second time, you will have a 90-day waiting period before you can take the exam again. Failing a third time requires a 180-day waiting period. You cannot attempt this exam more than three times in a calendar year, so you must be thoroughly prepared before booking and taking the test.
Note: failing candidates are provided with a breakdown of their proficiency level in each of the domains based on the percentage of questions answered correctly. Candidates are advised whether they reached below, near or above proficiency; this information is important to know the domains that they need to focus on in their further studies.
What is the cost of taking the CISSP exam?
The rates below are correct as of May 1, 2021, and may be subject to change.
- Americas and all other regions not listed below: $749
- Asia Pacific: $749
- Europe: EUR 665
- United Kingdom: GBP 585
- Middle East: $749
- Africa: $749
Scoring: What does it take to pass the CISSP exam?
The passing standard for the CAT version of the CISSP exam is identical to the old linear version, fixed-form test (consisting of 250 questions in a six-hour examination window that is administered in all other languages); it is 700 out of 1000 points.
For more tips on passing your CISSP exam on your first attempt, download our free ebook, CISSP exam tips from students and instructors.
Earn your CISSP, guaranteed!
Preparing and arriving on time for the CISSP exam
The CISSP has been used as a benchmarking tool for cybersecurity experts in the field of information security for years. It is a highly sought-after certification for any IT professionals who are looking to expand their skill sets and grow as security professionals.
The exam requires extensive experience on the part of the test candidate, so sound knowledge and practical hands-on experience are required for anyone who decides to attempt the new CISSP exam.
Sources
- CISSP, (ISC)²
- Exam Pass Guarantee
- Live expert CISSP instruction
- CISSP exam voucher
In this Series
- Understanding the CISSP exam schedule: Duration, format, scheduling and scoring [updated 2021]
- CISSP certification - The ultimate guide [updated 2021]
- The CISSP domains and CBK: An overview
- CISSP certification salary: A comprehensive 2024 salary guide
- Definition & types of access control models & methods (updated 2023)
- CISSP domain 4: Communications and network security — What you need to know for the exam [2022 update]
- CISSP domain 5: Identity and access management — What you need to know for the exam [Updated 2022]
- CISSP domain 7: Security operations — What you need to know for the exam [Updated 2022]
- CISSP domain 6: Security assessment and testing — What you need to know for the exam [Updated 2022]
- CISSP domain 8 overview: Software development security — What you need to know for the exam [Updated 2022]
- CISSP and DoD 8570/8140: What you need to know [Updated 2022]
- Top 10 CISSP interview questions [Updated 2022]
- CISSP domain 1: Security and risk management — What you need to know for the exam
- The ISC2 code of ethics: A binding requirement for certification
- The CISSP experience waiver [updated 2022]
- Earning CPE credits to maintain the CISSP
- Renewal requirements for the CISSP [updated 2022]
- CISSP computerized adaptive testing (CAT): 25 of your questions answered
- CISSP job outlook [updated 2022]
- CISSP resources: Books, practice exams and other study tools [updated 2022]
- CISSP exam questions: 5 drag & drop and hotspot questions
- Risk management concepts and the CISSP (Part 2) [Updated 2022]
- What is the CISSP-ISSAP? Information Systems Security Architecture Professional [updated 2021]
- Average ISSEP Salary in 2021
- Average ISSMP Salary [updated 2021]
- CISSP domain 3: Security engineering CISSP - What you need to know for the exam [2022 update]
- What is the CISSP-ISSEP? Information Systems Security Engineering Professional [updated 2021]
- Information and asset classification in the CISSP exam
- CISSP domain 2: Asset security - What you need to know for the Exam [updated 2021]
- 8 tips for CISSP exam success [updated 2021]
- Risk management concepts and the CISSP (part 1) [updated 2021]
- Average ISSAP Salary in 2021
- What is the CISSP-ISSMP? Information Security System Management Professional [updated 2021]
- CISSP concentrations (ISSAP, ISSMP & ISSEP) [updated 2021]
- Due care vs. due diligence and the CISSP
- CISSP prep: Security policies, standards, procedures and guidelines
- Vulnerability and patch management in the CISSP exam
- Data security controls and the CISSP exam
- Logging and monitoring: What you need to know for the CISSP
- Data and system ownership in the CISSP exam
- CISSP Prep: Mitigating access control attacks
- CISSP Domain 5 Refresh: Identity and Access Management
- Identity Governance and Administration (IGA) in IT Infrastructure of Today
- CISSP CAT Exam Deep Dive: Study Tips from InfoSec Institute Alum Joe Wauson
- CISSP: Incident management
- CISSP: Business continuity planning and exercises
- CISSP: Perimeter defenses
- CISSP: Secure communication channels
- Environmental controls and the CISSP
- CISSP: Disaster recovery processes and plans
- Change management and the CISSP
