The new CISSP exam has caused a stir among CISSP candidates because the test domain weightings have been updated, the format is different, and there’s some new content. So what do you need to know about this new exam? Let’s take a look.
New CISSP Exam Domain Weightings
Here are the new domain weightings. You can use these to guide your study so you spend an appropriate amount of time on each domain.
|1. Security and Risk Management||15%|
|2. Asset Security||10%|
|3. Security Architect and Engineering||13%|
|4. Communication and Network Security||14%|
|5. Identity and Access Management (IAM)||13%|
|6. Security Assessment and Testing||12%|
|7. Security Operations||13%|
|8. Software Development Security||10%|
New CAT Format
The test is now adaptive. The questions change based on your answers and an assessment of your ability that occurs after you answer. Each time you answer a question, algorithms evaluate your ability to get the next question correct based upon previous submissions and the difficulty of previous questions. It is the position of (ISC)2 that CAT provides a more precise evaluation of your competency.
Because the CISSP CAT exam is a variable-length computerized adaptive examination, and the difficulty is based on your previous responses, item review is not permitted. Once you finalize an answer, it may not be reviewed or changed.
In the new CISSP exam, there is now content focusing on the Internet of Things (IoT), security auditing, and secure code development. Make sure you know the security issues associated with IoT devices and understand the importance of a strong personal device policy. Be prepared for questions about the value, roles, and steps of a security audit. You should also be ready to inspect source code or code input, and look for vulnerabilities in applications or potential attacks.
A Mix of Question Types
The exam is no longer just multiple-choice. It now includes drag-and-drop items and hotspot items as well.
Number of Questions and Time
The number of questions depends on how you are performing. It will be between 100 and 150 items, and the time allowed is now 3 hours instead of 6 hours.
No Experience? No Problem
Although you still must satisfy the experience requirements to earn the full CISSP, you can pass the exam and receive an Associate Certification while you gain the experience required for the full CISSP.
Be as Prepared as Possible for the New CISSP Exam
When it comes to studying, why go it alone? CyberVista offers a comprehensive course, practice exams, and exam-focused video eLearning for (ISC)2‘s popular CISSP certification.