CISSP Exam (2022-23) Changes- Everything You Need To Know

By Michael Warne 01-May-2023
CISSP Exam (2022-23) Changes- Everything You Need To Know

The CISSP certification is among the most valued and highly regarded IT and information security certifications in the world. Having this credential to your name proves that you are among the top professionals in the cybersecurity domain today with a host of experience and knowledge.

Everything You Need to Know About the CISSP-CAT Process:

The original exam for the CISSP certification was a physical bubble-based exam made up of 250 questions. Candidates had six hours to complete this test. Since its revision in 2015, the new CISSP exam became available as a CBT (computer-based testing) option offered through Pearson VUE test centres. However, the number of questions covered and the six-hour time limit remained the same. With another revision in 2018, the ISC2 introduced the CISSP-CAT exam delivery method that is still being used today. CAT is short for Computer Adaptive Test.

The CISSP credential is available in several languages. The CISSP-CAT exam delivery method that ISC2 has employed is only used for the English version of the exam. For languages other than English, the six-hour version with 250 linear questions is still in use today. 

In a CISSP-CAT exam, students must view at least 100 questions and at most 150 questions in a three-hour period. Out of the first 100 questions that they attempt, only 75 questions are marked and contribute to your final score. The non-graded 25 questions are interspersed among the 100 questions. These questions help in evaluating future test questions. 

Your assessment is based only on the last 75 questions that are graded out of 100. As soon as you answer question 101, question 1 gets discarded and 101 replaces it. When you answer question 102, the same process is repeated with question 2 and 102, and so on. As questions continue to get dropped from consideration, they no longer contribute to your failing or passing the exam. They get replaced by questions that you’ve answered from the same domain. Thus the exam can maintain the percentages of domain coverage. 

Instead of focusing on collecting enough points to go over the line, the ICS2 measures your skills of knowledge demonstration in the context of a concept known as the passing standard. ISC2 doesn’t openly define the level of achievement needed to meet this passing standard. Experts and certified professionals place it somewhere near a score of 70% in every domain. 

When you arrive at the 100th question, the testing system measures your potential for passing the exam by meeting the standard. If it estimates that your potential to pass is at least 95%, the test ends with a PASS score. If the system estimates your potential to fail is 95% or more, the test ends with a FAIL score. If the system cannot determine the likelihood of passing or failure by the time it reaches 100 questions, it evaluates again till it reaches question 150.

Also Read: Average Annual Salary of a CISSP Certified Professional in 2023

Changes in Domain Weightage in the CISSP Certification Exam (2022-23):

You can think of domains as smaller groups of topics that have been organised by the ISC2. This grouping is based on a cybersecurity industry survey in the annual JTA (Job Task Analysis) widely known as the Cybersecurity Workforce Study.

According to this grouping, there are eight domains in the CISSP certification exam. These domains are regularly updated to match advancements in security standards and technology. The last update was done in 2021, and in 2018 before that. However, the only significant change seen in the new 2021 edition is the reduction of questions covered under Domain 4 by 1% and an increase in topics covered under Domain 8 by 1%. 

Learning Objectives of the CISSP Certification:

As a candidate who has enrolled in a CISSP certification training course, you stand to gain the following:

  • All the skills necessary for becoming a certified CISSP professional.
  • A wider perspective and holistic view of all the aspects of information security within an organisation.
  • The ability to define the design, management and architecture of IT security.
  • A comprehensive understanding of every domain that is covered in the exam and prescribed by the ISC2 in the CISSP CBK.
  • The skills to optimise an enterprise’s security operations.
  • The expertise to access control systems as well as multiple methodologies complementing governance and IT security within an enterprise. 

CISSP Exam Overview:

The CISSP or Certified Information Systems Security Professional credential is made up of 150 multiple-choice questions that you must answer in 180 minutes or 3 hours. You need to pay an exam fee of $699 before you can sit for the exam. Candidates also need to achieve 70% or 700 points out of 1000 to clear the exam. 

The CISSP certification exam is available in English, French, Brazilian Portuguese, German, Japanese, Spanish, Korean and Simplified Chinese. There are slight differences in the exam duration and number of questions in the English version and the other versions of the exam. 

Benefits of Earning a CISSP Certification:

1. Maximise your earning potential:

An average CISSP certification holder earns about $131,030 per annum in the US. This reflects their expertise in aspects like cybersecurity knowledge, fours years or more of paid employment experience within the industry. 

2. Growing demand for cybersecurity professionals:

According to the Cybersecurity Workforce Report by (ISC)², there is a global shortage of more than 2.9 million cyber workforce professionals. This makes now the best time to take big steps to advance your IT security career.

3. Peer and team recognition:

The CISSP certification has one of the toughest exams to clear. That’s what makes it a powerful and respected certification. Achieving this certification brings you the respect and recognition of your peers and your superiors.

4. Deeper understanding of cybersecurity:

The CISSP curriculum covers all the elements that are fundamental to the domain of cybersecurity. With time, its curriculum is updated to stay ahead of changes and advancements in technology. 

5. Validation of hands-on experience with cybersecurity:

In a candidate’s CISSP assessment, they must show hands-on and paid employment experience in the cybersecurity domain. You also need to complete a professional program worth 120 credits over three years to hold on to your certification. 

6. Large global community:

There are over 140,000 members in the (ISC)² global community of certified professionals. Earning this certification makes you a part of this prestigious group of professionals.

Prerequisites for the CISSP Exam:

Like with most other IT certifications, you must meet a few minimum requirements to be eligible for the CISSP (Certified Information Systems Security Professional) certification training and certification. As an applicant,

  • You must have at least five years of experience working with a minimum of two domains out of the eight that the ISC2 has prescribed in the CBK (common body of knowledge) for the CISSP certification.
  • You can apply with just 4 years of work experience if you have a college degree (4 years) or any ISC2-approved certification from their list.

Skill Breakup and Weightage in the CISSP exam:

The CISSP certification measures several skills in the exam with the following breakup:

  • Asset Security - 10%
  • Risk and Security Management - 15%
  • Network and Communication Security - 14%
  • Engineering and Security Architecture - 13%
  • Security Operations - 13%
  • IAM (Identity and Access Management) - 13%
  • Security Assessment and Testing - 12%
  • Software Development Security - 10%

Features of Koenig’s CISSP Certification Training Course:

  • Dedicated instructor through your CISSP (Certified Information Systems Security Professional) certification training.
  • You get access to free course previews to help you to start preparing.
  • Train with expert CISSP mentors around the world.
  • Prepare using widely accredited course material for CISSP prepared by subject matter experts.
  • Get vital ISC2 resources directly from ISC2.
  • Get a course completion certification that is recognised across the industry once you complete the course. 
  • Get the benefit of advanced features such as Fly Me a Trainer and 1–to-1 Training.
  • Get trained either online or across more than 100 locations in the world. 

Additional Read: Know Why CISSP a Top-Paying IT Certification in today's scenario?

Who Should Take Up This CISSP Training Course:

The CISSP certification has been designed to benefit several IT professional roles. This includes roles like:

  • Security consultant
  • Network architect
  • Security architect
  • Security manager
  • Security auditor
  • Director of security
  • CIO
  • Security systems engineer
  • Security analyst
  • Anybody looking to advance their knowledge base and technical skillset.

Choose Koenig for your CISSP Certification Course:

  • Expert instructors train you for one of the world’s most widely recognised certifications.
  • You get a comprehensive perspective of the global standards for information security.
  • Advance your career with a globally recognised CISSP credential to your name.
  • Open new opportunities for peer-to-peer networking using our CISSP training and know everything there is to know about security standards and concepts around the world.

If you have worked on or used any of these services, or if you are interested in earning the most advanced credential in the cybersecurity domain, this is your starting point. Enrol in a CISSP certification course today.

 Enquire Now 

Michael Warne

Michael Warne is a tech blogger and IT Certification Trainer at Koenig Solutions. She has an experience of 5 years in the industry, and has worked for top-notch IT companies. She is an IT career consultant for students who pursue various types of IT certifications.