Dynamic Access


Motivation to take CISSP exam



During my career, I have been keeping learning and practising new technologies. Nowadays, AI, deep learning, big data, etc. new technologies have emerged one after another. I was wondering if there was anything that will not change, and it could make me more and more valuable in the job market? Like the medical doctors, they are getting more and more experienced and valuable when getting older and older. Finally I come up with the thought that Information Security might be the thing!


The technologies behind Information Security might keep changing, like you can scan your web site for vulnerabilities using different tools, find logs in different places, however, the idea to find the threat, define the risk for your product, get prepared either to avoid the damage or minimize the damage, generally speaking, would be the same, no matter what it is hardware, software, network, and so on.


As more and more I learned, I am thinking when it comes to infornmation security, it is quite depend on the general "sense" rather than the specific "skill". And the fastest way to get more "sense" of it, is to learn in a systematical way, like getting a well-known certification, e.g. CISSP.



CISSP CBK was updated on May 1, 2021



Compared to before, CISSP CBK has changed domain 4 from 14% to 13% and domain 8 from 10% to 11%. The exam time is 150 questions in 3 hours. The difference of 1% is about 1 or 2 questions. If you're not good at domain 4 but good at domain 8, it might be a good news for you. However I think the updates should not change your preparation by all means. You should do your best on all 8 domains no matter what.


The passing line is 70%. According to the official website, you are not required to be 70% on each domain as long as your overall score is above 70%. However if one domain is extremely bad, I don't know if you can pass the exam even if you did extremely well on the other domains. Please do not try.


The exam I took was a computerized adaptive test (CAT), after submiting your answer for one question, you can't go back. If the number of questions exceeds 100, the test engine may stop if your answers so far are steadily 70% or more correct. On the other hand, suppose all the remaining questions would be answered correctly, still you can not reach 70%, the test engine will stop too. In my case, it stopped after around 110 questions. Since I knew how the scoring system works, and I had a feeling that I was not so bad on previous answers, I wasn't surprised when the exam stopped.