ISC2 CISSP Study Guide [360 Minute Read]
A First-Principles Approach to Information Security
This guide builds genuine security understanding by starting with why before what. Every concept connects to a mental model, every section answers the question a working security professional would actually ask, and every exam trap comes with the reasoning to permanently avoid it — not just memorize around it.
Official Exam Objectives: ISC2 CISSP Exam Outline (April 2024)
The CISSP exam uses Computerized Adaptive Testing (CAT). Expect 125–150 items over 3 hours, weighted heavily toward scenario-based questions that test judgment over recall. Approximately 40% of questions require choosing the "most appropriate" answer from multiple technically correct options. You must score 700/1000 to pass.
Prerequisites: Minimum five years cumulative full-time work experience in two or more of the eight CISSP domains. One year may be waived with an approved degree or credential. Candidates without experience may sit the exam to earn Associate of ISC2 status, with six years to meet the experience requirement.
Exam Domain Weights
Domain 1 carries the most weight at 16% — but the risk management thinking it teaches is the lens through which every other domain is tested. Domains 3–5 and 7 are each 13%, forming the technical core. No domain can be safely skipped; the CAT algorithm will probe your weakest areas relentlessly.
Start Free. Upgrade When You're Ready.
Stay on your structured path while adding targeted practice with the full set of exam-like questions, expanded flashcards to reinforce concepts, and readiness tracking to identify and address weaknesses when needed.
Frequently Asked Questions
Content last updated