ISC2 Certified Information Systems Security Professional (CISSP) (2021 Update) Learning Path

This path prepares you to take the CISSP exam and covers all of the relevant topics, including the Common Body of Knowledge.

18 hours, 42 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    18 hours, 42 minutes

  • Assessment


About ISC2 Certified Information Systems Security Professional (CISSP) (2021 Update)

With this path, you'll prepare to take the CISSP exam. You'll review core relevant topics, including security and risk management, asset security, identity and access management, security operations, software development security and more. We conclude with helpful test-taking tips to prepare you for exam day.



CISSP Practice Exam (2021 Edition)

Assessment - 150 questions

CISSP Exam Preparation

Course - 00:03:00

The CBK is composed of eight domains, each of which covers a necessary component of an organization’s information security program. Knowing the CBK creates a solid foundation to build on as you prepare for the test.
Security and Risk Management

Course - 02:01:00

Policies and procedures are the primary components of an organization’s information security program. This course describes how these essential practices are deployed to assist an organization in achieving its security objectives.
Asset security

Course - 00:34:00

Adequate protection of information systems is properly achieved through effective classification policies. Protection is achieved by accurately understanding the value of an information system to the organization.
Security architecture and engineering

Course - 03:03:00

Following formal design frameworks allows a developer to integrate security features into the initial design of the system. This domain highlights the principles of cryptography and considers the importance of maintaining an adequate physical security program.
Communication and network security

Course - 03:14:00

We review network security appliances such as firewalls and intrusion prevention systems. We will discuss such topics as security protocols, cloud computing, remote access and wireless communications.
Identity and access management

Course - 01:51:00

We describe access control models and other techniques that organizations deploy in order to secure access to information systems. The attack vectors that exploit access controls are covered as well.
Security assessment and testing

Course - 01:20:00

Regular evaluation of security controls ensures that information systems are properly protected. Testing techniques should be automated, performed continuously and in compliance with organizational policy.
Security operations

Course - 03:01:00

IT departments deploy a variety of industry best practices to protect the organization’s network. These techniques define expected activities and the organizational members who are responsible for performing them.
Software development security

Course - 01:43:00

We describe secure programming techniques to improve software engineering processes that will reduce the exposure of an application. We also cover the different attack vectors that can exploit software.
Test-taking tips

Course - 00:36:00

To properly prepare for an exam as challenging as the CISSP, candidates should recognize the style of exam questions and proper techniques for determining the best answer.

Meet the author

Nick Valenteen

I am an IT professional with over 40 years of industry experience. Since earning my CISSP certification 21 years ago, I have focused on delivery of information assurance training, helping thousands of IT professionals earn certifications such as CISSP and Security+.

The details

Learning path insights

Related job titles

You need five years of professional experience in the information security field to achieve the CISSP, but you can become an Associate of (ISC)² by passing the exam without experience.

This certification path is designed for:

  • Cybersecurity managers
  • Cybersecurity consultants
  • Security architects
  • Security engineers
  • Anyone with a desire to earn one of the most in-demand security management certifications!

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo