Certified Information Security Systems Professional (CISSP) certification bootcamp: A complete guide

Ranked as the most valuable security certification by (ISC)² and ISCN, the CISSP certificate is hugely in demand by companies who pay more for certification holders. As such, taking the CISSP exam is crucial to advancing your cybersecurity career. 

In this guide

• Bootcamp curriculum
• Time requirements
• CISSP bootcamp cost
• Bootcamp results

However, after being revised on May 1, 2021, to better align with the latest security threats and provide the knowledge required for today’s IT professionals to succeed, attending a CISSP bootcamp is one of the most effective ways to prepare for your CISSP exam.

The CISSP cyber certification bootcamp is an intensive part-time or full-time program that prepares students for the CISSP exam. This bootcamp equips you with the necessary technical skills to earn your CISSP certification based on the new exam content outline.

Bootcamps have many benefits for students. In fact, several bootcamp providers such as Coding Dojo, Flatiron, and Fullstack have reported that between 72-83 percent of their graduates find a relevant job within three months. Attending a CISSP bootcamp connects you with industry-recognized experts and helps you learn in an environment with like-minded individuals. This is important because networking with other professionals is essential in cybersecurity. 

In addition, getting the CISSP certificate makes you a member of the (ISC)², the largest association of cybersecurity professionals globally. This certificate also maximizes your earning and career potential. Since it is a high-demand certificate earned through immersive bootcamps and a challenging exam, successful candidates should expect to get paid up to 9 percent higher than their non-certified peers in the US and 12% in Europe. 

The CISSP exam is updated every three years, and the goal is to test the student’s knowledge in designing, engineering, and managing an organization’s security architecture. Before taking the exam, you must have a minimum of five years of full-time, relevant work experience. However, there are provisions in the CISSP certificate requirements for candidates without this experience. 

To learn about related programs, be sure to check out the complete cybersecurity bootcamps guide.

CISSP certificate bootcamp curriculum 

Since they all have the same goal – to prepare students for the exam effectively, most CISSP bootcamps have similar curricula. The best cybersecurity bootcamps align their courses with the CISSP exam outline to give students the best chance of success. 

If you’re planning to register for a CISSP bootcamp, the curriculum will focus on the eight domains of the (ISC)² CISSP Common Body of Knowledge (CBK). It’s important to remember that a CISSP bootcamp isn’t designed to make candidates experts in any topic in the exam but to provide enough knowledge to pass. If you need study materials to supplement your bootcamp knowledge, you can also obtain (ISC)²’s official textbook and other self-study resources. 

CISSP bootcamp course outline

Here is what a typical CISSP bootcamp curriculum outline looks like:

Security and Risk Management

• Security Concepts
• Security Governance Principles
• Compliance
• Professional Ethics
• Security Documentation
• Risk Management
• Threat Modeling
• Risk Response
• Business Continuity Plan Fundamentals
• Acquisition Strategy and Practice
• Personnel Security Policies
• Security Awareness and Training

Asset Security

• Asset Classification
• Secure Data Handling
• Resource Provisioning and Protection
• Manage Data Lifecycle
• Asset Retention
• Data Security Controls

Security Architecture and Engineering

• Security in the Engineering Lifecycle
• System Component Security
• Security Models
• Controls and Countermeasures in Enterprise Security
• Information System Security Capabilities
• Design and Architecture Vulnerability Mitigation
• Vulnerability Mitigation in Emerging Technologies
• Cryptography Concepts
• Cryptography Techniques
• Cryptanalytic Attacks
• Site and Facility Design for Physical Security
• Physical Security Implementation in Sites and Facilities

Communication and Network Security

• Network Protocol Security
• Network Components Security
• Communication Channel Security
• Network Attack Mitigation

Identity and Access Management

• Physical and Logical Access Control
• Identification and Authentication
• Identity as a Service
• Authorization Mechanisms
• Access Control Attack Mitigation

Security Assessment and Testing

• System Security Control Testing
• Software Security Control Testing
• Security Process Data Collection
• Audits

Security Operations

• Security Operations Concepts
• Change Management
• Physical Security
• Personnel Security
• Detective and Preventive Measures
• Patch and Vulnerability Management
• Logging and Monitoring
• Incident Response
• Investigations
• Disaster Recovery Planning
• Disaster Recovery Strategies
• Disaster Recovery Implementation

Software Development Security

• Security Principles in the System Lifecycle
• Security Principles in the Software Development Lifecycle
• Security Controls in the Development Environment
• Database Security in Software Development
• Software Security Effectiveness Assessment

Practice Test

Upon completion, most bootcamps provide a practice test to familiarize candidates with potential exam questions. Some bootcamps offer unlimited practice tests.

As part of the curriculum, each instructor-led provider requests minimum hardware specifications to ensure all students follow the instructor and no one is left behind due to slow-running devices. Specifications include a stable internet connection, at least 4GB RAM, 2 GHz+ processor speed, and a camera.

Timeframe for CISSP certification bootcamps

Cybersecurity bootcamps are relatively shorter than degrees and provide an intensive and faster route to advance your cybersecurity career. Although cybersecurity bootcamps generally last between 10 to 24 weeks, CISSP certification bootcamps are relatively shorter. 

This is because the bootcamp is intended for professionals with at least five years of work experience. While other cybersecurity bootcamps may start from the basics, CISSP bootcamps are advanced and usually last between 5 to 10 days. The bootcamps are available on-site or online, depending on the candidate’s preference.

Since they’re strictly timebound and not self-paced, on-site CISSP bootcamps are immersive and tasking. So, candidates are advised to travel to the bootcamp’s location for the duration of the program to escape daily life demands. For example, training could last up to 8 hours daily, usually from 9 AM to 5 PM. Students are then expected to follow up with personal preparation after classes.

However, besides on-site CISSP bootcamps, some organizations also provide self-paced e-learning training to candidates. Virtual bootcamps can be in the form of videos, live online instructor-led training, or text-based study materials. Similar to physical options, online bootcamps can also be timebound but are generally more flexible since students can take the courses at their convenience. Online bootcamps last between 40 to 250 hours, depending on the provider and student. 

If you prefer virtual bootcamps, training providers such as Certstaffix, Flatiron, Tech Talent South, and Noble Desktop offer online CISSP bootcamps and other cybersecurity courses.

Regardless of the format, most CISSP bootcamps are “all-inclusive,” meaning candidates get more than just the training. Here are some additional services you should expect to get:

• CISSP exam voucher
• Unlimited practice exam attempts
• Study guides
• Free retake
• Extended access to the bootcamp provider’s other offerings
• Printed and digital materials
• Pre-study learning path
• 1v1 tutoring

Some on-site CISSP bootcamps also provide hotels, meals, and airfare, although these are rare and cost more.

Cost of CISSP certification bootcamps

The CISSP bootcamp cost varies based on different factors such as the training provider, the learning format, and the additional perks in the package. 

Official training providers offer e-learning and on-site programs starting from $2,499. For example, (ISC)² offers three CISSP training options – classroom-based, online instructor-led, and online self-paced. The costs vary based on the chosen format, region, and the number of trainees.

Costs could start at around $235.36 for the online (ISC)² CBK Training Seminar for CISSP and reach $2,795 or more for the classroom-based program. ONLC Training centers’ CISSP remote instructor-led program costs about $2,995 with no exam voucher. Other providers may include exam vouchers and practice tests. 

Classroom-led training typically costs more. These bootcamps usually start at $2,900 and can reach $5,000 or more, depending on the instructor’s level of involvement and perks in the package. Some of these programs have an exam pass guarantee, 1v1 training, networking with other students, and access to the instructor even after the bootcamp.

For example, the Training Camp CISSP bootcamp could cost up to $4,995 without a discount and exam aid. On the other hand, Certification Academy’s CISSP Certification Training in Los Angeles costs around $3,599.

To help prepare, (ISC)²’s study app is available on the App Store and Google Play and costs around $8-10/month or $2.99/week. The app provides study questions, full practice tests, a custom test builder, and other exam-prep aids. 

Ultimately, your overall costs will depend on how many study materials you’re willing to buy and the training provider’s fixed price for the bootcamp.

What happens after the CISSP bootcamp?

The CISSP bootcamp’s purpose is to equip candidates with the required knowledge to pass the CISSP exam. While the CISSP exam is challenging and has a pass rate of approximately 20 percent, the right bootcamp and resources will help you pass.

The newly-revised CISSP exam is 4 hours long, consisting of 125-175 multiple-choice and advanced innovative items. You’ll need to score at least 700 out of 1,000 points to meet the minimum passing requirement of 70 percent. 

Each CISSP domain carries different weights, and it’s spread as follows:

Domains	Average Weight
Security and Risk Management	15 percent
Asset Security	10 percent
Security Architecture and Engineering	13 percent
Communication and Network Security	13 percent
Identity and Access Management (IAM)	13 percent
Security Assessment and Testing	12 percent
Security Operations	13 percent
Software Development Security	11 percent
Total	100 percent

The CISSP exam cost varies based on location (due to taxes). Standard registration in the US, Asia Pacific, Middle East, and Africa costs around 749 USD, while it costs around 665 Euros and 585 GBP for European countries and the UK, respectively. Before registering, (ISC)² recommends that CISSP candidates review exam policies and procedures.

After passing the exam, candidates will receive an email with their official results. Then, they can start the endorsement procedure to verify that they have the required work experience to become fully certified.

An (ISC)² qualified professional must endorse and digitally sign the application. If a candidate does not know a certified professional in good standing, (ISC)² can serve as an endorser. Following email notification that the candidate’s endorsement application has been accepted, they can start their membership cycle by paying their first Annual Maintenance Fee (AMF) of $125.

If you don’t pass the CISSP exam on your first attempt, you can still retest after 30 test-free days. 

The (ISC)² CISSP certificate is valid for three years. All CISSP holders must earn and submit 120 Continuing Professional Education (CPE) credits during the three years to maintain their certification. While becoming CISSP-certified is an impressive achievement, the CPE requirements ensure you stay updated on the ever-changing developments in the cybersecurity industry.