All courses
Resource hub
Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
Hamburger Icon
  • Certification Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Security
    •

CISSP® (Certified Information Systems Security Professional) Certification

16 Courses
7 Labs
36 Hours
Practice exam

(ISC)²® requires CISSP® candidates to have a minimum of five years cumulative paid work experience in two or more of the eight domains of the CISSP® Common Body of Knowledge (CBK). Earning a four year college degree or regional equivalent or an additional credential from the (ISC)2 approved list will satisfy one year of the required experience. Education credit will only satisfy one year of experience.

Get started

Content in this path

CISSP® (Certified Information Systems Security Professional) April 15, 2024

This series can be used to prepare for the (ISC)²® CISSP® (Certified Information Systems Security Professional) examination, with coverage of all 8 domains on the CISSP® Certification Exam Outline effective April 15, 2024. This series provides the foundational knowledge needed to effectively design, engineer, manage, and lead the security posture of an organization.

Course

Security and Risk Management: Information Security Principles for CISSP®

  • by Kevin Henry
  • 3h 9m
  • Mar 18, 2024
Course

Security and Risk Management: Principles of Risk for CISSP®

  • by Kevin Henry
  • 1h 51m
  • Mar 18, 2024
Course

Asset Security for CISSP®

  • by Kevin Henry
  • 1h 58m
  • Mar 18, 2024
Course

Security Architecture and Engineering: Secure Design Principles for CISSP®

  • by Kevin Henry
  • 1h 35m
  • Mar 18, 2024
Course

Security Architecture and Engineering: Security Controls and Vulnerabilities for CISSP®

  • by Kevin Henry
  • 2h 7m
  • Mar 18, 2024
Course

Security Architecture and Engineering: Physical Security Controls and Design for CISSP®

  • by Kevin Henry
  • 1h 1m
  • Mar 18, 2024
Course

Security Architecture and Engineering: Cryptography for CISSP®

  • by Kevin Henry
  • 1h 42m
  • Mar 18, 2024
Course

Communication and Network Security for CISSP®

  • by Kevin Henry
  • 2h 54m
  • Mar 18, 2024
Course

Security Assessment and Testing for CISSP®

  • by Kevin Henry
  • 1h 24m
  • Apr 09, 2024
Course

Identity and Access Management (IAM) for CISSP®

  • by Kevin Henry
  • 1h 31m
  • Mar 27, 2024
Course

Security Operations: Operations Management for CISSP®

  • by Kevin Henry
  • 1h 39m
  • Apr 18, 2024
Course

Software Development Security for CISSP®

  • by Kevin Henry
  • 3h 8m
  • Apr 24, 2024
Course

Security Operations: Business Resilience and Incident Management for CISSP®

  • by Kevin Henry
  • 1h 59m
  • Apr 06, 2024
Course

Exam Review Tips and Tricks for CISSP®

  • by Kevin Henry
  • 43m
  • Mar 18, 2024

CISSP® (Certified Information Systems Security Professional) Labs

This series can be used to prepare for the (ISC)²® CISSP® (Certified Information Systems Security Professional) examination with hands-on-labs.

Course

Getting Started in the Lab Environment

  • by Aaron Rosenmund
  • 6m
  • Oct 07, 2021
Lab

Scanning: Report and Prioritize Vulnerabilities

  • by Matthew Lloyd Davies
  • 1h 10m
  • Jul 30, 2025
Course

Network Protocols for Security: TCP and UDP

  • by Brandon DeVault
  • 20m
  • Feb 09, 2023
Lab

System Protection: System Hardening

  • by Craig Stansbury
  • 50m
  • Aug 04, 2025
Lab

Authentication: Certificates

  • by Shimon Brathwaite
  • 1h
  • Aug 04, 2025
Lab

Threat Modeling in Action

  • by Lee Allen
  • 1h 35m
  • Aug 04, 2025
Lab

Respond to a Data Leak

  • by Sahil Gupta
  • 1h
  • Aug 05, 2025
Lab

Assess Password Policy Compliance

  • by Aaron Rosenmundby John Elliott
  • 2h 10m
  • Aug 04, 2025
Lab

Data Management: PII Classification

  • by Shimon Brathwaite
  • 50m
  • Jul 30, 2025
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
Certification path

Build confidence to ace your certification exam with a variety of prep tools, including video courses, labs, and practice exams.

What You'll Learn
  • ##What You Will Learn:
  • Evaluate and apply security governance principles, risk management concepts, and threat modeling concepts and methodologies
  • Develop, document, and implement security policy, standards, procedures, and guidelines
  • Identify and classify information and assets
  • Manage data lifecycle
  • Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
  • Select and determine cryptographic solutions
  • Assess and implement secure design principles in network architectures
  • Manage identification and authentication of people, devices, and services
  • Complete security control testing
  • Complete logging and monitoring activities
  • Operate and maintain detective and preventive measures
  • Complete incident management
  • Understand and integrate security in the Software Development Life Cycle (SDLC)
  • Review the certification and provide exam tips
Prerequisites
  • (ISC)²® requires CISSP® candidates to have a minimum of five years cumulative paid work experience in two or more of the eight domains of the CISSP® Common Body of Knowledge (CBK). Earning a four year college degree or regional equivalent or an additional credential from the (ISC)2 approved list will satisfy one year of the required experience. Education credit will only satisfy one year of experience.
  • A candidate who doesn’t have the required experience to become a CISSP® may become an Associate of (ISC)2 by successfully passing the CISSP® examination. The Associate of (ISC)2® will then have six years to earn the five years required experience. You can learn more about CISSP® experience requirements and how to account for part-time work and internships at www.isc2.org/Certifications/CISSP/experience-requirements.
Related topics
  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security
Prepare for in-demand tech certifications Explore practice exams

Learn with the best

Kevin Henry
Kevin Henry
Kevin Henry is a well-known and respected educator and lecturer in the fields of information security and audit. Kevin uses his more than 30 years of practical experience as a network technician, computer programmer, and information systems auditor to deliver outstanding presentations that make each topic interesting, relevant, and useful. Often described by students as "The best instructor I have ever had," Kevin has the ability to provide quality instruction that engages the audience and provi...
Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur...
Matthew Lloyd Davies
Matthew Lloyd Davies
Matt is a cyber security author and researcher here at Pluralsight. A certified penetration tester and incident handler, he created Pluralsight's CompTIA Pentest+ Specialized Attacks courses as well our courses on wireless, ICS/OT and hardware hacking. Matt has also helped to build our security labs portfolio; labs that help you get hands-on to understand the threats and vulnerabilities your organization faces today. With a background in Chemical Engineering, Matt's focus is on the security ...
Brandon DeVault
Brandon DeVault
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response...
Craig Stansbury
Craig Stansbury
Craig has over 10 years of IT experience, including working on Palo Alto Firewalls, Cisco Routes and Switches, Microsoft Servers, and VMWare ESXi. Craig started in IT in the United States Marine Corps and began teaching his Marines all the design and implementation concepts that they needed to know. He loves when his students have the "lightbulb moment" and are able to understand the concepts he is teaching them. Aside from teaching, Craig also owns a business that consults with enterprises to h...
Shimon Brathwaite
Shimon Brathwaite
Shimon Brathwaite is a seven-year cybersecurity professional with extensive experience in Incident Response, Vulnerability Management, Identity and Access Management and Consulting. He has worked at one of the Big Four consulting firms, multiple of Canada’s largest banks and in startup environments. In addition to his full-time work, he runs a blog securitymadesimple.org, a consulting company and is a published author with four books on cybersecurity. He is open for engagements related to cybers...
Lee Allen
Lee Allen
With over two decades of experience in the security industry, Lee is a seasoned professional with a proven track record of delivering top-notch security services to a diverse range of organizations. From Internet Service Providers and computer manufacturers to global pharmaceutical companies, public universities, and a major bank, Lee has worked with some of the biggest names in the industry. With experience as a leader of the penetration testing team at a large bank, Lee has developed deep expe...
Sahil Gupta
Sahil Gupta
Sahil Gupta is a skilled cybersecurity professional with a focus on Product Security. Their expertise lies in implementing DevSecOps practices such as SAST, SCA, DAST, IAST, RASP, WAF, Cloud Native Security, and Supply Chain Security. With certifications including Certified Ethical Hacker (CEHv10), IBM Cybersecurity Analyst Professional, and Fortify DAST and SAST Certified Specialist, they excel in conducting comprehensive Penetration testing for Web and API applications. Renowned for their pro...
John Elliott
John Elliott
John Elliott is a specialist in regulated security and data protection. His fascination is the way that people engage with security directives: whether that’s a company following external regulation, an information security team developing policies, an IT team following them, or a colleague who is just trying to do their job securely. John has led information security and data protection functions in aviation and financial services. He’s represented both Visa Europe and Mastercard on the PCI S...

Join our learners and upskill
in leading technologies