The vast majority of current CISSPs took their test in the old format. The test was a grueling 250 question test in which nearly 85% of the testers would take the entire allotted 6 hour exam time. But the test was modernized at the end of 2017
The CISSP exam is now a “Smart Exam
Beginning in December of 2017 the CISSP exam was changed to an adaptive format. The official name for this is Computerized Adaptive Exam (CAT). This is one of the first certification exams that was moved to this new platform. But the rest will soon follow.
The adaptive format helps prevent cheating
Since IT certifications are very valuable, there is a high incentive for folks to try to take study shortcuts by cheating. This has lead to online marketplaces where you can buy questions and answers.
If you do a web search for “CISSP Brian Dump” you will find many websites that sell practice exams that they claim to be actual exam questions. The CISSP exam has always maintained a high level of security and integrity in keeping their questions out of reach of cheaters who try to buy the questions and answers.
Some nefarious companies pay people to take tests and attempt to record the questions or memorize the questions in order to write them down.
The adaptive format of the CISSP exam adds a higher layer of security to the test. An exam taker no longer has access to all of the questions on the test. In fact, an unprepared test taker will receive very few questions that would actually lead to a passing score.
Here is how the CISSP Adaptive Test Works
First you will go through the very high standard of security at the testing center – The ID check, Photo, Biometric Hand Scan, etc. – then you will be escorted to the testing room. You will be on camera at all times, and will also be watched by the test administrator behind a glass window.
You will sit down at your testing station and will receive instructions on how the test works and the general functionality of the testing terminal.
The test will start with questions that are quite easy. These questions test knowledge that is well below the standard that is required for passing the exam.
After each question is answered the testing algorithm determines the test taker’s competence by analyzing all of the questions that were presented and the answers that were given.
A number of factors are analyzed by the algorithm. The actual details of the algorithm are proprietary but the following list of factors are likely considered:
- The correctness of the answer – Was the “best correct” answer chosen?
- The candidates aptitude on each of the testing domains based on the questions answered correctly
- The candidates ability to know or ascertain the best answer on obscure domain topics
- The time that it takes the candidate to answer each question (This data is used to help identify potential cheaters)
After a question is answered the next question is determined.
Based on the above factors the next question to be presented is determined. The candidate cannot go back and change previous answers because the answers are locked in as soon as the “Submit” button is pressed.
If the candidate answers a question correctly then the next question is said to be 50% more difficult to answer. In other words, there will be a 50% greater chance that the next question will be answered incorrectly.
Get a question right and the test gets harder – much harder!
The questions get exponentially more difficult as the candidate continues to do well on the questions. In fact, the objective of the algorithm is to get test the candidate’s breaking point: The point at which the candidate can no longer answer the questions correctly.
Your breaking point determines your success on the CISSP exam.
The exam candidate will certainly get to the point where the test questions are so obscure that the answers will come down to educated guesses. The further you get while maintaining an overall score of at least 80% in each of the testing domains will determine if you pass the overall exam.
Is the Adaptive CISSP exam harder than the old one?
The adaptive CISSP exam will seem pretty difficult because, if the tester does well, the questions will get to the point that they seem almost impossible to answer. The test may be considered easier by some because it is no longer a marathon 6 hour test with 250 questions. In fact, most test takers will complete the test when the question count reaches between 100 and 150.
Most people – including me – have never taken both the old format CISSP and the new format adaptive CISSP test. Therefore, it is difficult to say which format is harder.
For some people the old format may be more difficult due to the stamina required to sit and concentrate for 6 hours. For others the new format might be more of a challenge because of the escalating difficulty of the questions.
In theory, both formats of the test are equally difficult to pass. In fact, this is the stance and the objective of the adaptive test according to ISC2
Don’t let the CISSP test scare you.
Part of the value of holding a CISSP certification is that it is difficult to obtain. Not everybody is going to pass this test. However, that does not mean that you can’t do it. If you prepare well, understand the material, and do a ton of practice questions you can certainly succeed on the exam! Here is a great study plan that worked for me – How to pass the CISSP exam without reading any books.