The requirements needed to take the CISSP exam aren’t numerous, but they are fairly strict, clear cut, and take into account your experience as an information security professional. Each candidate must have a minimum of five years of experience working full-time in at least two of the eight CISSP domains, dictated by the (ISC)² CBK. These eight domains are: Access Control, Telecommunications and Network Security, Information Security Governance and Risk Management, Software Development Security, Cryptography, Security Architecture and Design, Operations Security, Business Continuity and Disaster Recovery Planning, Legal, Regulations, Investigations and Compliance, and Physical (Environmental) Security.* Exam candidates may also be able to receive a one year experience waiver, as long as the candidate has a four-year college degree or an additional credential from the (ISC)² approved list of credentials. Each of these approved credentials still require four years of full-time professional experience with at least two of the previously-listed eight CISSP domains.* Citations: *(ISC)² web site