One of our core processes for maintaining (ISC)2’s reputation for gold standard information security certifications involves frequent, rigorous evaluation of current certification exam questions and subsequent updates. As a result of the last evaluation of the Certified Information Systems Security Professional (CISSP®) exam, the format of the questions has been enhanced to include innovative item formats, including interactive drag & drop and hotspot questions. These question types can measure a broader base of knowledge, skills, and higher cognitive levels to represent the real-world environment using pictures instead of words.
The drag & drop feature requires exam takers to drag one or more choices from a visual representation of possible answers and drop them into another visual representation of correct answers.
Because candidates can choose any permutation of the possible answers, drag & drop questions are more challenging than traditional multiple choice questions, reducing the chance that candidates will arrive at the correct answer without a deep understanding of the material.
Hotspot questions require candidates to click the correct answer from a selection of images or within a diagram. Such user-friendly images can more realistically represent candidates’ on-the-job experience better than text-only multiple choice questions.
Incorporating visual cues into the certification exam allows candidates to rely on their core knowledge to choose the correct answer.
Having converted all of (ISC)2’s certification exams to a computer-based testing environment, we were able to change the structure of the questions, to make those questions more performance-based, more innovative, more visual, and more virtual.
Similar to the original multiple choice questions, this new question format will have only one correct answer. Therefore, all questions on the CISSP exam will remain evenly weighted, and the exam can incorporate the new, enhanced questions without increasing total testing time.
By incorporating new testing technology and features, (ISC)² continues to ensure that the CISSP certification remains the information security industry’s gold standard for employers and professionals alike.
I look forward to candidates’ and members’ feedback on these changes. For more information about the new CISSP exam format, please visit https://www.isc2.org/innovative-cissp-questions/Default.aspx.