Exam Comparison
GPEN vs CISSP
Comparing the GIAC Penetration Tester (GPEN) and the ISC2 CISSP. Both fall under IT Certifications. Both are covered by the Cyber Security Cert Exam Prep: CISSP, CEH & CySA+ app.
GPEN vs CISSP: At a Glance
| Detail | GPEN | CISSP |
|---|---|---|
| Full Name | GIAC Penetration Tester (GPEN) | ISC2 CISSP |
| Governing Body | GIAC | ISC2 |
| Number of Questions | 82 | 125 |
| Time Limit | 3 hours | 3 hours |
| Passing Score | 74% | 700/1000 |
| Exam Fee | $949 USD | $699 USD |
| Category | IT Certifications | IT Certifications |
| C3RT App | Cyber Security Cert Exam Prep: CISSP, CEH & CySA+ Soon | Cyber Security Cert Exam Prep: CISSP, CEH & CySA+ Soon |
Content Areas Compared
GPEN Domains
- Comprehensive Pen Test Planning, Scoping, and Recon
- Scanning, Enumeration, and Exploitation
- Password Attacks and Credential Access
- Web Application Pen Testing Fundamentals
- Post-Exploitation and Pivoting
- Domain Exploitation and Active Directory Attacks
- Pen Test Workflow Documentation and Reporting
CISSP Domains
- Security and Risk Management(15%)
- Asset Security(10%)
- Security Architecture and Engineering(13%)
- Communication and Network Security(13%)
- Identity and Access Management(13%)
- Security Assessment and Testing(12%)
- Security Operations(13%)
- Software Development Security(11%)
Frequently Asked Questions
What is the difference between GPEN and CISSP?
The GPEN (GIAC Penetration Tester (GPEN)) is administered by GIAC and consists of 82 questions. The CISSP (ISC2 CISSP) is administered by ISC2 and consists of 125 questions. Both are IT Certifications credentials.
Can I take both the GPEN and the CISSP?
Yes, the GPEN and CISSP are separate credentials with separate eligibility requirements. Each is awarded by a different governing body (GIAC and ISC2 respectively). Check the official requirements for each before registering.
Which should I take first, GPEN or CISSP?
The right sequence depends on your career goals and current credentials. The GPEN is offered by GIAC with a passing score of 74%, while the CISSP is offered by ISC2 with a passing score of 700/1000. Review the eligibility requirements for each with the respective governing bodies before deciding.
Does C3RT cover both the GPEN and the CISSP?
C3RT is building apps for both the GPEN and the CISSP. Both will be available on iOS and Mac.
The GIAC Penetration Tester (GPEN) (GPEN) is administered by GIAC. The ISC2 CISSP (CISSP) is administered by ISC2. C3RT is not affiliated with either organisation. Certification names and trademarks are the property of their respective owners.