The CISSP® (Certified Information Systems Security Professional) qualification is one of the most respected certifications in the information security industry, demonstrating an advanced knowledge of
cyber security. We recently discussed the benefits of becoming a CISSP. Now, we turn our attention to the structure of the qualification itself
and the domains within it. (ISC)2, which developed and maintains the CISSP qualification, updated the structure of the certificate in 2015, moving from ten domains to eight. We’ll begin by listing the eight domains, and then go on to explain each one in more detail. Our
CISSP exam preparation course covers these eight domains in-depth. Security and Risk Management comprises about 15% of the CISSP exam. This is the largest domain in CISSP,
providing a comprehensive overview of the things you need to know about information systems management. It covers:
2) Asset SecurityAsset Security comprises about 10% of the CISSP exam. This domain addresses the physical requirements of information security. It covers:
3) Security Architecture and EngineeringSecurity Engineering comprises about 13% of the CISSP exam. This domain covers several important information security concepts, including:
4) Communications and Network SecurityCommunications and Network Security comprises about 14% of the CISSP exam. This domain covers the design and protection of an organisation’s networks. This includes:
5) Identity and Access ManagementIdentity and Access Management comprises about 13% of the CISSP exam. This domain helps information security professionals understand how to control the way users can access data. It covers:
6) Security Assessment and TestingSecurity Assessment and Testing comprises about 12% of the CISSP exam. This domain focuses on the design, performance and analysis of security testing. It includes:
7) Security OperationsSecurity Operations comprises about 13% of the CISSP exam. This domain addresses the way plans are put into action. It covers:
8) Software Development SecuritySoftware Development Security comprises about 10% of the CISSP exam. This domain helps professionals to understand, apply and enforce software security. It covers:
CISSP training and revision materialsThose who sit the CISSP CBK (Common Body of Knowledge) exam will be tested on each of the eight domains. The exam consists of 100–150 multiple-choice questions and lasts three hours. The pass grade is 70%. Anyone preparing for that exam should read the official CISSP study guide. Those who are really serious about studying should also enrol on our CISSP Accelerated Training Programme. This course covers the CISSP qualification intensively and comprehensively, and is delivered in five days, maximising effectiveness and reducing the amount of time you have to spend away from the office. Recommended reading:
About The AuthorLuke IrwinLuke Irwin is a writer for IT Governance. He has a master’s degree in Critical Theory and Cultural Studies, specialising in aesthetics and technology, and is a one-time winner of a kilogram of jelly beans. Which of the following of the CIA Triad ensures that the information is correct and no unauthorized person has altered it?Integrity involves maintaining the consistency, accuracy and trustworthiness of data over its entire lifecycle. Data must not be changed in transit, and steps must be taken to ensure data cannot be altered by unauthorized people (for example, in a breach of confidentiality).
Which of the following is an example of technical controls that can be used for physical security?Examples include physical controls such as fences, locks, and alarm systems; technical controls such as antivirus software, firewalls, and IPSs; and administrative controls like separation of duties, data classification, and auditing.
What is CIA in terms of information security?The three letters in "CIA triad" stand for Confidentiality, Integrity, and Availability. The CIA triad is a common model that forms the basis for the development of security systems. They are used for finding vulnerabilities and methods for creating solutions.
Which of the following items would you secure in the perimeter layer of the security model?Which of the following items would you secure in the Perimeter layer of the security model? Firewalls using ACLs are secured in the Perimeter layer.
|