The CISSP® (Certified Information Systems Security Professional) qualification is one of the most respected certifications in the information security industry, demonstrating an advanced knowledge of cyber security. Let’s begin by listing the eight domains, and later go on to explain each one in more detail.
- Security and Risk Management
This is considered to be the largest domain in CISSP, providing a comprehensive overview of the things you need to know about information systems management. It covers:
- The confidentiality, integrity and availability of information;
- Security governance principles;
- Compliance requirements;
- Legal and regulatory issues relating to information security;
- IT policies and procedures; and
- Risk-based management concepts.
Security and Risk Management comprises about 15% of the CISSP exam.
- Asset Security
This domain addresses the physical requirements of information security. It covers:
- The classification and ownership of information and assets;
- Retention periods;
- Data security controls; and
- Handling requirements.
Asset Security comprises about 10% of the CISSP exam.
- Security Architecture and Engineering
This domain would be covering several important information security concepts, which would include:
- Engineering processes using secure design principles;
- Fundamental concepts of security models;
- Security capabilities of information systems;
- Assessing and mitigating vulnerabilities in systems;
- Cryptography; and
- Designing and implementing physical security.
Security Engineering comprises about 13% of the CISSP exam.
- Communications and Network Security
This domain covers the design and protection of an organisation’s networks. This includes:
- Secure design principles for network architecture;
- Secure network components; and
- Secure communication channels.
Communications as well as Network Security comprises about 14% of the CISSP exam.
- Identity and Access Management
This domain helps information security professionals understand how to control the way users could access data. It would be covers:
- Physical and logical access to assets;
- Identification and authentication;
- Integrating identity as a service and third-party identity services;
- Authorisation mechanisms; and
- The identity and access provisioning lifecycle.
Identity and Access Management comprises about 13% of the CISSP exam.
- Security Assessment and Testing
This domain would be focused on the design performance as analysis of security testing. It might include:
- Designing and validating assessment and test strategies;
- Security control testing;
- Collecting security process data;
- Test outputs; and
- Internal and third-party security audits.
Security Assessment and Testing comprises about 12% of the CISSP exam.
- Security Operations
This domain wpi-addresses the way plans are put into action. It covers:
- Understanding and supporting investigations;
- Requirements for investigation types;
- Logging and monitoring activities;
- Securing the provision of resources;
- Foundational security operations concepts;
- Applying resource protection techniques;
- Incident management;
- Disaster recovery;
- Managing physical security; and
- Business continuity.
Security Operations comprises about 13% of the CISSP exam.
- Software Development Security
This domain helps professionals to apply, enforce, and understand software security. It would be covers:
- Security in the software development life cycle;
- Security controls in development environments;
- The effectiveness of software security; and
- Secure coding guidelines and standards.
Software Development Security comprises about 10% of the CISSP exam.
Advantages of SPOTO
SPOTO CCIE Club Training center would be considered the best place for getting trained with the Certifications. There expert trainers will definitely help you out to achieve good results in the CISSP Certification, in one single attempt. SPOTO would be the best training module for you to prepare for it. So, just gain the SPOTO Exam Training and have the CISSP Certification in one go.