How many domains does the Certified Information Systems Security Professional CISSP certification test cover?

What you’ll learn

This course will help you to prepare for the CISSP certification. You will gain core knowledge to successfully implement and manage security programs. You will gain in-depth knowledge of the eight domains required to prepare for the CISSP exam.

Stay ahead of the technology curve

Don’t let your tech outpace the skills of your people

Quality instructors and content

Expert instructors with real world experience and the latest vendor- approved in-depth course content.

Partner-Preferred Supplier

Chosen and awarded by the world’s leading vendors as preferred training partner.

Ahead of the technology curve

No matter your chosen technologies or platforms, we can help you stay one step ahead.

Who is the course for?

The CISSP is ideal for experienced security practitioners, managers and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:

• Chief Information Security Officer

• Chief Information Officer

• Director of Security

• IT Director/Manager

• Security Systems Engineer

• Security Analyst

• Security Manager

• Security Auditor

• Security Architect

• Security Consultant

• Network Architect

We can also deliver and customise this training course for larger groups – saving your organisation time, money and resources. For more information, please contact us on 1800 U LEARN (1800 853 276).

Course subjects

This course provides in-depth coverage of the eight domains required to prepare for the CISSP exam. Refer to the CISSP Exam Outline for a deeper dive into the CISSP domains.

1. Security and Risk Management

• Understand, adhere to, and promote professional ethics

• Understand and apply security concepts

• Evaluate and apply security governance principles

• Determine compliance and other requirements

• Understand legal and regulatory issues that pertain to information security in a holistic context

• Understand requirements for investigation types (i.e., administrative, criminal, civil, regulatory, industry standards)

• Develop, document, and implement security policy, standards, procedures, and guidelines

• Identify, analyse, and prioritise Business Continuity (BC) requirements

• Contribute to and enforce personnel security policies and procedures

• Understand and apply risk management concepts

• Understand and apply threat modeling concepts and methodologies

• Apply Supply Chain Risk Management (SCRM) concepts

• Establish and maintain a security awareness, education, and training program

2. Asset Security

• Identify and classify information and assets

• Establish information and asset handling requirements

• Provision resources securely

• Manage data lifecycle

• Ensure appropriate asset retention (e.g. End-of-Life (EOL), End-of-Support (EOS))

• Determine data security controls and compliance requirements

3. Security Architecture and Engineering

• Research, implement and manage engineering processes using secure design principles

• Understand the fundamental concepts of security models (e.g. Biba, Star Model, Bell-LaPadula)

• Select controls based upon systems security requirements

• Understand security capabilities of Information Systems (IS) (e.g. memory protection, Trusted Platform Module (TPM), encryption/decryption)

• Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements

• Select and determine cryptographic solutions

• Understand methods of cryptanalytic attacks

• Apply security principles to site and facility design

• Design site and facility security controls

4. Communication and Network Security

• Assess and implement secure design principles in network architectures

• Secure network components

• Implement secure communication channels according to design

5. Identity and Access Management (IAM)

• Control physical and logical access to assets

• Manage identification and authentication of people, devices, and services

• Federated identity with a third-party service

• Implement and manage authorisation mechanisms

• Manage the identity and access provisioning lifecycle

• Implement authentication systems

6. Security Assessment and Testing

• Design and validate assessment, test, and audit strategies

• Conduct security control testing

• Collect security process data (e.g. technical and administrative)

• Analyse test output and generate reports

• Conduct or facilitate security audits

7. Security Operations

• Understand and comply with investigations

• Conduct logging and monitoring activities

• Perform Configuration Management (CM) (e.g. provisioning, baselining, automation)

• Apply foundational security operations concepts

• Apply resource protection

• Conduct incident management

• Operate and maintain detective and preventative measures

• Implement and support patch and vulnerability management

• Understand and participate in change management processes

• Implement recovery strategies

• Implement Disaster Recovery (DR) processes

• Test Disaster Recovery Plans (DRP)

• Participate in Business Continuity (BC) planning and exercises

• Implement and manage physical security

• Address personnel safety and security concerns

8. Software Development Security

• Understand and integrate security in the Software Development Life Cycle (SDLC)

• Identify and apply security controls in development environments

• Assess the effectiveness of software security

• Assess security impact of acquired software

• Define and apply secure coding guidelines and standards

Prerequisites

You should have a minimum of five years of experience working in IT Infrastructure and Cybersecurity.

Candidates for the CISSP exam must have a minimum of five years cumulative, paid work experience in two or more of the eight domains of the CISSP CBK.

A candidate who doesn’t have the required experience to become a CISSP may become an Associate of (ISC)² by successfully passing the CISSP examination. The Associate of (ISC)² will then have six years to earn the five years required experience.

Terms & Conditions

The supply of this course by DDLS is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.

How many domains are in CISSP?

What are the 8 domains?

What does the CISSP exam cover?

What are the 8 domains of information security?