(ISC)2 is making several changes to the CISSP exam effective January 1st, 2012.
This language was found on the ISC2 website;
(ISC)² CBK Domain Name Changes Coming Soon.
We are making some changes to the CBK domain names for the CISSP, SSCP and CISSP-ISSEP. These changes do not affect experience requirements for […]
As exam time approaches, everyone feels anxious about whether they’re ready to take the exam and to pass and thus to receive the CISSP certification. For a lot of people, achieving this milestone in their career means verification of the knowledge they possess. To some it means meeting the […]
Information Security is all about staying informed. And the CISSP is no exception. If you’re not reading then you’re falling behind. When you take the CISSP Boot Camp course from InfoSec you will receive a copy of Shon Harris’s CISSP All-in-One Exam Guide, Fifth Edition – Hardcover (Jan. 15, […]
Operations Security (OpSec) is concerned with the same basic elements as all the other CISSP domains and those are confidentiality, integrity and availability.
So let’s approach OpSec from that CIA perspective: How do we keep the data and systems confidential, maintain integrity and ensure they are available? There needs to […]
Application development security requires an awareness of how different environments demand different security. For example, the security for running a mainframe application that is not accessible by anything except the mainframe would be considerably different than the security for a web based application that anyone on the internet has […]
There are several topics we need to look at when we discuss the Legal domain of CISSP. First you need some background and a couple of important distinctions:
Civil Law and Common Law — The most significant difference is in civil law judicial precedents and particular case rulings do not […]
An Introduction to S-Tools
Steganography (as we discussed in our coverage of the CISSP Cryptography Domain) is the hiding of information within a picture, say a *.bmp file or a *.gif file. To demonstrate steganography’s simplicity this article will cover a brief demonstration of hiding information within a BMP picture […]
You only have to turn on the TV and watch some of the footage of the destruction caused by the tsunami in Japan to realize the importance of business continuity and disaster recovery planning or think back to the September 11 attacks and remember the destruction in New York City […]
This article will cover some of the major areas within Security Architecture and Design by looking at: design concepts, hardware architecture, OS and software architecture, security models, modes of operations, and some system evaluation methods, specifically CAP.
First, design concepts. You need to remember “LAST.” That is L=Layering, A=Abstraction, S=Security Domains […]
Today let’s take a look at the CISSP Domain that deals with Information Security Governance and Risk Management. When we speak about IS Governance we’re talking about how management views security, how the security organization is structured, who the Information Security Officer (ISO) reports to and some basic guiding […]
(ISC)²’s CISSP Exam covers ten domains which are:
Application Development Security
Business Continuity and Disaster Recovery Planning
Information Security Governance and Risk Management
Legal regulations, investigations, and compliance
Physical and Environmental Security
Security Architecture and Design
Telecommunications and Network Security
Over the course of the next 10 weeks or so, I’ll take a look at each […]