The CISSP Domains – An Overview

February 19, 2018 by Kenneth Magee

(ISC)²’s CISSP Exam covers 8 domains in 2018 which are:

  1. Security and Risk Management
  2. Asset Security
  3. Security Engineering
  4. Communications & Network Security
  5. Identity & Access Management
  6. Security Assessment & Testing
  7. Security Operations
  8. Software Development Security

For a comprehensive overview of the updated CISSP domains please check out the following article for:

The Domains Pre-2015 were as follows:

  1. Access Control
  2. Application Development Security
  3. Business Continuity and Disaster Recovery Planning
  4. Cryptograpy
  5. Information Security Governance and Risk Management
  6. Legal regulations, investigations, and compliance
  7. Operations Security
  8. Physical and Environmental Security
  9. Security Architecture and Design
  10. Telecommunications and Network Security

Over the course of the next 10 weeks or so, I’ll take a look at each one of the domains; give you some insight into what (ISC)² is looking for in that area; give you some supplemental reading material; and by the time we’re done, you should have a good grasp of the information you need to pass the CISSP exam as well as to succeed in your security professional career.

I will say this, one of the ways that you can ensure your preparation for the CISSP exam is by taking the Infosec’s award-winning CISSP course. Fill out the short form above for pricing information and details regarding our various training options (self paced, online mentored & instructor lead). As far as reading material is concerned, everyone should have their own personal copy of the CISSP CBK 2nd Edition from (ISC)²and for CISSP training.

Posted: February 19, 2018
Articles Author
Kenneth Magee
View Profile

J Kenneth (Ken) Magee is president and owner of Data Security Consultation and Training, LLC, which specializes in data security auditing and information security training. He has over 40 years of IT experience in both private industry and the public sector with the last 21 devoted to IT security and Risk Management.

Ken holds degrees from Robert Morris University and Fairleigh Dickinson University. He holds 30 certifications including: CTT+, CEH, CPT, SSCP, CISSP-ISSMP, CAP, CISA, CISM, ISO 27001 PA, GIAC-GWAPT/GSEC/GSNA, CIA-CGAP, Security+, and CDP. He is a Senior Instructor with the InfoSec Institute.

Notice: Undefined index: visitor_id12882 in /www/resourcesinfosecinstitute_601/public/wp-content/plugins/infosec-user-info/infosec-user-info.php on line 117