EDUCBA

EDUCBA

MENUMENU
  • Free Tutorials
  • Free Courses
  • Certification Courses
  • 100+ Courses All in One Bundle
  • Login
Home Project Management Blog Project Management Basics CISSP Study Guide
Secondary Sidebar
Project Management Blog
  • Project Manangement Certifications
    • ITIL Overview
    • Prince2 Process
    • ITIL vs ITSM
    • Primavera Certification
    • What is Prince2 Certification
    • CISSP Certification
    • Prince2 Study Guide
    • CISSP Study Guide
    • CASP vs CISSP
    • ITIL Service Operation
    • ITIL Service Strategy
    • ITIL Exam
    • ITIL Managed Services
    • ITIL Jobs
    • PMI ACP exam
    • Six Sigma Certification Cost
    • Project Manager Responsibilities
    • Prince2 in project management
    • Six Sigma Model
    • Microsoft Project for Students
    • Six Sigma Principles
    • CAPM Exam Preparation
    • MPM vs CPM
    • Microsoft Project Certification
    • CAPM vs PMP Exams
    • Learned New From Lean Six Sigma
    • PMP Certification
    • PMI Certification
    • Lean Six Sigma Black Belt
    • CRM vs PM Software
    • Professional Master Project Manager
    • PRINCE2 vs PMP Certification
    • All About PMITS (Exam)
    • ITIL VS PMP
    • Six Sigma Green Belt Certification
    • PMP vs Agile
  • Agile Project Management (87+)
  • Project Management Basics (124+)
  • Project Management Career (21+)
  • Project Management Tools (27+)
  • Project Planning (20+)
Project Management Blog Courses
  • Project Management Training Certification
  • PMP Training
  • Agile Scrum Training

CISSP Study Guide

By Lovy ChaudharyLovy Chaudhary

cissp guide

Introduction to CISSP Study Guide

The following article provides an outline for CISSP Study Guide. Certified information systems security professional, in short, it is known as CISSP; CISSP is a certification for security services. CISSP is famous among individuals who want to pursue a management role in the information security field. This certification was developed by the international information systems security certificate consortium, which in short is known as (ISC)2. This certificate is a pathway for professionals and managers who want to enter the security leadership career; this is well received for eligibility by companies and organizations in the IT sector.

CISSP certification can get you into the role of chief security officer (CSO), Chief Information security officer (CISO), chief technical officer (CTO). The CISSP certification is a prime requirement for several positions in the private and government sector. The CISSP exam requirements are extensive, requiring a good amount of IT security and risk management knowledge. After passing the CISSP exam, it can be confirmed that the individual possesses good knowledge of IT security, which can be counted as an asset for the individual in management and leadership positions.

Start Your Free Project Management Course

Project scheduling and management, project management software & others

Important Domains for CISSP Exam

The CISSP exam covers a broad range of information from security subjects.

All in One Project Management Bundle(100+ Courses)
PMI SPQuality ManagementLean ManagementPrimavera
Six SigmaPMP CertificationAgile ScrumPMI RMP
Price
View Courses
100+ Online Courses | 400+ Hours | Verifiable Certificates | Lifetime Access
4.6 (64,592 ratings)

These are divided into ten different domains, and each of these is broken to exam objectives; before taking the exam, you must be proficient in each domain:

  • Access control systems and methodology
  • Telecommunications and network security
  • Security management practices
  • Application and systems development security
  • Cryptography
  • Security architecture and models
  • Operations security
  • Business continuity planning and disaster recovery planning
  • Law, investigation, and ethics
  • Physical security

1. Access control systems and methodology

Access control systems and methodology under this the topics will be:

You should define common access control techniques in detail with:

  • Discretionary access control
  • Mandatory access control
  • Lattice-based access control
  • Rule-based access control
  • Role-based access control
  • The use of access control lists
  • Details of access control administration.
  • Explanation of access control models:
  • Biba
  • Information flow model
  • Non-inference model
  • Clark and Wilson
  • State machine model
  • Access matrix model

Its explanation of identification and authentication techniques, centralized/ decentralized control describes common attack methods and explains intrusion detection.

2. Network and telecommunications

The identification of key areas of telecommunication and network security.

International standards of organization/ open systems (ISO/OSI) interconnection layers and characteristics which includes:

  • Physical layer
  • Application layer
  • Transport layer
  • Datalink layer
  • Session layer
  • Network layer
  • Presentation layer

The knowledge from the design and function of communications and network security with the following topics:

  • Physical media characteristics which are twisted pair, fiber optics, coaxial.
  • Wide area networks (WAN’s).
  • Local area networks (LAN’s).
  • The secure remote procedure call.
  • Network topologies are star bus and ring topology.
  • IPSec authentication and confidentially.
  • Network monitor and packet sniffers.
  • TCP/IP characteristics and confidentiality.
  • Remote access/telecommuting techniques.
  • Remote access Dial-in user system/terminal access control.
  • Access system Radius and Tacacs.

Also describe the protocols, components, and services which are involved in internet or intranet or extranet design which are:

  • Proxies
  • Firewalls
  • Switches
  • Gateways
  • Services- SDLC, ISDN, HDLC, frame relay, x.25
  • Routers
  • Protocols –TCP/IP, IPSec, SKIP, SWIPE, SSL, S/MIME, SSL, SET, PEM, CHAP, PAP, PPP, SLIP

The knowledge about detecting, preventing, correcting errors techniques in the communication security system are asked so this can maintain the integrity, availability, and confidentiality of transactions over networks may be maintained it can be done through:

  • Tunneling
  • Ash tools
  • Network monitors and packet sniffers
  • Virtual private network
  • Network address translation
  • Transparency
  • Re-transmission controls
  • Record sequence checking
  • Transmission logging
  • Transmission error correction

Knowledge regarding areas of communication and methods of securing these cover the following points deeply:

  • Secure voice communication
  • Email security
  • Facsimile
  • Security boundaries and their translation
  • Forms of network attack knowledge- ARP, Brute force, Worms, flooding, eavesdropping, sniffers, spamming, PBX fraud and abuse

3. Security management and practices

  • The understanding of principles of security management and management responsibility in the information security environment.
  • Understanding of risk management and its solutions.
  • Detailed understanding of classifying data and determination of policies and practices to enhance information security.
  • Change control is used to maintain security and awareness with training regarding security.

4. Applications and systems development

Explore issues of data and demonstrate the understanding of:

  • Database and warehouse issues.
  • Web services, storage and storage systems.
  • Knowledge-based systems and challenges of distributed and non-distributed environments.
  • Study System development control and define malicious code.
  • Make use of coding practices that reduce system vulnerability.

5. Cryptography

  • You should study the detailed use of cryptography, including confidentiality, integrity, authentication, and non-repudiation.
  • PKI management and detailed common methods of attacking encryption with basic and specific attacks.

6. Security and architecture models

Under this, you must understand the security system for public and government models differently.

  • Study models- bell- LaPadula, Biba, Clark-Wilson, access control lists.
  • Understanding of TCSEC, ITSEC, common criteria, IPSec.

7. Operations security

Under this identification of key roles of operations security lies.

  • You should read the identity of protected, restricted, control and OPSEC process.
  • Define threats and countermeasures, explanation about audit logs, intrusion detection, and penetration testing techniques.
  • Antivirus controls and secure emails, data backup understanding.

8. Business continuity and disaster recovery

  • Under this section, you must study the difference between disaster recovery planning and business continuity planning.
  • This can be done by documenting the natural and man-made events that need to be considered in making disaster recovery and business continuity plans.

9. Law, investigation, and ethics

  • This should explain abut fundamentals of the law of computer crime which is proven in court. And discuss computer ethics.

10. Physical security

  • Understanding the most common vulnerabilities and their effects on asset classes. Understanding of theft principles for information and assets.
  • Knowledge of designing, constructing, and maintaining a secure site and removable electronic media.

Tips on Taking the Exam

  • Individuals must read all the topics before the exam.
  • Step by step, complete the question and exercise of each topic.
  • Access your knowledge by practicing; this can help you with which topic you need more focus on.

References of CISSP Study Guide

  • Harris, S: CISSP exam guide, 2016.
  • Gordan, A: official ISC2 guide to CISSP CBK, 2015.
  • ISC2 II, ISC2 III, ISC2 IV: CISSP detailed content outline, 2017.
  • IT governance ltd, what is CISSP, 2016.

Recommended Articles

This has been a guide to the CISSP Study Guide. Here we discuss important domains for the CISSP study guide and also some useful tips on taking exams. You may also look at the following articles to learn more –

  1. Careers in Cyber Security
  2. Security Consultant Definition
  3. CISM vs CISSP
  4. Information Security Career Path
Popular Course in this category
All in One Project Management Bundle (100+ Courses)
  100+ Online Courses |  400+ Hours |  Verifiable Certificates |  Lifetime Access
4.6
Price

View Course

Related Courses

Project Management Training Program (31 Courses)4.9
PMP Training (13 Courses)4.8
Agile Scrum Training (7 Courses)4.7
1 Shares
Share
Tweet
Share
Primary Sidebar
Footer
About Us
  • Blog
  • Who is EDUCBA?
  • Sign Up
  • Live Classes
  • Corporate Training
  • Certificate from Top Institutions
  • Contact Us
  • Verifiable Certificate
  • Reviews
  • Terms and Conditions
  • Privacy Policy
Apps
  • iPhone & iPad
  • Android
Resources
  • Project Management Tools
  • Project Management Career
  • All Tutorials
Certification Courses
  • All Courses
  • Project Management Course - All in One Bundle
  • Become a Project Manager
  • Become a Project Planning Engineer
  • Become a Quality Control Manager
  • Become a Primavera Project Planner
  • Become a Lean Consultant
  • Become a Software Estimation Engineer

ISO 10004:2018 & ISO 9001:2015 Certified

© 2022 - EDUCBA. ALL RIGHTS RESERVED. THE CERTIFICATION NAMES ARE THE TRADEMARKS OF THEIR RESPECTIVE OWNERS.

EDUCBA
Free Project Management Course

Project scheduling and management, project management software & others

*Please provide your correct email id. Login details for this Free course will be emailed to you

By signing up, you agree to our Terms of Use and Privacy Policy.

EDUCBA Login

Forgot Password?

By signing up, you agree to our Terms of Use and Privacy Policy.

EDUCBA
Free Project Management Course

Project scheduling and management, project management software & others

*Please provide your correct email id. Login details for this Free course will be emailed to you

By signing up, you agree to our Terms of Use and Privacy Policy.

EDUCBA

*Please provide your correct email id. Login details for this Free course will be emailed to you

By signing up, you agree to our Terms of Use and Privacy Policy.

Let’s Get Started

By signing up, you agree to our Terms of Use and Privacy Policy.

This website or its third-party tools use cookies, which are necessary to its functioning and required to achieve the purposes illustrated in the cookie policy. By closing this banner, scrolling this page, clicking a link or continuing to browse otherwise, you agree to our Privacy Policy

Loading . . .
Quiz
Question:

Answer:

Quiz Result
Total QuestionsCorrect AnswersWrong AnswersPercentage

Explore 1000+ varieties of Mock tests View more