CISSP

Or log in to access your purchased courses

With this course you prepare to take the Certified Information Systems Security Professional (CISSP) exam requires a great deal of time and effort.

Domains

1. Security and Risk Management
2. Asset Security
3. Security Architecture and Engineering
4. Communication and Network Security
5. Identity and Access Management (IAM)
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security

Avatar
Course By

Joseph McCray

Lessons

Domain 1. Security and Risk Management

Author: Joseph McCray

Understand and Apply Concepts of Confidentiality, Integrity, and Availability (CIA) The security model that helps organizations stay focused on the critical aspects of maintaining a secure environment is known as the CIA triad. Principle Definition Confidentiality Information viewed, accessed, or used by the owner or authorized persons only is also known as Confidential Information. A [...]

Domain 2. Asset Security

Author: Joseph McCray

Introduction It is common to relate the word asset to physical elements (e.g., computers, office supplies, monitors, electrical equipment, etc.). However, with regards to the CISSP exam, information and data are also assets, due to the importance it has to the business. This fact is evident by just measuring how much an organization spends to [...]

Domain 3. Security Architecture and Engineering

Author: Joseph McCray

Security Architecture and Engineering This domain is the technical section of the CISSP examination, and it describes the aspects of security engineering. This domain is easier to understand by individuals who possess prior experience in more technical aspects of Information Technology or Cybersecurity. Those who do not possess prior experience should review this domain more [...]

Domain 4. Communication and Network Security

Author: Joseph McCray

Introduction The networking section can be one of the most challenging of the CISSP exam. However, if one has past networking operations experience, this section is easy to understand, allowing more focus on theories that may not be as well known. Learning Objectives Learn Secure network components. Identify the most critical network protocols. Implement secure [...]

Domain 5. Identity and Access Management (IAM)

Author: Joseph McCray

Infosec Addicts Identity and Access Management (IAM)
Introduction IAM is an essential aspect of security. This section covers technologies and concepts associated with authentication and authorization, for example, usernames, passwords, and directories. Some traditional access control methods do not depend on asset type. Methods include authenticating users by validating they are who they say they are, and identifying users by what actions [...]

Domain 6. Security Assessment and Testing

Author: Joseph McCray

Introduction An organization’s assessment, testing and audit strategies will depend on its size, industry, financial status, and other factors. For example, a small non-profit, a small private company and a small public company will all have different requirements and goals. Like any procedure or policy, the audit strategy should be evaluated and tested regularly to [...]

Domain 7. Security Operations

Author: Joseph McCray

Infosec Addicts Security Operations
Introduction This domain is centered on the day-to-day tasks of securing your environment. If you are in a position outside of operations (such as in engineering or architecture), you should spend more time in this section to get acquainted with the information. You will notice more hands-on sections in this domain, mainly focused on how [...]

Domain 8. Software Development Security

Author: Joseph McCray

Infosec Addicts Software Development Security
Introduction This domain centers on managing the risk and security of software development. Security should be a locus of the development lifecycle and not an add-on or reconsideration to the process. The development methodology and lifecycle can have a significant effect on how security is conceived of and executed in your organization. The technique also [...]