Or log in to access your purchased courses

With this course you prepare to take the Certified Information Systems Security Professional (CISSP) exam requires a great deal of time and effort.


1. Security and Risk Management
2. Asset Security
3. Security Architecture and Engineering
4. Communication and Network Security
5. Identity and Access Management (IAM)
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security

Course By

Joseph McCray


Domain 1. Security and Risk Management

Author: Joseph McCray

Understand and apply concepts of confidentiality, integrity and availability Confidentiality, integrity, and availability make up what is known as the CIA triad. The CIA triad is defined as a security model that helps organizations stay focused on the critical aspects of maintaining a secure environment. Principle definition Confidentiality Confidential information refers to data that should [...]

Domain 2. Asset Security

Author: Joseph McCray

Introduction In general, when talking about assets, it is common to relate them only to physical elements, such as computers, office supplies, electrical equipment, and others. Assets security for the CISSP exam is related with the conception of what assets is mostly associated with information, due to the importance it has on the business. Food [...]

Domain 3. Security Architecture and Engineering

Author: Joseph McCray

Security Architecture and Engineering This domain is the technical section; it describes the aspects of security engineering. If you have prior experience in more technical aspects then this domain will be a prototype for you. If that's not the case then take extra time to understand this domain. The aspects described will be foundational, so [...]

Domain 4. Communication and Network Security

Author: Joseph McCray

Introduction Operating with networks can be one of the most challenging issues of the CISSP exam. If you know networks, this exercise will be elementary for you and you can go deeper into some theories that you may not know well. Learning Objectives Learn Secure network components Identify the most critical network protocols. Implement secure [...]

Domain 5. Identity and Access Management (IAM)

Author: Joseph McCray

Infosec Addicts Identity and Access Management (IAM)
Introduction There are some traditional methods for controlling access without regard for the asset type. For instance, to authenticate users through validation that they are whom they say they are. A different way to authorize the users is to identify whether they are authorized to perform the required action for the appropriate asset (such as [...]

Domain 6. Security Assessment and Testing

Author: Joseph McCray

Introduction An organization’s assessment, testing and audit strategies will depend on its size, industry, financial status, and other factors. For example, a small non-profit, a small private company and a small public company will all have different requirements and goals. Like any procedure or policy, the audit strategy should be evaluated and tested regularly to [...]

Domain 7. Security Operations

Author: Joseph McCray

Infosec Addicts Security Operations
Introduction This domain is centered on the day-to-day tasks of securing your environment. If you are in a position outside of operations (such as in engineering or architecture), you should spend more time in this section to get acquainted with the information. You will notice more hands-on sections in this domain, mainly focused on how [...]

Domain 8. Software Development Security

Author: Joseph McCray

Infosec Addicts Software Development Security
Introduction This domain centers on managing the risk and security of software development. Security should be a locus of the development lifecycle and not an add-on or reconsideration to the process. The development methodology and lifecycle can have a significant effect on how security is conceived of and executed in your organization. The technique also [...]